Merge branch 'support/3.0' into feature/faf_sqlite

.doc/itop-version-history.md

@@ -1,67 +0,0 @@
-# iTop version history
-
-```mermaid
-%%{init: { 'logLevel': 'debug', 'theme': 'base', 'gitGraph': {'showBranches': true,'mainBranchName': 'develop','rotateCommitLabel': true}} }%%
-gitGraph
-    commit id: "2016-07-06" tag: "2.3.0" type: HIGHLIGHT
-    branch support/2.3 order: 900
-    commit id: "2016-07-08" tag: "2.3.1"
-    commit id: "2016-12-22" tag: "2.3.3"
-    commit id: "2017-04-14" tag: "2.3.4"
-    checkout develop
-    commit id: "2017-07-12" tag: "2.4.0-beta" type: REVERSE
-    commit id: "2017-11-16" tag: "2.4.0" type: HIGHLIGHT
-    branch support/2.4 order: 890
-    commit id: "2018-02-14" tag: "2.4.1"
-    checkout develop
-    commit id: "2018-04-25" tag: "2.5.0-beta" type: REVERSE
-    checkout support/2.4
-    commit id: "2018-06-14" tag: "2.4.2"
-    checkout develop
-    commit id: "2018-06-27" tag: "2.5.0" type: HIGHLIGHT
-    branch support/2.5 order: 880
-    checkout develop
-    commit id: "2019-01-09" tag: "2.6.0" type: HIGHLIGHT
-    branch support/2.6 order: 870
-    commit id: "2019-03-28" tag: "2.6.1"
-    checkout develop
-    commit id: "2019-12-18" tag: "2.7.0-beta" type: REVERSE
-    checkout support/2.5
-    commit id: "2020-01-22" tag: "2.5.4"
-    checkout support/2.6
-    commit id: "2020-01-23" tag: "2.6.3"
-    checkout develop
-    commit id: "2020-01-29" tag: "2.7.0-beta2" type: REVERSE
-    commit id: "2020-04-01" tag: "2.7.0-1" type: HIGHLIGHT
-    checkout support/2.6
-    commit id: "2020-04-22" tag: "2.6.4"
-    checkout develop
-    branch support/2.7 order: 860
-    commit id: "2020-06-26" tag: "2.7.1"
-    checkout support/2.7
-    commit id: "2020-12-09" tag: "2.7.3"
-    commit id: "2021-03-31" tag: "2.7.4"
-    checkout develop
-    commit id: "2021-04-06" tag: "3.0.0-beta" type: REVERSE
-    checkout support/2.7
-    commit id: "2021-07-05" tag: "2.7.5"
-    checkout develop
-    commit id: "2021-07-05." tag: "3.0.0-beta2" type: REVERSE
-    checkout support/2.7
-    commit id: "2021-12-17" tag: "2.7.6"
-    checkout develop
-    commit id: "2022-01-04" tag: "3.0.0" type: HIGHLIGHT
-    branch support/3.0 order: 850
-    commit id: "2022-04-08" tag: "3.0.1"
-    checkout support/2.7
-    commit id: "2022-07-11" tag: "2.7.7"
-    checkout support/3.0
-    commit id: "2022-09-12" tag: "3.0.2-1"
-    checkout develop
-    checkout support/2.7
-    commit id: "2022-12-28" tag: "2.7.8"
-    checkout support/3.0
-    commit id: "2023-04-12" tag: "3.0.3"
-```
-
-To learn more, check the [iTop community versions history on the official wiki](https://www.itophub.io/wiki/page?id=latest:release:start).

.gitattributes

@@ -1,48 +0,0 @@
-# Set the default behavior, in case people don't have core.autocrlf set.
-* text=auto
-
-# Explicitly declare text files you want to always be normalized and converted
-# to native line endings on checkout.
-*.bash text eol=lf
-*.bat text eol=lf
-*.cmd text eol=lf
-*.css text eol=lf
-*.scss text eol=lf
-*.dist text eol=lf
-.editorconfig text eol=lf
-.env* text eol=lf
-.gitignore text eol=lf
-.htaccess text eol=lf
-*.htm text eol=lf
-*.html text eol=lf
-*.ini text eol=lf
-*.js text eol=lf
-*.json text eol=lf
-*.lock text eol=lf
-*.md text eol=lf
-*.php text eol=lf
-*.php_cs text eol=lf
-*.php8 text eol=lf
-*.plex text eol=lf
-*.sh text eol=lf
-*.svg text eol=lf
-*.ts text eol=lf
-*.twig text eol=lf
-*.txt text eol=lf
-*.xml text eol=lf
-*.xsd text eol=lf
-*.yaml text eol=lf
-*.yml text eol=lf
-
-# Denote all files that are truly binary and should not be modified.
-*.png binary
-*.jpeg binary
-*.jpg binary
-*.gif binary
-*.ico binary
-*.pdf binary
-*.swf binary
-*.zip binary
-*.ttf binary
-*.woff binary
-*.woff2 binary

.gitignore

@@ -19,7 +19,7 @@
 
 # composer reserver directory, from sources, populate/update using "composer install"
 vendor/*
-tests/*/vendor/*
+test/vendor/*
 
 # all conf but listing prevention
 /conf/**
@@ -45,13 +45,9 @@ tests/*/vendor/*
 !/log/index.php
 !/log/web.config
 
-# PHPUnit cache file
-/tests/php-unit-tests/.phpunit.result.cache
-
 
 # Jetbrains
 /.idea/**
-!/.idea/IntelliLang.xml
 
 # doc. generation
 /.doc/vendor
@@ -146,10 +142,3 @@ local.properties
 .cache-main
 .scala_dependencies
 .worksheet
-
-# Mac
-.DS_Store
-
-# Windows
-Thumbs.db
-

.idea/IntelliLang.xml

@@ -1,15 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="LanguageInjectionConfiguration">
-    <injection language="InjectablePHP" injector-id="xml">
-      <display-name>iTop - Class method code</display-name>
-      <place><![CDATA[xmlTag().withLocalName(string().equalTo("code"))]]></place>
-      <xpath-condition>name(..) = 'method' and count(/itop_design) = 1</xpath-condition>
-    </injection>
-    <injection language="InjectablePHP" injector-id="xml">
-      <display-name>iTop - Snippet code</display-name>
-      <place><![CDATA[xmlTag().withLocalName(string().equalTo("snippet"))]]></place>
-      <xpath-condition>name(..) = 'snippets' and count(/itop_design) = 1</xpath-condition>
-    </injection>
-  </component>
-</project>

.make/build/commands/setupCssCompiler.php

@@ -1,7 +1,7 @@
 <?php
 
 /**
- * Copyright (C) 2010-2023 Combodo SARL
+ * Copyright (C) 2010-2021 Combodo SARL
  *
  *   This file is part of iTop.
  *

.make/composer/listOutdated.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2010-2023 Combodo SARL
+ * Copyright (C) 2010-2021 Combodo SARL
  *
  *   This file is part of iTop.
  *
@@ -19,23 +19,16 @@
  *
  */
 
-/**
- * Alias for `composer show -loD`
- * You can also use `composer outdated -D`
- *
- * @link https://getcomposer.org/doc/03-cli.md#show
- */
+$iTopFolder = __DIR__ . "/../../" ;
 
-$iTopFolder = __DIR__."/../../";
-
-require_once("$iTopFolder/approot.inc.php");
+require_once ("$iTopFolder/approot.inc.php");
 $sApproot = APPROOT;
 $aTrace = array();
 
 $aParamsConfig = array(
 	'composer-path' => array(
-		'default' => 'composer',
-	),
+		'default' => 'composer.phar',
+	)
 );
 $aParamsConfigNotFound = array_flip(array_keys($aParamsConfig));
 $aGivenArgs = $argv;

.make/composer/rmDeniedTestDir.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2010-2023 Combodo SARL
+ * Copyright (C) 2010-2021 Combodo SARL
  *
  *   This file is part of iTop.
  *
@@ -50,24 +50,14 @@ foreach ($aDeniedButStillPresent as $sDir)
 		continue;
 	}
 
-	try {
+	try
+	{
 		SetupUtils::rrmdir($sDir);
 		echo "OK Remove denied test dir: '$sDir'\n";
 	}
-	catch (\Exception $e) {
+	catch (\Exception $e)
+	{
 		echo "\nFAILED to remove denied test dir: '$sDir'\n";
 	}
-}
 
-
-$aAllowedAndDeniedDirs = array_merge(
-	$oiTopComposer->ListAllowedTestDir(),
-	$oiTopComposer->ListDeniedTestDir()
-);
-$aExistingDirs = $oiTopComposer->ListAllTestDir();
-$aMissing = array_diff($aExistingDirs, $aAllowedAndDeniedDirs);
-if (false === empty($aMissing)) {
-	echo "Some new tests dirs exists !\n"
-		.'  They must be declared either in the allowed or denied list in '.iTopComposer::class." (see N°2651).\n"
-		.'  List of dirs:'."\n".var_export($aMissing, true);
 }

.make/license/updateLicenses.php

@@ -19,24 +19,17 @@
  * The target license file path is in `$xmlFilePath`
  */
 
-$iTopFolder = __DIR__."/../../";
-$xmlFilePath = $iTopFolder."setup/licenses/community-licenses.xml";
+$iTopFolder = __DIR__ . "/../../" ;
+$xmlFilePath = $iTopFolder . "setup/licenses/community-licenses.xml";
 
-$jqExec = shell_exec("jq -V"); // a param is mandatory otherwise the script will freeze
-if ((null === $jqExec) || (false === $jqExec)) {
-	echo "/!\ JQ is required but cannot be launched :( \n";
-	echo "Check this script PHPDoc block for instructions\n";
-	die(-1);
-}
-
-
-function get_scope($product_node) {
+function get_scope($product_node)
+{
 	$scope = $product_node->getAttribute("scope");
 
-	if ($scope === "") {   //put iTop first
+	if ($scope === "")
+	{   //put iTop first
 		return "aaaaaaaaa";
 	}
-
 	return $scope;
 }
 

.make/release/update-xml.php

@@ -6,19 +6,11 @@
  * Will update version in the following files :
  *
  * datamodels/2.x/.../datamodel.*.xml
- * application/*.xml
- * core/*.xml
  *
  * Usage :
  * `php .make\release\update-xml.php "1.7"`
- * `php .make\release\update-xml.php`
  *
- * If no parameter provided then the current XML version will be used as target version
- *
- * @since 2.7.0 simple version change using regexp (not doing conversion)
- * @since 3.1.0 N°5405 now does a real conversion
- * @since 3.1.0 N°5633 allow to use without parameter
- * @since 3.1.0 N°5633 add /application and /core XML files
+ * @since 2.7.0
  ******************************************************************************/
 
 
@@ -30,12 +22,10 @@ require_once (__DIR__.DIRECTORY_SEPARATOR.'update.classes.inc.php');
 
 if (count($argv) === 1)
 {
-	echo '/!\ No version passed: assuming target XML version is current XML version ('.ITOP_DESIGN_LATEST_VERSION.")\n";
-	$sVersionLabel = ITOP_DESIGN_LATEST_VERSION;
-} else {
-	$sVersionLabel = $argv[1];
+	echo '/!\ You must pass the new version as parameter';
+	exit(1);
 }
-
+$sVersionLabel = $argv[1];
 if (empty($sVersionLabel))
 {
 	echo 'Version passed as parameter is empty !';

.make/release/update.classes.inc.php

@@ -125,31 +125,16 @@ class iTopVersionFileUpdater extends AbstractSingleFileVersionUpdater
 
 abstract class AbstractGlobFileVersionUpdater extends FileVersionUpdater
 {
-	/** @var array|string glob patterns to seek for files to modify */
-	protected $globPattern;
+	protected $sGlobPattern;
 
-	public function __construct($globPattern)
+	public function __construct($sGlobPattern)
 	{
-		$this->globPattern = $globPattern;
+		$this->sGlobPattern = $sGlobPattern;
 	}
 
 	public function GetFiles()
 	{
-		$aGlobPatterns = (is_array($this->globPattern))
-			? $this->globPattern
-			: [$this->globPattern];
-
-		$aFiles = [];
-		foreach ($aGlobPatterns as $sGlobPattern) {
-			$result = glob($sGlobPattern);
-			if (false === $result) {
-				continue;
-			}
-			/** @noinspection SlowArrayOperationsInLoopInspection */
-			$aFiles = array_merge($aFiles, $result);
-		}
-
-		return $aFiles;
+		return glob($this->sGlobPattern);
 	}
 }
 
@@ -181,11 +166,7 @@ class DatamodelsXmlFiles extends AbstractGlobFileVersionUpdater
 {
 	public function __construct()
 	{
-		parent::__construct([
-			APPROOT.'datamodels/2.x/*/datamodel.*.xml',
-			APPROOT.'application/*.xml',
-			APPROOT.'core/*.xml',
-		]);
+		parent::__construct(APPROOT.'datamodels/2.x/*/datamodel.*.xml');
 	}
 
 	/**
@@ -193,40 +174,10 @@ class DatamodelsXmlFiles extends AbstractGlobFileVersionUpdater
 	 */
 	public function UpdateFileContent($sVersionLabel, $sFileContent, $sFileFullPath)
 	{
-		require_once APPROOT.'setup/itopdesignformat.class.inc.php';
-		$oFileXml = new DOMDocument();
-		/** @noinspection PhpComposerExtensionStubsInspection */
-		libxml_clear_errors();
-		$oFileXml->formatOutput = true;
-		$oFileXml->preserveWhiteSpace = false;
-		$oFileXml->loadXML($sFileContent);
-
-		$oFileItopFormat = new iTopDesignFormat($oFileXml);
-
-		$sDesignVersionToSet = static::GetDesignVersionToSet($oFileItopFormat->GetVersion());
-		if (false === is_null($sDesignVersionToSet)) {
-			// N°5779 if same as target version, we will try to convert from version below
-			$oFileItopFormat->GetITopDesignNode()->setAttribute('version', $sDesignVersionToSet);
-		}
-
-		$bConversionResult = $oFileItopFormat->Convert($sVersionLabel);
-
-		if (false === $bConversionResult) {
-			throw new Exception("Error when converting $sFileFullPath");
-		}
-
-		return $oFileItopFormat->GetXmlAsString();
-	}
-
-	/**
-	 * @return ?string version to use : if file version is same as current version then return previous version, else return null
-	 * @since 3.1.0 N°5779
-	 */
-	protected static function GetDesignVersionToSet($sFileDesignVersion):?string {
-		if ($sFileDesignVersion !== ITOP_DESIGN_LATEST_VERSION) {
-			return null;
-		}
-
-		return iTopDesignFormat::GetPreviousDesignVersion(ITOP_DESIGN_LATEST_VERSION);
+		return preg_replace(
+			'/(<itop_design .* version=")[^"]+(">)/',
+			'${1}'.$sVersionLabel.'${2}',
+			$sFileContent
+		);
 	}
 }

CONTRIBUTING.md

@@ -27,14 +27,11 @@ If you have an idea you're sure would benefit to all of iTop users, you may
 [create a corresponding ticket](https://sourceforge.net/p/itop/tickets/new/) to submit it, but be warned that there are lots of good 
 reasons to refuse such changes.
 
-### 📄 License and copyright
-iTop is distributed under the AGPL-3.0 license (see the [license.txt] file).
+### 📄 License
+iTop is distributed under the AGPL-3.0 license (see the [license.txt] file),
+your code must comply with this license.
 
-The iTop repository is divided in three parts: iTop (mainly PHP/JS/XML sources and dictionaries), images, and third-party libraries.
-Combodo has the copyright on most of the source files in the iTop part of the repository: please do not modify the existing file copyrights.  
-Anyhow, you are encouraged to signal your contribution by the mean of `@author` annotations.
-
-If you want to use another license or keep the code ownership (copyright), you may [create an extension][wiki new ext].
+If you want to use another license, you may [create an extension][wiki new ext].
 
 [license.txt]: https://github.com/Combodo/iTop/blob/develop/license.txt
 [wiki new ext]: https://www.itophub.io/wiki/page?id=latest%3Acustomization%3Astart#by_writing_your_own_extension
@@ -55,26 +52,26 @@ Here are the branches we use and their meaning :
 
 For example, if no version is currently prepared for shipping we could have:
 
-- `develop` containing future 3.1.0 version
-- `support/3.0`: 3.0.x maintenance version
+- `develop` containing future 3.0.0 version
 - `support/2.7`: 2.7.x maintenance version
 - `support/2.6`: 2.6.x maintenance version
+- `support/2.5`: 2.5.x maintenance version
 
-In this example, when 3.1.0-beta is shipped that will become:
+In this example, when 3.0.0-beta is shipped that will become:
 
-- `develop`: future 3.2.0 version
-- `release/3.1.0`: 3.1.0-beta
-- `support/3.0`: 3.0.x maintenance version
+- `develop`: future 3.1.0 version
+- `release/3.0.0`: 3.0.0-beta
 - `support/2.7`: 2.7.x maintenance version
 - `support/2.6`: 2.6.x maintenance version
+- `support/2.5`: 2.5.x maintenance version
 
-And when 3.1.0 final will be out:
+And when 3.0.0 final will be out:
 
-- `develop`: future 3.2.0 version
-- `support/3.1`: 3.1.x maintenance version (will host developments for 3.1.1)
-- `support/3.0`: 3.0.x maintenance version
+- `develop`: future 3.1.0 version
+- `support/3.0`: 3.0.x maintenance version (will host developments for 3.0.1)
 - `support/2.7`: 2.7.x maintenance version
 - `support/2.6`: 2.6.x maintenance version
+- `support/2.5`: 2.5.x maintenance version
 
 Also note that we have a "micro-version" concept : each of those versions have a very small amount of modifications. They are made from
  `support/*` branches as well. For example 2.6.2-1 and 2.6.2-2 were made from the `support/2.6.2` branch. 
@@ -114,9 +111,9 @@ Our tests are located in the `test/` directory, containing a PHPUnit config file
 * Use the present tense ("Add feature" not "Added feature")
 * Use the imperative mood ("Move cursor to..." not "Moves cursor to...")
 * Limit the first line to 72 characters or less
-* Please start the commit message with an applicable emoji code (following the [Gitmoji guide](https://gitmoji.dev/)).  
-  Beware to use the code (for example `:bug:`) and not the character (🐛) as Unicode support in git clients is very poor for now...  
-  Emoji examples :
+* Please start the commit message with an applicable emoji code (following the [Gitmoji guide](https://gitmoji.carloscuesta.me/)).  
+ Beware to use the code (for example `:bug:`) and not the character (🐛) as Unicode support in git clients is very poor for now...  
+ Emoji examples :
     * 🌐 `:globe_with_meridians:` for translations
     * 🎨 `:art:` when improving the format/structure of the code
     * ⚡️ `:zap:` when improving performance
@@ -134,20 +131,21 @@ Our tests are located in the `test/` directory, containing a PHPUnit config file
 
 When your code is working, please:
 
-* Squash as much as possible your commits,
-* Rebase your branch on our repo last commit,
-* Create a pull request. _Detailed procedure to work on fork and create PR is available [in GitHub help pages](https://help.github.com/articles/creating-a-pull-request-from-a-fork/)_.
-* Pull request description: mind to add all the information useful to understand why you're suggesting this modification and anything necessary to dive into your work. Especially:
-  - Bugfixes: exact steps to reproduce the bug (given/when/then), description of the bug cause and what solution is implemented 
-  - Enhancements: use cases, implementation details if needed
-* Mind to check the "[Allow edits from maintainers](https://docs.github.com/en/github-ae@latest/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork)" option !
+* stash as much as possible your commits,
+* rebase your branch on our repo last commit,
+* create a pull request.
 
+Detailed procedure to work on fork and create PR is available [in GitHub help pages](https://help.github.com/articles/creating-a-pull-request-from-a-fork/).
 
-## 🙏 We are thankful
+You might check the ["Allow edits from maintainers" PR checkbox][allow_edits_checkbox] to ease review.
 
-We are thankful for all your contributions to the iTop universe! As a thank you gift, we will send stickers to every iTop (& extensions) contributors!
+[allow_edits_checkbox]: https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork#enabling-repository-maintainer-permissions-on-existing-pull-requests
 
-We have one sticker per contribution type. You might get multiple stickers with one contribution though :)
+### 🙏 We are thankful
+
+We are thankful for all your contributions to the iTop universe! As a thank you gift, we will send stickers to every iTop (& extensions) contributors! 
+
+Stickers' design might change from one year to another. For the first year we wanted to try a "craft beer label" look, see examples below: 
 
 * Bug hunter: Fix a bug
 * Translator: Add/update translations
@@ -159,6 +157,4 @@ We have one sticker per contribution type. You might get multiple stickers with
 * Beta tester: Test and give feedback on beta releases
 * Extension developer: Develop and publish an extension
 
-Here is the design of each stickers for year 2022:
-
-![iTop stickers 2022](.doc/contributing-guide/2022.contributing-stickers-side-by-side.png)
+![](.doc/contributing-guide/contributing-stickers-side-by-side.png)

Jenkinsfile

@@ -1,14 +1,6 @@
 def infra
 
 node(){
-    properties([
-            buildDiscarder(
-                    logRotator(
-                            daysToKeepStr: "28",
-                            numToKeepStr: "500")
-            )
-    ])
-
   checkout scm
 
   infra = load '/var/lib/jenkins/workspace/itop-test-infra_master/src/Infra.groovy'

README.md

@@ -1,11 +1,13 @@
 <p align="center"><a href="https://www.combodo.com/itop-193" target="_blank">
-    <img src="https://www.combodo.com/logos/logo-itop-baseline.svg" width=350>
+    <img src="https://www.combodo.com/logos/logo-itop.svg">
 </a></p>
 
 
-iTop stands for IT Operations Portal. It is a complete open source and web-based IT service management platform, including a fully customizable CMDB, a helpdesk system, and a document management tool. It is ITIL compliant and easily customizable and extensible thanks to a high number of add-ons and web services to integrate with your IT.
-
-iTop also offers mass import tools to help you become even more efficient.
+# iTop - ITSM & CMDB
+ 
+iTop stands for *IT Operations Portal*.
+It is a complete open source, ITIL, web based service management tool including a fully customizable CMDB, a helpdesk system and a document management tool. 
+iTop also offers mass import tools and web services to integrate with your IT
 
 ## Features
 - Fully configurable [Configuration Management (CMDB)][10]
@@ -37,19 +39,17 @@ iTop also offers mass import tools to help you become even more efficient.
  - [iTop Forums][1]: community support
  - [iTop Tickets][2]: for feature requests and bug reports
  - [Releases download][3]
- - [iTop requirements][4]
+ - [Software requirements][4]
  - [Documentation][5] covering both iTop and its official extensions
  - [iTop Hub][6] : discover and install extensions !
- - [iTop versions history][7]
 
 
 [1]: https://sourceforge.net/p/itop/discussion/
 [2]: https://sourceforge.net/p/itop/tickets/
 [3]: https://sourceforge.net/projects/itop/files/itop/
-[4]: https://www.itophub.io/wiki/page?id=latest:install:requirements
+[4]: https://www.itophub.io/wiki/page?id=latest:install:upgrading_itop
 [5]: https://www.itophub.io/wiki
 [6]: https://store.itophub.io/en_US/
-[7]: .doc/itop-version-history.md
 
 [10]: https://www.itophub.io/wiki/page?id=latest%3Adatamodel%3Astart#configuration_management_cmdb
 [11]: https://www.itophub.io/wiki/page?id=latest%3Adatamodel%3Astart#ticketing
@@ -65,7 +65,7 @@ iTop also offers mass import tools to help you become even more efficient.
 
 ## About Us
 
-iTop development is sponsored, led, and supported by [Combodo][0].
+iTop development is sponsored, led and supported by [Combodo][0].
 
 [0]: https://www.combodo.com
 
@@ -78,19 +78,18 @@ We would like to give a special thank you 🤗 to the people from the community
 
 - Alves, David
 - Beck, Pedro
-- Beer, Christian (a.k.a [@ChristianBeer](https://www.github.com/ChristianBeer))
 - Bilger, Jean-François
-- Bostoen, Jeffrey (a.k.a [@jbostoen](https://www.github.com/jbostoen))
+- Bostoen, Jeffrey (a.k.a @jbostoen)
 - Cardoso, Anderson
 - Cassaro, Bruno
-- Casteleyn, Thomas (a.k.a [@Hipska](https://www.github.com/Hipska))
+- Casteleyn, Thomas (a.k.a @Hipska)
 - Castro, Randall Badilla
 - Colantoni, Maria Laura
 - Couronné, Guy
 - Dvořák, Lukáš
 - Goethals, Stefan
 - Gumble, David
-- Kaltefleiter, Lars (a.k.a [@larhip](https://www.github.com/larhip))
+- Kaltefleiter, Lars (a.k.a @larhip)
 - Khamit, Shamil
 - Kincel, Martin
 - Konečný, Kamil
@@ -99,15 +98,12 @@ We would like to give a special thank you 🤗 to the people from the community
 - Lazcano, Federico
 - Lucas, Jonathan
 - Malik, Remie
-- Mindêllo de Andrade, Lucas (a.k.a [@rokam](https://www.github.com/rokam))
-- Mozart de Oliveira, Eduardo (a.k.a [@eduardomozart](https://github.com/eduardomozart))
+- Mindêllo de Andrade, Lucas (a.k.a @rokam)
 - Raenker, Martin
-- Roháč, Richard (a.k.a [@RohacRichard](https://github.com/RohacRichard))
 - Rosenke, Stephan
-- Rudner, Björn (a.k.a [@rudnerbjoern](https://github.com/rudnerbjoern))
 - Seki, Shoji
 - Shilov, Vladimir
-- Stukalov, Ilya (a.k.a [@ilya](https://www.github.com/ilya)-stukalov)
+- Stukalov, Ilya (a.k.a @ilya-stukalov)
 - Tulio, Marco
 - Turrubiates, Miguel
 
@@ -118,7 +114,6 @@ We would like to give a special thank you 🤗 to the people from the community
 - DudekArtur
 - Karkoff1212
 - Laura
-- nv35
 - Purple Grape
 - Schlobinux
 - theBigOne

SECURITY.md

@@ -18,7 +18,8 @@ to [itop-security@combodo.com](mailto:itop-security@combodo.com).
 
 
 
-## 🔍 Combodo acknowledgment and investigation
+## 📆 Disclosure Policy
+
 Report sent to us will be acknowledged within the week.
 
 Then, a Combodo developer will be assigned to the reported issue and will:
@@ -33,12 +34,3 @@ Then, a Combodo developer will be assigned to the reported issue and will:
 Security issues always take precedence over bug fixes and feature work.
 
 The assignee will keep you informed of the resolution progress, and may ask you for additional information or guidance.
-
-
-## 📆 Disclosure Policy
-Once the fix is done and acknowledged by every stakeholder, it will be included in the next iTop version.  
-Mind we have at least 2 active branches (LTS and STS, see [iTop Community Releases [iTop Documentation]](https://www.itophub.io/wiki/page?id=latest:release:start)) 
-
-The release communications will include the information of the vulnerability fix.
-
-Corresponding GitHub advisories and CVE will be published 3 months after the iTop version release date so that iTop instances can be updated.  

addons/userrights/userrightsmatrix.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -19,7 +19,7 @@
 /**
  * UserRightsMatrix (User management Module)
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -121,6 +121,7 @@ class UserRightsMatrix extends UserRightsAddOnAPI
 	public function CreateAdministrator($sAdminUser, $sAdminPwd, $sLanguage = 'EN US')
 	{
 		// Maybe we should check that no other user with userid == 0 exists
+		CMDBObject::SetTrackInfo('Initialization');
 		$oUser = new UserLocal();
 		$oUser->Set('login', $sAdminUser);
 		$oUser->Set('password', $sAdminPwd);

addons/userrights/userrightsnull.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -20,7 +20,7 @@
  * UserRightsNull
  * User management Module - say Yeah! to everything
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

addons/userrights/userrightsprofile.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -10,7 +10,7 @@ define('PORTAL_PROFILE_NAME', 'Portal user');
 class UserRightsBaseClassGUI extends cmdbAbstractObject
 {
 	// Whenever something changes, reload the privileges
-
+	
 	protected function AfterInsert()
 	{
 		UserRights::FlushPrivileges();
@@ -34,15 +34,14 @@ class URP_Profiles extends UserRightsBaseClassGUI
 	{
 		$aParams = array
 		(
-			"category"                   => "addon/userrights,grant_by_profile,filter",
-			"key_type"                   => "autoincrement",
-			"name_attcode"               => "name",
-			"complementary_name_attcode" => array('description'),
-			"state_attcode"              => "",
-			"reconc_keys"                => array(),
-			"db_table"                   => "priv_urp_profiles",
-			"db_key_field"               => "id",
-			"db_finalclass_field"        => "",
+			"category" => "addon/userrights,grant_by_profile,filter",
+			"key_type" => "autoincrement",
+			"name_attcode" => "name",
+			"state_attcode" => "",
+			"reconc_keys" => array(),
+			"db_table" => "priv_urp_profiles",
+			"db_key_field" => "id",
+			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
@@ -60,7 +59,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 	}
 
 	protected static $m_aCacheProfiles = null;
-
+	
 	public static function DoCreateProfile($sName, $sDescription)
 	{
 		if (is_null(self::$m_aCacheProfiles))
@@ -72,7 +71,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			{
 				self::$m_aCacheProfiles[$oProfile->Get('name')] = $oProfile->GetKey();
 			}
-		}
+		}	
 
 		$sCacheKey = $sName;
 		if (isset(self::$m_aCacheProfiles[$sCacheKey]))
@@ -83,10 +82,10 @@ class URP_Profiles extends UserRightsBaseClassGUI
 		$oNewObj->Set('name', $sName);
 		$oNewObj->Set('description', $sDescription);
 		$iId = $oNewObj->DBInsertNoReload();
-		self::$m_aCacheProfiles[$sCacheKey] = $iId;
+		self::$m_aCacheProfiles[$sCacheKey] = $iId;	
 		return $iId;
 	}
-
+	
 	function GetGrantAsHtml($oUserRights, $sClass, $sAction)
 	{
 		$bGrant = $oUserRights->GetProfileActionGrant($this->GetKey(), $sClass, $sAction);
@@ -103,7 +102,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			return '<span style="background-color: #ffdddd;">'.Dict::S('UI:UserManagement:ActionAllowed:No').'</span>';
 		}
 	}
-
+	
 	function DoShowGrantSumary($oPage)
 	{
 		if ($this->GetRawName() == "Administrator")
@@ -115,7 +114,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 
 		// Note: for sure, we assume that the instance is derived from UserRightsProfile
 		$oUserRights = UserRights::GetModuleInstance();
-
+	
 		$aDisplayData = array();
 		foreach (MetaModel::GetClasses('bizmodel,grant_by_profile') as $sClass)
 		{
@@ -124,12 +123,12 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			{
 				$bGrant = $oUserRights->GetClassStimulusGrant($this->GetKey(), $sClass, $sStimulusCode);
 				if ($bGrant === true)
-				{
-					$aStimuli[] = '<span title="'.$sStimulusCode.': '.utils::EscapeHtml($oStimulus->GetDescription()).'">'.utils::EscapeHtml($oStimulus->GetLabel()).'</span>';
+				{ 
+					$aStimuli[] = '<span title="'.$sStimulusCode.': '.htmlentities($oStimulus->GetDescription(), ENT_QUOTES, 'UTF-8').'">'.htmlentities($oStimulus->GetLabel(), ENT_QUOTES, 'UTF-8').'</span>';
 				}
 			}
 			$sStimuli = implode(', ', $aStimuli);
-
+			
 			$aDisplayData[] = array(
 				'class' => MetaModel::GetName($sClass),
 				'read' => $this->GetGrantAsHtml($oUserRights, $sClass, 'r'),
@@ -141,7 +140,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 				'stimuli' => $sStimuli,
 			);
 		}
-
+	
 		$aDisplayConfig = array();
 		$aDisplayConfig['class'] = array('label' => Dict::S('UI:UserManagement:Class'), 'description' => Dict::S('UI:UserManagement:Class+'));
 		$aDisplayConfig['read'] = array('label' => Dict::S('UI:UserManagement:Action:Read'), 'description' => Dict::S('UI:UserManagement:Action:Read+'));
@@ -199,7 +198,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 	 * @param $aReasons array To store the reasons why the attribute is read-only (info about the synchro replicas)
 	 * @param $sTargetState string The target state in which to evalutate the flags, if empty the current state will be used
 	 * @return integer Flags: the binary combination of the flags applicable to this attribute
-	 */
+	 */	 	  	 	
 	public function GetAttributeFlags($sAttCode, &$aReasons = array(), $sTargetState = '')
 	{
 		$iFlags = parent::GetAttributeFlags($sAttCode, $aReasons, $sTargetState);
@@ -220,36 +219,24 @@ class URP_UserProfile extends UserRightsBaseClassGUI
 	{
 		$aParams = array
 		(
-			"category"            => "addon/userrights,grant_by_profile,filter",
-			"key_type"            => "autoincrement",
-			"name_attcode"        => array("userlogin", "profile"),
-			"state_attcode"       => "",
-			"reconc_keys"         => array(),
-			"db_table"            => "priv_urp_userprofile",
-			"db_key_field"        => "id",
+			"category" => "addon/userrights,grant_by_profile,filter",
+			"key_type" => "autoincrement",
+			"name_attcode" => array("userlogin", "profile"),
+			"state_attcode" => "",
+			"reconc_keys" => array(),
+			"db_table" => "priv_urp_userprofile",
+			"db_key_field" => "id",
 			"db_finalclass_field" => "",
-			'uniqueness_rules'    => array(
-				'no_duplicate' => array(
-					'attributes'  => array(
-						0 => 'userid',
-						1 => 'profileid',
-					),
-					'filter'      => '',
-					'disabled'    => false,
-					'is_blocking' => true,
-				),
-			),
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("userid", array("targetclass" => "User", "jointype" => "", "allowed_values" => null, "sql" => "userid", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("userlogin", array("allowed_values" => null, "extkey_attcode" => 'userid', "target_attcode" => "login")));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("userid", array("targetclass"=>"User", "jointype"=> "", "allowed_values"=>null, "sql"=>"userid", "is_null_allowed"=>false, "on_target_delete"=>DEL_AUTO, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("userlogin", array("allowed_values"=>null, "extkey_attcode"=> 'userid', "target_attcode"=>"login")));
 
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("profileid",
-			array("targetclass" => "URP_Profiles", "jointype" => "", "allowed_values" => null, "sql" => "profileid", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array(), "allow_target_creation" => false)));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("profile", array("allowed_values" => null, "extkey_attcode" => 'profileid', "target_attcode" => "name")));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("profileid", array("targetclass"=>"URP_Profiles", "jointype"=> "", "allowed_values"=>null, "sql"=>"profileid", "is_null_allowed"=>false, "on_target_delete"=>DEL_AUTO, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("profile", array("allowed_values"=>null, "extkey_attcode"=> 'profileid', "target_attcode"=>"name")));
 
-		MetaModel::Init_AddAttribute(new AttributeString("reason", array("allowed_values" => null, "sql" => "description", "default_value" => null, "is_null_allowed" => true, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeString("reason", array("allowed_values"=>null, "sql"=>"description", "default_value"=>null, "is_null_allowed"=>true, "depends_on"=>array())));
 
 		// Display lists
 		MetaModel::Init_SetZListItems('details', array('userid', 'profileid', 'reason')); // Attributes to be displayed for the complete details
@@ -417,7 +404,7 @@ class URP_UserOrg extends UserRightsBaseClassGUI
 	{
 		if (!UserRights::IsLoggedIn() || UserRights::IsAdministrator()) { return; }
 
-		$oUser = UserRights::GetUserObject();
+		$oUser = UserRights::GetUserObject();		
 		$oAddon = UserRights::GetModuleInstance();
 		$aOrgs = $oAddon->GetUserOrgs($oUser, '');
 		if (count($aOrgs) > 0)
@@ -448,18 +435,20 @@ class UserRightsProfile extends UserRightsAddOnAPI
 	// Installation: create the very first user
 	public function CreateAdministrator($sAdminUser, $sAdminPwd, $sLanguage = 'EN US')
 	{
-		CMDBObject::SetCurrentChangeFromParams('Initialization create administrator');
+		CMDBObject::SetTrackInfo('Initialization');
 
 		$iContactId = 0;
 		// Support drastic data model changes: no organization class (or not writable)!
-		if (MetaModel::IsValidClass('Organization') && !MetaModel::IsAbstract('Organization')) {
+		if (MetaModel::IsValidClass('Organization') && !MetaModel::IsAbstract('Organization'))
+		{
 			$oOrg = MetaModel::NewObject('Organization');
 			$oOrg->Set('name', 'My Company/Department');
 			$oOrg->Set('code', 'SOMECODE');
 			$iOrgId = $oOrg->DBInsertNoReload();
 
 			// Support drastic data model changes: no Person class  (or not writable)!
-			if (MetaModel::IsValidClass('Person') && !MetaModel::IsAbstract('Person')) {
+			if (MetaModel::IsValidClass('Person') && !MetaModel::IsAbstract('Person'))
+			{
 				$oContact = MetaModel::NewObject('Person');
 				$oContact->Set('name', 'My last name');
 				$oContact->Set('first_name', 'My first name');
@@ -539,7 +528,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
 				$oSearch->AllowAllData();
 				$oCondition = new BinaryExpression(new FieldExpression('userid'), '=', new VariableExpression('userid'));
 				$oSearch->AddConditionExpression($oCondition);
-
+				
 				$oUserOrgSet = new DBObjectSet($oSearch, array(), array('userid' => $iUser));
 				while ($oUserOrg = $oUserOrgSet->Fetch())
 				{
@@ -749,10 +738,8 @@ class UserRightsProfile extends UserRightsAddOnAPI
 		// load and cache permissions for the current user on the given class
 		//
 		$iUser = $oUser->GetKey();
-		if (isset($this->m_aObjectActionGrants[$iUser][$sClass][$iActionCode])){
-			$aTest = $this->m_aObjectActionGrants[$iUser][$sClass][$iActionCode];
-			if (is_array($aTest)) return $aTest;
-		}
+		$aTest = @$this->m_aObjectActionGrants[$iUser][$sClass][$iActionCode];
+		if (is_array($aTest)) return $aTest;
 
 		$sAction = self::$m_aActionCodes[$iActionCode];
 
@@ -918,8 +905,8 @@ class UserRightsProfile extends UserRightsAddOnAPI
 
 	/**
 	 * Find out which attribute is corresponding the the dimension 'owner org'
-	 * returns null if no such attribute has been found (no filtering should occur)
-	 */
+	 * returns null if no such attribute has been found (no filtering should occur)	 
+	 */	 	
 	public static function GetOwnerOrganizationAttCode($sClass)
 	{
 		$sAttCode = null;

addons/userrights/userrightsprofile.db.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2021 Combodo SARL
  *
  * This file is part of iTop.
  *
@@ -69,15 +69,14 @@ class URP_Profiles extends UserRightsBaseClassGUI
 	{
 		$aParams = array
 		(
-			"category"                   => "addon/userrights",
-			"key_type"                   => "autoincrement",
-			"name_attcode"               => "name",
-			"complementary_name_attcode" => array('description'),
-			"state_attcode"              => "",
-			"reconc_keys"                => array(),
-			"db_table"                   => "priv_urp_profiles",
-			"db_key_field"               => "id",
-			"db_finalclass_field"        => "",
+			"category" => "addon/userrights",
+			"key_type" => "autoincrement",
+			"name_attcode" => "name",
+			"state_attcode" => "",
+			"reconc_keys" => array(),
+			"db_table" => "priv_urp_profiles",
+			"db_key_field" => "id",
+			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
@@ -279,8 +278,8 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			{
 				$oGrant = $oUserRights->GetClassStimulusGrant($this->GetKey(), $sClass, $sStimulusCode);
 				if (is_object($oGrant) && ($oGrant->Get('permission') == 'yes'))
-				{
-					$aStimuli[] = '<span title="'.$sStimulusCode.': '.utils::EscapeHtml($oStimulus->GetDescription()).'">'.utils::EscapeHtml($oStimulus->GetLabel()).'</span>';
+				{ 
+					$aStimuli[] = '<span title="'.$sStimulusCode.': '.htmlentities($oStimulus->GetDescription(), ENT_QUOTES, 'UTF-8').'">'.htmlentities($oStimulus->GetLabel(), ENT_QUOTES, 'UTF-8').'</span>';
 				}
 			}
 			$sStimuli = implode(', ', $aStimuli);
@@ -326,25 +325,24 @@ class URP_UserProfile extends UserRightsBaseClassGUI
 	{
 		$aParams = array
 		(
-			"category"            => "addon/userrights",
-			"key_type"            => "autoincrement",
-			"name_attcode"        => array("userlogin", "profile"),
-			"state_attcode"       => "",
-			"reconc_keys"         => array(),
-			"db_table"            => "priv_urp_userprofile",
-			"db_key_field"        => "id",
+			"category" => "addon/userrights",
+			"key_type" => "autoincrement",
+			"name_attcode" => array("userlogin", "profile"),
+			"state_attcode" => "",
+			"reconc_keys" => array(),
+			"db_table" => "priv_urp_userprofile",
+			"db_key_field" => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("userid", array("targetclass" => "User", "jointype" => "", "allowed_values" => null, "sql" => "userid", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("userlogin", array("allowed_values" => null, "extkey_attcode" => 'userid', "target_attcode" => "login")));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("userid", array("targetclass"=>"User", "jointype"=> "", "allowed_values"=>null, "sql"=>"userid", "is_null_allowed"=>false, "on_target_delete"=>DEL_AUTO, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("userlogin", array("allowed_values"=>null, "extkey_attcode"=> 'userid', "target_attcode"=>"login")));
 
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("profileid",
-			array("targetclass" => "URP_Profiles", "jointype" => "", "allowed_values" => null, "sql" => "profileid", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array(), "allow_target_creation" => false)));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("profile", array("allowed_values" => null, "extkey_attcode" => 'profileid', "target_attcode" => "name")));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("profileid", array("targetclass"=>"URP_Profiles", "jointype"=> "", "allowed_values"=>null, "sql"=>"profileid", "is_null_allowed"=>false, "on_target_delete"=>DEL_AUTO, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("profile", array("allowed_values"=>null, "extkey_attcode"=> 'profileid', "target_attcode"=>"name")));
 
-		MetaModel::Init_AddAttribute(new AttributeString("reason", array("allowed_values" => null, "sql" => "description", "default_value" => null, "is_null_allowed" => true, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeString("reason", array("allowed_values"=>null, "sql"=>"description", "default_value"=>null, "is_null_allowed"=>true, "depends_on"=>array())));
 
 		// Display lists
 		MetaModel::Init_SetZListItems('details', array('userid', 'profileid', 'reason')); // Attributes to be displayed for the complete details
@@ -510,18 +508,24 @@ class UserRightsProfile extends UserRightsAddOnAPI
 	public function CreateAdministrator($sAdminUser, $sAdminPwd, $sLanguage = 'EN US')
 	{
 		// Create a change to record the history of the User object
-		CMDBObject::SetCurrentChangeFromParams('Initialization : create first user admin profile');
+		/** @var \CMDBChange $oChange */
+		$oChange = MetaModel::NewObject("CMDBChange");
+		$oChange->Set("date", time());
+		$oChange->Set("userinfo", "Initialization");
 
 		$iContactId = 0;
 		// Support drastic data model changes: no organization class (or not writable)!
-		if (MetaModel::IsValidClass('Organization') && !MetaModel::IsAbstract('Organization')) {
+		if (MetaModel::IsValidClass('Organization') && !MetaModel::IsAbstract('Organization'))
+		{
 			$oOrg = MetaModel::NewObject('Organization');
 			$oOrg->Set('name', 'My Company/Department');
 			$oOrg->Set('code', 'SOMECODE');
+			$oOrg::SetCurrentChange($oChange);
 			$iOrgId = $oOrg->DBInsertNoReload();
 
 			// Support drastic data model changes: no Person class  (or not writable)!
-			if (MetaModel::IsValidClass('Person') && !MetaModel::IsAbstract('Person')) {
+			if (MetaModel::IsValidClass('Person') && !MetaModel::IsAbstract('Person'))
+			{
 				$oContact = MetaModel::NewObject('Person');
 				$oContact->Set('name', 'My last name');
 				$oContact->Set('first_name', 'My first name');
@@ -530,6 +534,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
 					$oContact->Set('org_id', $iOrgId);
 				}
 				$oContact->Set('email', 'my.email@foo.org');
+				$oContact::SetCurrentChange($oChange);
 				$iContactId = $oContact->DBInsertNoReload();
 			}
 		}
@@ -538,22 +543,24 @@ class UserRightsProfile extends UserRightsAddOnAPI
 		$oUser = new UserLocal();
 		$oUser->Set('login', $sAdminUser);
 		$oUser->Set('password', $sAdminPwd);
-		if (MetaModel::IsValidAttCode('UserLocal', 'contactid') && ($iContactId != 0)) {
+		if (MetaModel::IsValidAttCode('UserLocal', 'contactid') && ($iContactId != 0))
+		{
 			$oUser->Set('contactid', $iContactId);
 		}
 		$oUser->Set('language', $sLanguage); // Language was chosen during the installation
 
 		// Add this user to the very specific 'admin' profile
 		$oAdminProfile = MetaModel::GetObjectFromOQL("SELECT URP_Profiles WHERE name = :name", array('name' => ADMIN_PROFILE_NAME), true /*all data*/);
-		if (is_object($oAdminProfile)) {
+		if (is_object($oAdminProfile))
+		{
 			$oUserProfile = new URP_UserProfile();
 			$oUserProfile->Set('profileid', $oAdminProfile->GetKey());
 			$oUserProfile->Set('reason', 'By definition, the administrator must have the administrator profile');
 			$oSet = DBObjectSet::FromObject($oUserProfile);
 			$oUser->Set('profile_list', $oSet);
 		}
-		$oUser->DBInsertNoReload();
-
+		$oUser::SetCurrentChange($oChange);
+		$iUserId = $oUser->DBInsertNoReload();
 		return true;
 	}
 

addons/userrights/userrightsprojection.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2021 Combodo SARL
  *
  * This file is part of iTop.
  *
@@ -50,15 +50,14 @@ class URP_Profiles extends UserRightsBaseClass
 	{
 		$aParams = array
 		(
-			"category"                   => "addon/userrights",
-			"key_type"                   => "autoincrement",
-			"name_attcode"               => "name",
-			"complementary_name_attcode" => array('description'),
-			"state_attcode"              => "",
-			"reconc_keys"                => array(),
-			"db_table"                   => "priv_urp_profiles",
-			"db_key_field"               => "id",
-			"db_finalclass_field"        => "",
+			"category" => "addon/userrights",
+			"key_type" => "autoincrement",
+			"name_attcode" => "name",
+			"state_attcode" => "",
+			"reconc_keys" => array(),
+			"db_table" => "priv_urp_profiles",
+			"db_key_field" => "id",
+			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
@@ -111,8 +110,8 @@ class URP_Profiles extends UserRightsBaseClass
 			{
 				$oGrant = $oUserRights->GetClassStimulusGrant($this->GetKey(), $sClass, $sStimulusCode);
 				if (is_object($oGrant) && ($oGrant->Get('permission') == 'yes'))
-				{
-					$aStimuli[] = '<span title="'.$sStimulusCode.': '.utils::EscapeHtml($oStimulus->GetDescription()).'">'.utils::EscapeHtml($oStimulus->GetLabel()).'</span>';
+				{ 
+					$aStimuli[] = '<span title="'.$sStimulusCode.': '.htmlentities($oStimulus->GetDescription(), ENT_QUOTES, 'UTF-8').'">'.htmlentities($oStimulus->GetLabel(), ENT_QUOTES, 'UTF-8').'</span>';
 				}
 			}
 			$sStimuli = implode(', ', $aStimuli);
@@ -269,25 +268,24 @@ class URP_UserProfile extends UserRightsBaseClass
 	{
 		$aParams = array
 		(
-			"category"            => "addon/userrights",
-			"key_type"            => "autoincrement",
-			"name_attcode"        => array("userlogin", "profile"),
-			"state_attcode"       => "",
-			"reconc_keys"         => array(),
-			"db_table"            => "priv_urp_userprofile",
-			"db_key_field"        => "id",
+			"category" => "addon/userrights",
+			"key_type" => "autoincrement",
+			"name_attcode" => array("userlogin", "profile"),
+			"state_attcode" => "",
+			"reconc_keys" => array(),
+			"db_table" => "priv_urp_userprofile",
+			"db_key_field" => "id",
 			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("userid", array("targetclass" => "User", "jointype" => "", "allowed_values" => null, "sql" => "userid", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("userlogin", array("allowed_values" => null, "extkey_attcode" => 'userid', "target_attcode" => "login")));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("userid", array("targetclass"=>"User", "jointype"=> "", "allowed_values"=>null, "sql"=>"userid", "is_null_allowed"=>false, "on_target_delete"=>DEL_AUTO, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("userlogin", array("allowed_values"=>null, "extkey_attcode"=> 'userid', "target_attcode"=>"login")));
 
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("profileid",
-			array("targetclass" => "URP_Profiles", "jointype" => "", "allowed_values" => null, "sql" => "profileid", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array(), "allow_target_creation" => false)));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("profile", array("allowed_values" => null, "extkey_attcode" => 'profileid', "target_attcode" => "name")));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("profileid", array("targetclass"=>"URP_Profiles", "jointype"=> "", "allowed_values"=>null, "sql"=>"profileid", "is_null_allowed"=>false, "on_target_delete"=>DEL_AUTO, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("profile", array("allowed_values"=>null, "extkey_attcode"=> 'profileid', "target_attcode"=>"name")));
 
-		MetaModel::Init_AddAttribute(new AttributeString("reason", array("allowed_values" => null, "sql" => "description", "default_value" => null, "is_null_allowed" => true, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeString("reason", array("allowed_values"=>null, "sql"=>"description", "default_value"=>null, "is_null_allowed"=>true, "depends_on"=>array())));
 
 		// Display lists
 		MetaModel::Init_SetZListItems('details', array('userid', 'profileid', 'reason')); // Attributes to be displayed for the complete details
@@ -570,11 +568,14 @@ class UserRightsProjection extends UserRightsAddOnAPI
 	public function CreateAdministrator($sAdminUser, $sAdminPwd, $sLanguage = 'EN US')
 	{
 		// Create a change to record the history of the User object
-		CMDBObject::SetCurrentChangeFromParams('Initialization : create first user admin');
+		$oChange = MetaModel::NewObject("CMDBChange");
+		$oChange->Set("date", time());
+		$oChange->Set("userinfo", "Initialization");
 
 		$oOrg = new Organization();
 		$oOrg->Set('name', 'My Company/Department');
 		$oOrg->Set('code', 'SOMECODE');
+		$oOrg::SetCurrentChange($oChange);
 		$iOrgId = $oOrg->DBInsertNoReload();
 
 		$oContact = new Person();
@@ -583,6 +584,7 @@ class UserRightsProjection extends UserRightsAddOnAPI
 		//$oContact->Set('status', 'available');
 		$oContact->Set('org_id', $iOrgId);
 		$oContact->Set('email', 'my.email@foo.org');
+		$oContact::SetCurrentChange($oChange);
 		$iContactId = $oContact->DBInsertNoReload();
 		
 		$oUser = new UserLocal();
@@ -590,6 +592,7 @@ class UserRightsProjection extends UserRightsAddOnAPI
 		$oUser->Set('password', $sAdminPwd);
 		$oUser->Set('contactid', $iContactId);
 		$oUser->Set('language', $sLanguage); // Language was chosen during the installation
+		$oUser::SetCurrentChange($oChange);
 		$iUserId = $oUser->DBInsertNoReload();
 		
 		// Add this user to the very specific 'admin' profile
@@ -597,6 +600,7 @@ class UserRightsProjection extends UserRightsAddOnAPI
 		$oUserProfile->Set('userid', $iUserId);
 		$oUserProfile->Set('profileid', ADMIN_PROFILE_ID);
 		$oUserProfile->Set('reason', 'By definition, the administrator must have the administrator profile');
+		$oUserProfile::SetCurrentChange($oChange);
 		$oUserProfile->DBInsertNoReload();
 		return true;
 	}

application/DBSearchHelper.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/ajaxwebpage.class.inc.php

@@ -1,24 +1,20 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/AjaxPage.php, now loadable using autoloader
+ * @deprecated  will be removed in 3.1.0 - moved to sources/application/WebPage/AjaxPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-// cannot notify depreciation for now as this is still load in autoloader
-//DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/AjaxPage.php, now loadable using autoloader');
+// cannot notify depreciation for now as this is still MASSIVELY used in iTop core !
+//DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/AjaxPage.php, now loadable using autoloader');
 
 /**
  * Class ajax_page
  *
- * @deprecated 3.0.0 will be removed in 3.1.0 - moved to AjaxPage
+ * @deprecated will be removed in 3.1.0 - moved to AjaxPage
  */
 class ajax_page extends AjaxPage
 {
-	function __construct($s_title)
-	{
-		DeprecatedCallsLog::NotifyDeprecatedPhpMethod('ajax_page is deprecated. Please use AjaxPage instead');
-		parent::__construct($s_title);
-	}
+
 }
 

application/application.inc.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -12,7 +12,6 @@ require_once(APPROOT.'/application/applicationcontext.class.inc.php');
 require_once(APPROOT.'/application/cmdbabstract.class.inc.php');
 require_once(APPROOT.'/application/displayblock.class.inc.php');
 require_once(APPROOT.'/application/audit.category.class.inc.php');
-require_once(APPROOT.'/application/audit.domain.class.inc.php');
 require_once(APPROOT.'/application/audit.rule.class.inc.php');
 require_once(APPROOT.'/application/query.class.inc.php');
 require_once(APPROOT.'/setup/moduleinstallation.class.inc.php');

application/applicationcontext.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -20,7 +20,7 @@
 /**
  * Class ApplicationContext
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -224,7 +224,7 @@ class ApplicationContext
 	{
 		$sContext = "";
 		foreach ($this->aValues as $sName => $sValue) {
-			$sContext .= "<input type=\"hidden\" name=\"c[$sName]\" value=\"".utils::EscapeHtml($sValue)."\" />\n";
+			$sContext .= "<input type=\"hidden\" name=\"c[$sName]\" value=\"".htmlentities($sValue, ENT_QUOTES, 'UTF-8')."\" />\n";
 		}
 		return $sContext;
 	}
@@ -238,7 +238,7 @@ class ApplicationContext
 	{
 		$aContextInputBlocks = [];
 		foreach ($this->aValues as $sName => $sValue) {
-			$aContextInputBlocks[] = InputUIBlockFactory::MakeForHidden("c[$sName]", utils::EscapeHtml($sValue));
+			$aContextInputBlocks[] = InputUIBlockFactory::MakeForHidden("c[$sName]", htmlentities($sValue, ENT_QUOTES, 'UTF-8'));
 		}
 		return $aContextInputBlocks;
 	}
@@ -376,19 +376,26 @@ class ApplicationContext
    {
    	$oAppContext = new ApplicationContext();
 
-        if (is_null($sUrlMakerClass)) {
-	        $sUrlMakerClass = self::GetUrlMakerClass();
-        }
+      if (is_null($sUrlMakerClass))
+      {
+			$sUrlMakerClass = self::GetUrlMakerClass();
+		}
 		$sUrl = call_user_func(array($sUrlMakerClass, 'MakeObjectUrl'), $sObjClass, $sObjKey);
-	   if (utils::StrLen($sUrl) > 0) {
-		   if ($bWithNavigationContext) {
-			   return $sUrl."&".$oAppContext->GetForLink();
-		   } else {
-			   return $sUrl;
-		   }
-	   } else {
-		   return '';
-	   }
+		if (strlen($sUrl) > 0)
+		{
+			if ($bWithNavigationContext)
+			{
+				return $sUrl."&".$oAppContext->GetForLink();
+			}
+			else
+			{
+				return $sUrl;
+			}
+		}
+		else
+		{
+			return '';
+		}	
 	}
 
 	/**

application/audit.category.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -20,9 +20,9 @@
 /**
  * This class manages the audit "categories". Each category defines a set of objects
  * to check and is linked to a set of rules that determine the valid or invalid objects
- * inside the set
+ * inside the set 
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -42,55 +42,19 @@ class AuditCategory extends cmdbAbstractObject
 			"db_table" => "priv_auditcategory",
 			"db_key_field" => "id",
 			"db_finalclass_field" => "",
-			'style' => new ormStyle(null, null, null, null, null, '../images/icons/icons8-audit-folder.svg'),
 		);
 		MetaModel::Init_Params($aParams);
 		MetaModel::Init_AddAttribute(new AttributeString("name", array("description"=>"Short name for this category", "allowed_values"=>null, "sql"=>"name", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
 		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values"=>null, "sql"=>"description", "default_value"=>"", "is_null_allowed"=>true, "depends_on"=>array())));
 		MetaModel::Init_AddAttribute(new AttributeOQL("definition_set", array("allowed_values"=>null, "sql"=>"definition_set", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
 		MetaModel::Init_AddAttribute(new AttributeLinkedSet("rules_list", array("linked_class"=>"AuditRule", "ext_key_to_me"=>"category_id", "allowed_values"=>null, "count_min"=>0, "count_max"=>0, "depends_on"=>array(), "edit_mode" => LINKSET_EDITMODE_INPLACE, "tracking_level" => LINKSET_TRACKING_ALL)));
-		MetaModel::Init_AddAttribute(new AttributeInteger("ok_error_tolerance", array("allowed_values"=>null, "sql"=>"ok_error_tolerance", "default_value"=>5, "is_null_allowed"=>true, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeInteger("warning_error_tolerance", array("allowed_values" => null, "sql" => "warning_error_tolerance", "default_value" => 25, "is_null_allowed" => true, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("domains_list",
-			array("linked_class" => "lnkAuditCategoryToAuditDomain", "ext_key_to_me" => "category_id", "ext_key_to_remote" => "domain_id", "allowed_values" => null, "count_min" => 0, "count_max" => 0, "depends_on" => array(), "display_style" => 'property')));
 
 		// Display lists
-		MetaModel::Init_SetZListItems('details', array('name', 'description', 'definition_set', 'ok_error_tolerance', 'warning_error_tolerance', 'rules_list', 'domains_list')); // Attributes to be displayed for the complete details
+		MetaModel::Init_SetZListItems('details', array('name', 'description', 'definition_set', 'rules_list')); // Attributes to be displayed for the complete details
 		MetaModel::Init_SetZListItems('list', array('description', )); // Attributes to be displayed for a list
 		// Search criteria
 		MetaModel::Init_SetZListItems('standard_search', array('description', 'definition_set')); // Criteria of the std search form
 		MetaModel::Init_SetZListItems('default_search', array('name', 'description')); // Criteria of the default search form
 	}
-
-	/**
-	 * @param int $iTotal
-	 * @param int $iErrors
-	 *
-	 * @return string A semantic color name (eg. red, green, orange, success, failure, ... {@see css/backoffice/utils/variables/colors/_semantic-palette.scss}) to use for this category depending on its error count and tolerance
-	 * @throws \CoreException
-	 *
-	 * @since 3.1.0
-	 */
-	public function GetReportColor($iTotal, $iErrors)
-	{
-		$sResult = 'red';
-		if ( ($iTotal == 0) || ($iErrors / $iTotal) <= ($this->Get('ok_error_tolerance') / 100) ) {
-			$sResult = 'green';
-		} else if (($iErrors / $iTotal) <= ($this->Get('warning_error_tolerance') / 100)) {
-			$sResult = 'orange';
-		}
-
-		return $sResult;
-	}
-
-	public static function GetShortcutActions($sFinalClass)
-	{
-		$aShortcutActions = parent::GetShortcutActions($sFinalClass);
-		if (!in_array('UI:Menu:RunAudit', $aShortcutActions)) {
-			$aShortcutActions[] = 'UI:Menu:RunAudit';
-		}
-
-		return $aShortcutActions;
-	}
 }
 ?>

application/audit.domain.class.inc.php

@@ -1,112 +0,0 @@
-<?php
-// Copyright (C) 2010-2023 Combodo SARL
-//
-//   This file is part of iTop.
-//
-//   iTop is free software; you can redistribute it and/or modify
-//   it under the terms of the GNU Affero General Public License as published by
-//   the Free Software Foundation, either version 3 of the License, or
-//   (at your option) any later version.
-//
-//   iTop is distributed in the hope that it will be useful,
-//   but WITHOUT ANY WARRANTY; without even the implied warranty of
-//   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-//   GNU Affero General Public License for more details.
-//
-//   You should have received a copy of the GNU Affero General Public License
-//   along with iTop. If not, see <http://www.gnu.org/licenses/>
-
-
-/**
- * This class manages the audit "categories". Each category defines a set of objects
- * to check and is linked to a set of rules that determine the valid or invalid objects
- * inside the set
- *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-/**
- * @since 3.1.0
- */
-class AuditDomain extends cmdbAbstractObject
-{
-	public static function Init()
-	{
-		$aParams = array
-		(
-			"category"                   => "application, grant_by_profile",
-			"key_type"                   => "autoincrement",
-			"name_attcode"               => "name",
-			"complementary_name_attcode" => array('description'),
-			"state_attcode"              => "",
-			"reconc_keys"                => array('name'),
-			"db_table"                   => "priv_auditdomain",
-			"db_key_field"               => "id",
-			"db_finalclass_field"        => "",
-			'style'                      => new ormStyle(null, null, null, null, null, '../images/icons/icons8-audit-album.svg'),
-		);
-		MetaModel::Init_Params($aParams);
-		MetaModel::Init_AddAttribute(new AttributeString("name", array("description" => "Short name for this category", "allowed_values" => null, "sql" => "name", "default_value" => "", "is_null_allowed" => false, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values" => null, "sql" => "description", "default_value" => "", "is_null_allowed" => true, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeImage("icon", array("is_null_allowed" => true, "depends_on" => array(), "display_max_width" => 96, "display_max_height" => 96, "storage_max_width" => 256, "storage_max_height" => 256, "default_image" => null, "always_load_in_tables" => false)));
-		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("categories_list",
-			array("linked_class" => "lnkAuditCategoryToAuditDomain", "ext_key_to_me" => "domain_id", "ext_key_to_remote" => "category_id", "allowed_values" => null, "count_min" => 0, "count_max" => 0, "depends_on" => array())));
-
-		// Display lists
-		MetaModel::Init_SetZListItems('details', array('name', 'description', 'icon', 'categories_list')); // Attributes to be displayed for the complete details
-		MetaModel::Init_SetZListItems('list', array('description',)); // Attributes to be displayed for a list
-		// Search criteria
-		MetaModel::Init_SetZListItems('standard_search', array('description')); // Criteria of the std search form
-		MetaModel::Init_SetZListItems('default_search', array('name', 'description')); // Criteria of the default search form
-	}
-
-	public static function GetShortcutActions($sFinalClass)
-	{
-		$aShortcutActions = parent::GetShortcutActions($sFinalClass);
-		if (!in_array('UI:Menu:RunAudit', $aShortcutActions)) {
-			$aShortcutActions[] = 'UI:Menu:RunAudit';
-		}
-
-		return $aShortcutActions;
-	}
-
-}
-
-/**
- * @since 3.1.0
- */
-class lnkAuditCategoryToAuditDomain extends cmdbAbstractObject
-{
-	/**
-	 * @throws \CoreException
-	 * @throws \Exception
-	 */
-	public static function Init()
-	{
-		$aParams = array
-		(
-			"category" => "application, grant_by_profile",
-			"key_type" => "autoincrement",
-			"name_attcode" => "",
-			"state_attcode" => "",
-			"reconc_keys" => array('category_id', 'domain_id'),
-			"db_table" => "priv_link_audit_category_domain",
-			"db_key_field" => "id",
-			"db_finalclass_field" => "",
-			"is_link" => true,
-		);
-		MetaModel::Init_Params($aParams);
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("category_id", array("targetclass" => "AuditCategory", "jointype" => '', "allowed_values" => null, "sql" => "category_id", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("category_name", array("allowed_values" => null, "extkey_attcode" => 'category_id', "target_attcode" => "name")));
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("domain_id", array("targetclass" => "AuditDomain", "jointype" => '', "allowed_values" => null, "sql" => "domain_id", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("domain_name", array("allowed_values" => null, "extkey_attcode" => 'domain_id', "target_attcode" => "name")));
-
-		// Display lists
-		MetaModel::Init_SetZListItems('details', array('category_id', 'domain_id'));
-		MetaModel::Init_SetZListItems('list', array('category_id', 'domain_id'));
-		// Search criteria
-		MetaModel::Init_SetZListItems('standard_search', array('category_id', 'domain_id'));
-	}
-}
-

application/audit.rule.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -23,7 +23,7 @@
  * or the "bad" ones. The core audit engines computes the complement to the definition
  * set when needed to obtain either the valid objects, or the ones with an error
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -35,23 +35,22 @@ class AuditRule extends cmdbAbstractObject
 	{
 		$aParams = array
 		(
-			"category"            => "application, grant_by_profile",
-			"key_type"            => "autoincrement",
-			"name_attcode"        => "name",
-			"state_attcode"       => "",
-			"reconc_keys"         => array('name'),
-			"db_table"            => "priv_auditrule",
-			"db_key_field"        => "id",
+			"category" => "application, grant_by_profile",
+			"key_type" => "autoincrement",
+			"name_attcode" => "name",
+			"state_attcode" => "",
+			"reconc_keys" => array('name'),
+			"db_table" => "priv_auditrule",
+			"db_key_field" => "id",
 			"db_finalclass_field" => "",
-			'style'               => new ormStyle(null, null, null, null, null, '../images/icons/icons8-audit.svg'),
 		);
 		MetaModel::Init_Params($aParams);
-		MetaModel::Init_AddAttribute(new AttributeString("name", array("allowed_values" => null, "sql" => "name", "default_value" => "", "is_null_allowed" => false, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values" => null, "sql" => "description", "default_value" => "", "is_null_allowed" => true, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeOQL("query", array("allowed_values" => null, "sql" => "query", "default_value" => "", "is_null_allowed" => false, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeEnum("valid_flag", array("allowed_values" => new ValueSetEnum('true,false'), "sql" => "valid_flag", "default_value" => "true", "is_null_allowed" => false, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("category_id", array("allowed_values" => null, "sql" => "category_id", "targetclass" => "AuditCategory", "is_null_allowed" => false, "on_target_delete" => DEL_MANUAL, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("category_name", array("allowed_values" => null, "extkey_attcode" => 'category_id', "target_attcode" => "name")));
+		MetaModel::Init_AddAttribute(new AttributeString("name", array("allowed_values"=>null, "sql"=>"name", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values"=>null, "sql"=>"description", "default_value"=>"", "is_null_allowed"=>true, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeOQL("query", array("allowed_values"=>null, "sql"=>"query", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeEnum("valid_flag", array("allowed_values"=>new ValueSetEnum('true,false'), "sql"=>"valid_flag", "default_value"=>"true", "is_null_allowed"=>false, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("category_id", array("allowed_values"=>null, "sql"=>"category_id", "targetclass"=>"AuditCategory", "is_null_allowed"=>false, "on_target_delete"=>DEL_MANUAL, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("category_name", array("allowed_values"=>null, "extkey_attcode"=> 'category_id', "target_attcode"=>"name")));
 
 		// Display lists
 		MetaModel::Init_SetZListItems('details', array('category_id', 'name', 'description', 'query', 'valid_flag')); // Attributes to be displayed for the complete details
@@ -60,16 +59,5 @@ class AuditRule extends cmdbAbstractObject
 		MetaModel::Init_SetZListItems('standard_search', array('category_id', 'name', 'description', 'valid_flag', 'query')); // Criteria of the std search form
 		MetaModel::Init_SetZListItems('default_search', array('name', 'description', 'category_id')); // Criteria of the advanced search form
 	}
-
-
-	public static function GetShortcutActions($sFinalClass)
-	{
-		$aShortcutActions = parent::GetShortcutActions($sFinalClass);
-		if (!in_array('UI:Menu:RunAudit', $aShortcutActions)) {
-			$aShortcutActions[] = 'UI:Menu:RunAudit';
-		}
-
-		return $aShortcutActions;
-	}
 }
 ?>

application/capturewebpage.class.inc.php

@@ -1,8 +1,8 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/CaptureWebPage.php, now loadable using autoloader
+ * @deprecated  will be removed in 3.1.0 - moved to sources/application/WebPage/CaptureWebPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/CaptureWebPage.php, now loadable using autoloader');
+DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/CaptureWebPage.php, now loadable using autoloader');

application/clipage.class.inc.php

@@ -1,8 +1,8 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/CLIPage.php, now loadable using autoloader
+ * @deprecated  will be removed in 3.1.0 - moved to sources/application/WebPage/CLIPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/CLIPage.php, now loadable using autoloader');
+DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/CLIPage.php, now loadable using autoloader');

application/compilecssservice.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2020 Combodo SARL
  *
  * This file is part of iTop.
  *

application/csvpage.class.inc.php

@@ -1,8 +1,8 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/CSVPage.php, now loadable using autoloader
+ * @deprecated  will be removed in 3.1.0 - moved to sources/application/WebPage/CSVPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/CSVPage.php, now loadable using autoloader');
+DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/CSVPage.php, now loadable using autoloader');

application/dashboard.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -789,7 +789,6 @@ class RuntimeDashboard extends Dashboard
 
 	/**
 	 * @inheritDoc
-	 * @return bool $bIsNew
 	 * @throws \Exception
 	 */
 	public function Save()
@@ -799,7 +798,6 @@ class RuntimeDashboard extends Dashboard
 		$oUDSearch->AddCondition('user_id', UserRights::GetUserId(), '=');
 		$oUDSearch->AddCondition('menu_code', $this->sId, '=');
 		$oUDSet = new DBObjectSet($oUDSearch);
-		$bIsNew = false;
 		if ($oUDSet->Count() > 0)
 		{
 			// Assuming there is at most one couple {user, menu}!
@@ -813,12 +811,10 @@ class RuntimeDashboard extends Dashboard
 			$oUserDashboard->Set('user_id', UserRights::GetUserId());
 			$oUserDashboard->Set('menu_code', $this->sId);
 			$oUserDashboard->Set('contents', $sXml);
-			$bIsNew = true;
 		}
 		utils::PushArchiveMode(false);
 		$oUserDashboard->DBWrite();
 		utils::PopArchiveMode();
-		return $bIsNew;
 	}
 
 	/**
@@ -1549,29 +1545,6 @@ JS
 		return $this->sDefinitionFile;
 	}
 
-	/**
-	 * @param string $sDashboardFileRelative can also be an absolute path (compatibility with old URL)
-	 *
-	 * @return string full path to the Dashboard file
-	 * @throws \SecurityException if path isn't under approot
-	 * @uses utils::RealPath()
-	 * @since 2.7.8 3.0.3 3.1.0 N°4449 remove FPD
-	 */
-	public static function GetDashboardFileFromRelativePath($sDashboardFileRelative)
-	{
-		if (utils::RealPath($sDashboardFileRelative, APPROOT)) {
-			// compatibility with old URL containing absolute path !
-			return $sDashboardFileRelative;
-		}
-
-		$sDashboardFile = APPROOT.$sDashboardFileRelative;
-		if (false === utils::RealPath($sDashboardFile, APPROOT)) {
-			throw new SecurityException('Invalid dashboard file !');
-		}
-
-		return $sDashboardFile;
-	}
-
 	/**
 	 * @param string $sDefinitionFile
 	 */

application/dashboardlayout.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -23,7 +23,7 @@ use Combodo\iTop\Application\UI\Base\Layout\Dashboard\DashboardRow;
 /**
  * Dashboard presentation
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 abstract class DashboardLayout

application/dashlet.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2012-2023 Combodo SARL
+// Copyright (C) 2012-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -29,7 +29,7 @@ require_once(APPROOT.'application/forms.class.inc.php');
 /**
  * Base class for all 'dashlets' (i.e. widgets to be inserted into a dashboard)
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 abstract class Dashlet
@@ -262,7 +262,7 @@ abstract class Dashlet
 			}
 		} catch (OqlException $e) {
 			$oDashletContainer->AddCSSClass("dashlet-content");
-			$oDashletContainer->AddHtml('<p>'.utils::HtmlEntities($e->GetUserFriendlyDescription()).'</p>');
+			$oDashletContainer->AddHtml('<p>'.$e->GetUserFriendlyDescription().'</p>');
 		} catch (Exception $e) {
 			$oDashletContainer->AddCSSClass("dashlet-content");
 			$oDashletContainer->AddHtml('<p>'.$e->getMessage().'</p>');
@@ -869,7 +869,7 @@ class DashletPlainText extends Dashlet
 	public function Render($oPage, $bEditMode = false, $aExtraParams = array())
 	{
 		$sText = $this->aProperties['text'];
-		$sText = utils::EscapeHtml(Dict::S($sText));
+		$sText = utils::EscapeHtml($sText);
 		$sText = str_replace(array("\r\n", "\n", "\r"), "<br/>", $sText);
 
 		$sId = 'plaintext_'.($bEditMode ? 'edit_' : '').$this->sId;

application/datamodel.application.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<itop_design xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="3.1">
+<itop_design xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="3.0">
   <classes>
     <class id="AbstractResource" _delta="define">
       <parent>cmdbAbstractObject</parent>
@@ -55,9 +55,9 @@
   <menus>
     <menu id="WelcomeMenu" xsi:type="MenuGroup" _delta="define">
       <rank>10</rank>
-      <style>
-        <decoration_classes>fas fa-home</decoration_classes>
-      </style>
+	    <style>
+		    <decoration_classes>fas fa-home</decoration_classes>
+	    </style>
     </menu>
     <menu id="WelcomeMenuPage" xsi:type="DashboardMenuNode" _delta="define">
       <rank>10</rank>
@@ -100,20 +100,11 @@
       <enable_class>URP_Profiles</enable_class>
       <enable_action>UR_ACTION_MODIFY</enable_action>
     </menu>
-    <menu id="AuditCategories" xsi:type="DashboardMenuNode" _delta="define">
+    <menu id="AuditCategories" xsi:type="OQLMenuNode" _delta="define">
       <rank>20</rank>
       <parent>AdminTools</parent>
-      <definition>
-        <layout>DashboardLayoutOneCol</layout>
-        <title>Menu:WelcomeMenuPage</title>
-        <cells>
-          <cell id="0">
-            <rank>0</rank>
-            <dashlets>
-            </dashlets>
-          </cell>
-        </cells>
-      </definition>
+      <oql><![CDATA[SELECT AuditCategory]]></oql>
+      <do_search>1</do_search>
       <enable_class>AuditCategory</enable_class>
       <enable_action>UR_ACTION_MODIFY</enable_action>
     </menu>
@@ -160,9 +151,9 @@
     </menu>
     <menu id="ConfigurationTools" xsi:type="MenuGroup" _delta="define_if_not_exists">
       <rank>90</rank>
-      <style>
-        <decoration_classes>fas fa-cog</decoration_classes>
-      </style>
+	    <style>
+		    <decoration_classes>fas fa-cog</decoration_classes>
+	    </style>
     </menu>
     <menu id="DataSources" xsi:type="OQLMenuNode" _delta="define">
       <rank>20</rank>
@@ -181,372 +172,19 @@
     </menu>
     <menu id="AdminTools" xsi:type="MenuGroup" _delta="define">
       <rank>80</rank>
-      <style>
-        <decoration_classes>fas fa-tools</decoration_classes>
-      </style>
+	    <style>
+		    <decoration_classes>fas fa-tools</decoration_classes>
+	    </style>
     </menu>
     <menu id="SystemTools" xsi:type="MenuGroup" _delta="define">
       <rank>100</rank>
       <enable_class>ResourceSystemMenu</enable_class>
       <enable_action>UR_ACTION_MODIFY</enable_action>
-      <style>
-        <decoration_classes>fas fa-terminal</decoration_classes>
-      </style>
+	    <style>
+		    <decoration_classes>fas fa-terminal</decoration_classes>
+	    </style>
     </menu>
   </menus>
-  <events>
-    <event id="EVENT_DB_BEFORE_WRITE" _delta="define">
-      <description>An object is about to be written into the database. The object can be modified.</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <replaces>DBObject::OnInsert</replaces>
-      <event_data>
-        <event_datum id="object">
-          <description>The object inserted</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="is_new">
-          <description>Creation flag</description>
-          <type>boolean</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_CHECK_TO_WRITE" _delta="define">
-      <description>Check an object before it is written into the database (no change possible). Call DBObject::AddCheckIssue() to signal an issue</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <replaces>cmdbAbstractObject::DoCheckToWrite</replaces>
-      <event_data>
-        <event_datum id="object">
-          <description>The object to check</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="is_new">
-          <description>Creation flag</description>
-          <type>boolean</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_AFTER_WRITE" _delta="define">
-      <description>An object has been written into the database. The modifications can be propagated to other objects.</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <replaces>DBObject::AfterInsert</replaces>
-      <event_data>
-        <event_datum id="object">
-          <description>The object inserted</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="is_new">
-          <description>Creation flag</description>
-          <type>boolean</type>
-        </event_datum>
-        <event_datum id="changes">
-          <description>For updates, the list of changes done during this operation</description>
-          <type>array</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_CHECK_TO_DELETE" _delta="define">
-      <description>Check an object before it is deleted from the database. Call DBObject::AddDeleteIssue() to signal an issue</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <replaces>cmdbAbstractObject::DoCheckToDelete</replaces>
-      <event_data>
-        <event_datum id="object">
-          <description>The object to check</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_AFTER_DELETE" _delta="define">
-      <description>An object has been deleted into the database</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <replaces>DBObject::AfterDelete</replaces>
-      <event_data>
-        <event_datum id="object">
-          <description>The object deleted</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_BEFORE_APPLY_STIMULUS" _delta="define">
-      <description>A stimulus is about to be applied to an object</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The object where the stimulus is targeted</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="stimulus">
-          <description>Current stimulus applied</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="previous_state">
-          <description>Object previous state</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="new_state">
-          <description>Object new state</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="save_object">
-          <description>The object must be saved in the database</description>
-          <type>boolean</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_AFTER_APPLY_STIMULUS" _delta="define">
-      <description>A stimulus has been applied to an object</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The object where the stimulus is targeted</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="stimulus">
-          <description>Current stimulus applied</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="previous_state">
-          <description>Object previous state</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="new_state">
-          <description>Object new state</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="save_object">
-          <description>The object is asked to be saved in the database</description>
-          <type>boolean</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_APPLY_STIMULUS_FAILED" _delta="define">
-      <description>A stimulus has failed</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="action">
-          <description>The action that failed to apply the stimulus</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="object">
-          <description>The object where the stimulus is targeted</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="stimulus">
-          <description>Current stimulus applied</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="previous_state">
-          <description>Object previous state</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="new_state">
-          <description>Object new state</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="save_object">
-          <description>The object must be saved in the database</description>
-          <type>boolean</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_LINKS_CHANGED" _delta="define">
-      <description>At least one link class was changed</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The object where the link is or was pointing to</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_OBJECT_RELOAD" _delta="define">
-      <description>An object has been re-loaded from the database</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The object re-loaded</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_COMPUTE_VALUES" _delta="define">
-      <description>An object needs to be recomputed after changes</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <replaces>DBObject::ComputeValues</replaces>
-      <event_data>
-        <event_datum id="object">
-          <description>The object inserted</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_ARCHIVE" _delta="define">
-      <description>An object has been archived</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The object archived</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_UNARCHIVE" _delta="define">
-      <description>An object has been unarchived</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The object unarchived</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_SET_ATTRIBUTES_FLAGS" _delta="define">
-      <description>Set object attributes flags. Call cmdbAbstractObject::AddAttributeFlags() for all the attributes to be set for this target state.</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The current object</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="target_state">
-          <description>The target state in which to evaluate the flags</description>
-          <type>array</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_SET_INITIAL_ATTRIBUTES_FLAGS" _delta="define">
-      <description>Set object initial attributes flags. Call cmdbAbstractObject::AddInitialAttributeFlags() for all the initial attributes to be set initially.</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The current object</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DOWNLOAD_DOCUMENT" _delta="define">
-      <description>A document has been downloaded from the GUI</description>
-      <sources>
-        <source id="Document">Document</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The object containing the document</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="document">
-          <description>The document downloaded</description>
-          <type>ormDocument</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_LOGIN" _delta="define">
-      <description>Inform the listeners about the connection states</description>
-      <event_data>
-        <event_datum id="code">
-          <description>The login step result code (LoginWebPage::EXIT_CODE_...) </description>
-          <type>integer</type>
-        </event_datum>
-        <event_datum id="state">
-          <description>Current login state (LoginWebPage::LOGIN_STATE_CONNECTED...)</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-  </events>
   <meta>
     <classes>
       <class id="cmdbAbstractObject" _delta="define">

application/datatable.class.inc.php

@@ -3,7 +3,7 @@
 use Combodo\iTop\Renderer\Console\ConsoleBlockRenderer;
 
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2021 Combodo SARL
  *
  * This file is part of iTop.
  *
@@ -19,7 +19,7 @@ use Combodo\iTop\Renderer\Console\ConsoleBlockRenderer;
  *
  * You should have received a copy of the GNU Affero General Public License
  *
- * @deprecated 3.0.0 use Combodo\iTop\Application\UI\Base\Component\DataTable\Datatable
+ * @deprecated since 3.0.0 use Combodo\iTop\Application\UI\Base\Component\DataTable\Datatable
  */
 
 class DataTable
@@ -386,7 +386,7 @@ EOF;
 		if (!$oPage->IsPrintableVersion())
 		{
 			$sMenuTitle = Dict::S('UI:ConfigureThisList');
-			$sHtml = '<div class="itop_popup toolkit_menu" id="tk_'.$this->iListId.'"><ul><li aria-label="'.Dict::S('UI:Menu:Toolkit').'"><i class="fas fa-tools"></i><i class="fas fa-caret-down"></i><ul>';
+			$sHtml = '<div class="itop_popup toolkit_menu" id="tk_'.$this->iListId.'"><ul><li><i class="fas fa-tools"></i><i class="fas fa-caret-down"></i><ul>';
 	
 			$oMenuItem1 = new JSPopupMenuItem('iTop::ConfigureList', $sMenuTitle, "$('#datatable_dlg_".$this->iListId."').dialog('open');");
 			$aActions = array(

application/errorpage.class.inc.php

@@ -1,8 +1,8 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/ErrorPage.php, now loadable using autoloader
+ * @deprecated  will be removed in 3.1.0 - moved to sources/application/WebPage/ErrorPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/ErrorPage.php, now loadable using autoloader');
+DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/ErrorPage.php, now loadable using autoloader');

application/exceptions/ApplicationException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/ArchivedObjectException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/BulkChangeException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/CSVParserException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/ConfigException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/CoreCannotSaveObjectException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -44,15 +44,15 @@ class CoreCannotSaveObjectException extends CoreException
 	public function getHtmlMessage()
 	{
 		$sTitle = Dict::S('UI:Error:SaveFailed');
-		$sContent = "<span><strong>".utils::HtmlEntities($sTitle)."</strong></span>";
+		$sContent = "<span><strong>{$sTitle}</strong></span>";
 
 		if (count($this->aIssues) == 1) {
 			$sIssue = reset($this->aIssues);
-			$sContent .= "&nbsp;<span>".utils::HtmlEntities($sIssue)."</span>";
+			$sContent .= " <span>{$sIssue}</span>";
 		} else {
 			$sContent .= '<ul>';
 			foreach ($this->aIssues as $sError) {
-				$sContent .= "<li>".utils::HtmlEntities($sError)."</li>";
+				$sContent .= "<li>$sError</li>";
 			}
 			$sContent .= '</ul>';
 		}

application/exceptions/CoreException.php

@@ -1,15 +1,11 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
 class CoreException extends Exception
 {
-	protected $m_sIssue;
-	protected $m_sImpact;
-	protected $m_aContextData;
-
 	/**
 	 * CoreException constructor.
 	 *

application/exceptions/CorePortalInvalidActionRuleException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/CoreTemplateException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/CoreUnexpectedValue.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/CoreWarning.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/DeleteException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/InvalidConfigParamException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/InvalidPasswordAttributeOneWayPassword.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/PageNotFoundException.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/SecurityException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/SynchroExceptionNotStarted.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/UserRightException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/dict/DictException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/dict/DictExceptionMissingString.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/dict/DictExceptionUnknownLanguage.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/iTopXmlException.php

@@ -1,10 +0,0 @@
-<?php
-/*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-class iTopXmlException extends CoreException
-{
-
-}

application/exceptions/mysql/MySQLException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/mysql/MySQLHasGoneAwayException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/mysql/MySQLNoTransactionException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/mysql/MySQLQueryHasNoResultException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/mysql/MySQLTransactionNotClosedException.php

@@ -1,13 +0,0 @@
-<?php
-/*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-/**
- * @since 2.7.8 3.0.3 3.1.0 N°5538
- */
-class MySQLTransactionNotClosedException extends MySQLException
-{
-
-}

application/exceptions/oql/CoreOqlException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/oql/CoreOqlMultipleResultsForbiddenException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/process/ProcessException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/process/ProcessFatalException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/process/ProcessInvalidConfigException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/findstylesheetobject.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2020 Combodo SARL
  *
  * This file is part of iTop.
  *

application/forms.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -20,7 +20,7 @@
  * Helper class to build interactive forms to be used either in stand-alone
  * modal dialog or in "property-sheet" panes.
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 class DesignerForm
@@ -60,7 +60,7 @@ class DesignerForm
 		$this->sHierarchySelector = '';
 		$this->StartFieldSet($this->sCurrentFieldSet);
 		$this->bDisplayed = true;
-		$this->aDefaultValues = array();
+		$this->aDefaultvalues = array();
 	}
 	
 	public function AddField(DesignerFormField $oField)
@@ -838,8 +838,7 @@ class DesignerFormField
 	{
 		$sId = $this->oForm->GetFieldId($this->sCode);
 		$sName = $this->oForm->GetFieldName($this->sCode);
-
-		return array('label' => $this->sLabel, 'value' => "<input type=\"text\" id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($this->defaultValue)."\">");
+		return array('label' => $this->sLabel, 'value' => "<input type=\"text\" id=\"$sId\" name=\"$sName\" value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\">");
 	}
 
 	/**
@@ -1013,8 +1012,9 @@ class DesignerTextField extends DesignerFormField
 		$sId = $this->oForm->GetFieldId($this->sCode);
 		
 		$sName = $this->oForm->GetFieldName($this->sCode);
-		if ($this->IsReadOnly()) {
-			$sHtmlValue = "<span>".utils::EscapeHtml($this->defaultValue)."<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($this->defaultValue)."\"/></span>";
+		if ($this->IsReadOnly())
+		{
+			$sHtmlValue = "<span>".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\"/></span>";
 		}
 		else
 		{
@@ -1038,10 +1038,11 @@ $('#$sId').on('change keyup validate', function() { ValidateWithPattern('$sId',
 EOF
 			);
 			$sCSSClasses = '';
-			if (count($this->aCSSClasses) > 0) {
+			if (count($this->aCSSClasses) > 0)
+			{
 				$sCSSClasses = 'class="'.implode(' ', $this->aCSSClasses).'"';
 			}
-			$sHtmlValue = "<input type=\"text\" $sCSSClasses id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($this->defaultValue)."\">";
+			$sHtmlValue = "<input type=\"text\" $sCSSClasses id=\"$sId\" name=\"$sName\" value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\">";
 		}
 		return array('label' => $this->sLabel, 'value' => $sHtmlValue);
 	}
@@ -1100,9 +1101,10 @@ class DesignerLongTextField extends DesignerTextField
 		{
 			$sCSSClasses = 'class="'.implode(' ', $this->aCSSClasses).'"';
 		}
-		if (!$this->IsReadOnly()) {
+		if (!$this->IsReadOnly())
+		{
 			$oP->add_ready_script(
-				<<<EOF
+<<<EOF
 $('#$sId').on('change keyup validate', function() { ValidateWithPattern('$sId', $sMandatory, '$sPattern',  $(this).closest('form').attr('id'), $sForbiddenValues); } );
 {
 	var myTimer = null;
@@ -1110,10 +1112,11 @@ $('#$sId').on('change keyup validate', function() { ValidateWithPattern('$sId',
 }
 EOF
 			);
-			$sValue = "<textarea $sCSSClasses id=\"$sId\" name=\"$sName\">".utils::EscapeHtml($this->defaultValue)."</textarea>";
+			$sValue = "<textarea $sCSSClasses id=\"$sId\" name=\"$sName\">".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."</textarea>";
 		}
-		else {
-			$sValue = "<div $sCSSClasses id=\"$sId\">".utils::EscapeHtml($this->defaultValue)."</div>";
+		else
+		{
+			$sValue = "<div $sCSSClasses id=\"$sId\">".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."</div>";
 		}
 		return array('label' => $this->sLabel, 'value' => $sValue);
 	}
@@ -1142,8 +1145,9 @@ class DesignerIntegerField extends DesignerFormField
 		$sId = $this->oForm->GetFieldId($this->sCode);
 		
 		$sName = $this->oForm->GetFieldName($this->sCode);
-		if ($this->IsReadOnly()) {
-			$sHtmlValue = "<span>".utils::EscapeHtml($this->defaultValue)."<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($this->defaultValue)."\"/></span>";
+		if ($this->IsReadOnly())
+		{
+			$sHtmlValue = "<span>".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\"/></span>";
 		}
 		else
 		{
@@ -1160,10 +1164,11 @@ $('#$sId').on('change keyup validate', function() { ValidateInteger('$sId', $sMa
 EOF
 			);
 			$sCSSClasses = '';
-			if (count($this->aCSSClasses) > 0) {
+			if (count($this->aCSSClasses) > 0)
+			{
 				$sCSSClasses = 'class="'.implode(' ', $this->aCSSClasses).'"';
 			}
-			$sHtmlValue = "<input type=\"text\" $sCSSClasses id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($this->defaultValue)."\">";
+			$sHtmlValue = "<input type=\"text\" $sCSSClasses id=\"$sId\" name=\"$sName\" value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\">";
 		}
 		return array('label' => $this->sLabel, 'value' => $sHtmlValue);
 	}
@@ -1267,7 +1272,7 @@ class DesignerComboField extends DesignerFormField
 		$sChecked = $this->defaultValue ? 'checked' : '';
 		$sMandatory = $this->bMandatory ? 'true' :  'false';
 		$sReadOnly = $this->IsReadOnly() ? 'disabled="disabled"' :  '';
-		if ($this->IsSorted() )
+		if ($this->IsSorted())
 		{
 			asort($this->aAllowedValues);
 		}
@@ -1284,18 +1289,22 @@ class DesignerComboField extends DesignerFormField
 			{
 				if ($this->bMultipleSelection)
 				{
-					if(in_array($sKey, $this->defaultValue)) {
+					if(in_array($sKey, $this->defaultValue))
+					{
 						$aSelected[] = $sDisplayValue;
-						$aHiddenValues[] = "<input type=\"hidden\" name=\"{$sName}[]\" value=\"".utils::EscapeHtml($sKey)."\"/>";
+						$aHiddenValues[] = "<input type=\"hidden\" name=\"{$sName}[]\" value=\"".htmlentities($sKey, ENT_QUOTES, 'UTF-8')."\"/>";
 					}
-				} else {
-					if ($sKey == $this->defaultValue) {
+				}
+				else
+				{
+					if ($sKey == $this->defaultValue)
+					{
 						$aSelected[] = $sDisplayValue;
-						$aHiddenValues[] = "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($sKey)."\"/>";
+						$aHiddenValues[] = "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".htmlentities($sKey, ENT_QUOTES, 'UTF-8')."\"/>";
 					}
 				}
 			}
-			$sHtml = "<span $sCSSClasses>".utils::EscapeHtml(implode(', ', $aSelected)).implode($aHiddenValues)."</span>";
+			$sHtml = "<span $sCSSClasses>".htmlentities(implode(', ', $aSelected), ENT_QUOTES, 'UTF-8').implode($aHiddenValues)."</span>";
 		}
 		else
 		{
@@ -1311,15 +1320,19 @@ class DesignerComboField extends DesignerFormField
 					$sHtml .= "<option value=\"\">".$this->sNullLabel."</option>";
 				}
 			}
-			foreach ($this->aAllowedValues as $sKey => $sDisplayValue) {
-				if ($this->bMultipleSelection) {
+			foreach($this->aAllowedValues as $sKey => $sDisplayValue)
+			{
+				if ($this->bMultipleSelection)
+				{
 					$sSelected = in_array($sKey, $this->defaultValue) ? 'selected' : '';
-				} else {
+				}
+				else
+				{
 					$sSelected = ($sKey == $this->defaultValue) ? 'selected' : '';
 				}
 				// Quick and dirty: display the menu parents as a tree
-				$sHtmlValue = str_replace(' ', '&nbsp;', $sDisplayValue);
-				$sHtml .= "<option value=\"".utils::EscapeHtml($sKey)."\" $sSelected>$sHtmlValue</option>";
+				$sHtmlValue = str_replace(' ', '&nbsp;', htmlentities($sDisplayValue, ENT_QUOTES, 'UTF-8'));
+				$sHtml .= "<option value=\"".htmlentities($sKey, ENT_QUOTES, 'UTF-8')."\" $sSelected>$sHtmlValue</option>";
 			}
 			$sHtml .= "</select></span>";
 			if ($this->bOtherChoices)
@@ -1370,9 +1383,10 @@ class DesignerBooleanField extends DesignerFormField
 		$sId = $this->oForm->GetFieldId($this->sCode);
 		$sName = $this->oForm->GetFieldName($this->sCode);
 		$sChecked = $this->defaultValue ? 'checked' : '';
-		if ($this->IsReadOnly()) {
+		if ($this->IsReadOnly())
+		{
 			$sLabel = $this->defaultValue ? Dict::S('UI:UserManagement:ActionAllowed:Yes') : Dict::S('UI:UserManagement:ActionAllowed:No'); //TODO use our own yes/no translations
-			$sHtmlValue = "<span>".utils::EscapeHtml($sLabel)."<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($this->defaultValue)."\"/></span>";
+			$sHtmlValue = "<span>".htmlentities($sLabel)."<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\"/></span>";
 		}
 		else
 		{
@@ -1440,8 +1454,8 @@ class DesignerHiddenField extends DesignerFormField
 	{
 		$sId = $this->oForm->GetFieldId($this->sCode);
 		$sName = $this->oForm->GetFieldName($this->sCode);
-
-		return array('label' => '', 'value' => "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($this->defaultValue)."\">");
+		$sChecked = $this->defaultValue ? 'checked' : '';
+		return array('label' =>'', 'value' => "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\">");
 	}
 }
 
@@ -1508,7 +1522,7 @@ class DesignerIconSelectionField extends DesignerFormField
 EOF
 			);
 		} else {
-			$sValue = '<span style="display:inline-block;line-height:48px;height:48px;"><span><img style="vertical-align:middle" src="'.$this->aAllowedValues[$idx]['icon'].'" />&nbsp;'.utils::EscapeHtml($this->aAllowedValues[$idx]['label']).'</span></span>';
+			$sValue = '<span style="display:inline-block;line-height:48px;height:48px;"><span><img style="vertical-align:middle" src="'.$this->aAllowedValues[$idx]['icon'].'" />&nbsp;'.htmlentities($this->aAllowedValues[$idx]['label'], ENT_QUOTES, 'UTF-8').'</span></span>';
 		}
 		$sReadOnly = $this->IsReadOnly() ? 'disabled' : '';
 		return array('label' => $this->sLabel, 'value' => $sValue);
@@ -1655,14 +1669,14 @@ class DesignerSortableField extends DesignerFormField
 		$sId = $this->oForm->GetFieldId($this->sCode);
 		$sName = $this->oForm->GetFieldName($this->sCode);
 		$sReadOnly = $this->IsReadOnly() ? 'readonly="readonly"' : '';
-		$aResult = array('label' => $this->sLabel, 'value' => "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" $sReadOnly value=\"".utils::EscapeHtml($this->defaultValue)."\">");
-
+		$aResult = array('label' => $this->sLabel, 'value' => "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" $sReadOnly value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\">");
+		
 
 		$sJSFields = json_encode(array_keys($this->aAllowedValues));
 		$oP->add_ready_script(
 			"$('#$sId').sortable_field({aAvailableFields: $sJSFields});"
 		);
-
+		
 		return $aResult;
 	}
 }
@@ -1751,8 +1765,8 @@ class DesignerFormSelectorField extends DesignerFormField
 			foreach ($this->aSubForms as $iKey => $aFormData) {
 				if ($iKey == $this->defaultValue) // Default value is actually the index
 				{
-					$sDisplayValue = utils::EscapeHtml($aFormData['label']);
-					$sHiddenValue = "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($iKey)."\"/>";
+					$sDisplayValue = htmlentities($aFormData['label'], ENT_QUOTES, 'UTF-8');
+					$sHiddenValue = "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".htmlentities($iKey, ENT_QUOTES, 'UTF-8')."\"/>";
 					break;
 				}
 			}
@@ -1760,8 +1774,8 @@ class DesignerFormSelectorField extends DesignerFormField
 		} else {
 			$sHtml = "<span class=\"ibo-input-select-wrapper\"><select $sCSSClasses id=\"$sId\" name=\"$sName\" $sReadOnly>";
 			foreach ($this->aSubForms as $iKey => $aFormData) {
-				$sDisplayValue = utils::EscapeHtml($aFormData['label']);
-				$sValue = utils::EscapeHtml($aFormData['value']);
+				$sDisplayValue = htmlentities($aFormData['label'], ENT_QUOTES, 'UTF-8');
+				$sValue = htmlentities($aFormData['value'], ENT_QUOTES, 'UTF-8');
 				$sSelected = ($iKey == $this->defaultValue) ? 'selected' : '';
 				$sHtml .= "<option data-value=\"$sValue\" value=\"$iKey\" $sSelected>".$sDisplayValue."</option>";
 			}

application/iotask.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -20,7 +20,7 @@
 /**
  * Persistent class InputOutputTask
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/itopwebpage.class.inc.php

@@ -1,9 +1,9 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/iTopWebPage.php, now loadable using autoloader
+ * @deprecated  will be removed in 3.1.0 - moved to sources/application/WebPage/iTopWebPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
 // cannot notify depreciation for now as this is still MASSIVELY used in iTop core !
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/iTopWebPage.php, now loadable using autoloader');
+//DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/iTopWebPage.php, now loadable using autoloader');

application/itopwizardwebpage.class.inc.php

@@ -1,8 +1,8 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/iTopWizardWebPage.php, now loadable using autoloader
+ * @deprecated  will be removed in 3.1.0 - moved to sources/application/WebPage/iTopWizardWebPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/iTopWizardWebPage.php, now loadable using autoloader');
+DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/iTopWizardWebPage.php, now loadable using autoloader');

application/loginbasic.class.inc.php

@@ -5,7 +5,7 @@ use Combodo\iTop\Application\Helper\Session;
 /**
  * Class LoginBasic
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -62,7 +62,6 @@ class LoginBasic extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
-			Session::Set('auth_user', $sAuthUser);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -71,7 +70,8 @@ class LoginBasic extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'basic')
 		{
-			LoginWebPage::OnLoginSuccess(Session::Get('auth_user'), 'internal', Session::Get('login_mode'));
+			list($sAuthUser) = $this->GetAuthUserAndPassword();
+			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', Session::Get('login_mode'));
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -80,11 +80,6 @@ class LoginBasic extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'basic')
 		{
-            $iOnExit = LoginWebPage::getIOnExit();
-            if ($iOnExit === LoginWebPage::EXIT_RETURN)
-            {
-                return LoginWebPage::LOGIN_FSM_RETURN; // Error, exit FSM
-            }
 			LoginWebPage::HTTP401Error();
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;

application/logindefault.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -79,7 +79,7 @@ class LoginDefaultAfter extends AbstractLoginFSMExtension implements iLogoutExte
 	{
 		self::ResetLoginSession();
 		$iOnExit = LoginWebPage::getIOnExit();
-		if ($iOnExit === LoginWebPage::EXIT_RETURN)
+		if ($iOnExit == LoginWebPage::EXIT_RETURN)
 		{
 			return LoginWebPage::LOGIN_FSM_RETURN; // Error, exit FSM
 		}
@@ -95,12 +95,6 @@ class LoginDefaultAfter extends AbstractLoginFSMExtension implements iLogoutExte
 	{
 		if (!Session::IsSet('login_mode'))
 		{
-            // N°6358 - if EXIT_RETURN was asked, send an error
-            if (LoginWebPage::getIOnExit() === LoginWebPage::EXIT_RETURN) {
-                $iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
-                return LoginWebPage::LOGIN_FSM_ERROR;
-            }
-
 			// If no plugin validated the user, exit
 			self::ResetLoginSession();
 			exit();

application/loginexternal.class.inc.php

@@ -5,7 +5,7 @@ use Combodo\iTop\Application\Helper\Session;
 /**
  * Class LoginExternal
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -45,7 +45,6 @@ class LoginExternal extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
-			Session::Set('auth_user', $sAuthUser);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -54,7 +53,8 @@ class LoginExternal extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'external')
 		{
-			LoginWebPage::OnLoginSuccess(Session::Get('auth_user'), 'external', Session::Get('login_mode'));
+			$sAuthUser = $this->GetAuthUser();
+			LoginWebPage::OnLoginSuccess($sAuthUser, 'external', Session::Get('login_mode'));
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -73,11 +73,6 @@ class LoginExternal extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'external')
 		{
-            $iOnExit = LoginWebPage::getIOnExit();
-            if ($iOnExit === LoginWebPage::EXIT_RETURN)
-            {
-                return LoginWebPage::LOGIN_FSM_RETURN; // Error, exit FSM
-            }
 			LoginWebPage::HTTP401Error();
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
@@ -93,4 +88,4 @@ class LoginExternal extends AbstractLoginFSMExtension
 		/** @var string $sAuthUser */
 		return $sAuthUser; // Retrieve the value
 	}
-}
+}

application/loginform.class.inc.php

@@ -1,7 +1,7 @@
 <?php
 
 /**
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -44,10 +44,6 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension
 					exit;
 				}
 
-                if (LoginWebPage::getIOnExit() === LoginWebPage::EXIT_RETURN) {
-                    return LoginWebPage::LOGIN_FSM_CONTINUE;
-                }
-
 				// No credentials yet, display the form
 				$oPage = LoginWebPage::NewLoginWebPage();
 				$oPage->DisplayLoginForm($this->bForceFormOnError);
@@ -75,7 +71,6 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
-			Session::Set('auth_user', $sAuthUser);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -87,8 +82,17 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension
 	{
 		if (Session::Get('login_mode') == 'form')
 		{
+			if (Session::IsSet('auth_user'))
+			{
+				// If FSM reenter this state (example 2FA) then the auth_user is not resubmitted
+				$sAuthUser = Session::Get('auth_user');
+			}
+			else
+			{
+				$sAuthUser = utils::ReadPostedParam('auth_user', '', 'raw_data');
+			}
 			// Store 'auth_user' in session for further use
-			LoginWebPage::OnLoginSuccess(Session::Get('auth_user'), 'internal', Session::Get('login_mode'));
+			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', Session::Get('login_mode'));
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}

application/logintwig.class.inc.php

@@ -2,16 +2,13 @@
 
 /**
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
 
 use Combodo\iTop\Application\Branding;
-use Combodo\iTop\Application\TwigBase\Twig\Extension;
-use Twig\Environment;
-use Twig\Loader\ChainLoader;
-use Twig\Loader\FilesystemLoader;
+use Combodo\iTop\TwigExtension;
 
 /**
  * Twig context for modules extending the login screen
@@ -220,14 +217,14 @@ class LoginTwigRenderer
 			$sTwigLoaderPath = $oLoginContext->GetTwigLoaderPath();
 			if ($sTwigLoaderPath != null)
 			{
-				$oExtensionLoader = new FilesystemLoader();
+				$oExtensionLoader = new Twig_Loader_Filesystem();
 				$oExtensionLoader->setPaths($sTwigLoaderPath);
 				$aTwigLoaders[] = $oExtensionLoader;
 			}
 			$this->aPostedVars = array_merge($this->aPostedVars, $oLoginContext->GetPostedVars());
 		}
 
-		$oCoreLoader = new FilesystemLoader(array(), APPROOT.'templates');
+		$oCoreLoader = new Twig_Loader_Filesystem(array(), APPROOT.'templates');
 		$aCoreTemplatesPaths = array('pages/login', 'pages/login/password');
 		// Having this path declared after the plugins let the plugins replace the core templates
 		$oCoreLoader->setPaths($aCoreTemplatesPaths);
@@ -235,9 +232,9 @@ class LoginTwigRenderer
 		$oCoreLoader->setPaths($aCoreTemplatesPaths, 'ItopCore');
 		$aTwigLoaders[] = $oCoreLoader;
 
-		$oLoader = new ChainLoader($aTwigLoaders);
-		$this->oTwig = new Environment($oLoader);
-		Extension::RegisterTwigExtensions($this->oTwig);
+		$oLoader = new Twig_Loader_Chain($aTwigLoaders);
+		$this->oTwig = new Twig_Environment($oLoader);
+		TwigExtension::RegisterTwigExtensions($this->oTwig);
 	}
 
 	public function GetDefaultVars()
@@ -309,7 +306,7 @@ class LoginTwigRenderer
 	}
 
 	/**
-	 * @return \Twig\Environment
+	 * @return \Twig_Environment
 	 */
 	public function GetTwig()
 	{

application/loginurl.class.inc.php

@@ -5,7 +5,7 @@ use Combodo\iTop\Application\Helper\Session;
 /**
  * Class LoginURL
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -60,7 +60,6 @@ class LoginURL extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
-			Session::Set('auth_user', $sAuthUser);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -69,7 +68,8 @@ class LoginURL extends AbstractLoginFSMExtension
 	{
 		if (Session::Get('login_mode') == 'url')
 		{
-			LoginWebPage::OnLoginSuccess(Session::Get('auth_user'), 'internal', Session::Get('login_mode'));
+			$sAuthUser = utils::ReadParam('auth_user', '', false, 'raw_data');
+			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', Session::Get('login_mode'));
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -92,4 +92,4 @@ class LoginURL extends AbstractLoginFSMExtension
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
-}
+}

application/loginwebpage.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -20,14 +20,12 @@
 /**
  * Class LoginWebPage
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
 use Combodo\iTop\Application\Branding;
 use Combodo\iTop\Application\Helper\Session;
-use Combodo\iTop\Service\Events\EventData;
-use Combodo\iTop\Service\Events\EventService;
 
 /**
  * Web page used for displaying the login form
@@ -114,7 +112,7 @@ class LoginWebPage extends NiceWebPage
 	 */
 	public static function SynchronizeProfiles(&$oUser, array $aProfiles, $sOrigin)
 	{
-		$oProfilesSet = $oUser->Get('profile_list');
+		$oProfilesSet = $oUser->Get(‘profile_list’);
 		//delete old profiles
 		$aExistingProfiles = [];
 		while ($oProfile = $oProfilesSet->Fetch())
@@ -133,6 +131,10 @@ class LoginWebPage extends NiceWebPage
 		//add profiles not already linked with user
 		foreach ($aProfiles as $iProfileId)
 		{
+			$oLink = new URP_UserProfile();
+			$oLink->Set('profileid', $iProfileId);
+			$oLink->Set('reason', $sOrigin);
+
 			$oProfilesSet->AddItem(MetaModel::NewObject('URP_UserProfile', array('profileid' => $iProfileId, 'reason' => $sOrigin)));
 		}
 		$oUser->Set('profile_list', $oProfilesSet);
@@ -239,7 +241,7 @@ class LoginWebPage extends NiceWebPage
 				}
 
 				// This token allows the user to change the password without knowing the previous one
-				$sToken = bin2hex(random_bytes(32));
+				$sToken = substr(md5(APPROOT.uniqid()), 0, 16);
 				$oUser->Set('reset_pwd_token', $sToken);
 				CMDBObject::SetTrackInfo('Reset password');
 				$oUser->AllowWrite(true);
@@ -391,11 +393,6 @@ class LoginWebPage extends NiceWebPage
 		Session::Unset('can_logoff');
 		Session::Unset('archive_mode');
 		Session::Unset('impersonate_user');
-		Session::Unset('PluginProperties');
-		Session::Unset('UrlMakerClass');
-		Session::Unset('itop_env');
-		Session::Unset('obj_messages');
-		Session::Unset('profile_list');
 		UserRights::_ResetSessionCache();
 		// If it's desired to kill the session, also delete the session cookie.
 		// Note: This will destroy the session, and not just the session data!
@@ -486,13 +483,11 @@ class LoginWebPage extends NiceWebPage
 					$iResponse = $oLoginFSMExtensionInstance->LoginAction($sLoginState, $iErrorCode);
 					if ($iResponse == self::LOGIN_FSM_RETURN)
 					{
-						EventService::FireEvent(new EventData(EVENT_LOGIN, null, ['code' => $iErrorCode, 'state' => $sLoginState]));
 						Session::WriteClose();
 						return $iErrorCode; // Asked to exit FSM, generally login OK
 					}
 					if ($iResponse == self::LOGIN_FSM_ERROR)
 					{
-						EventService::FireEvent(new EventData(EVENT_LOGIN, null, ['code' => $iErrorCode, 'state' => $sLoginState]));
 						$sLoginState = self::LOGIN_STATE_SET_ERROR; // Next state will be error
 						// An error was detected, skip the other plugins turn
 						break;
@@ -506,7 +501,6 @@ class LoginWebPage extends NiceWebPage
 			}
 			catch (Exception $e)
 			{
-				EventService::FireEvent(new EventData(EVENT_LOGIN, null, ['state' => $_SESSION['login_state']]));
 				IssueLog::Error($e->getTraceAsString());
 				static::ResetSession();
 				die($e->getMessage());

application/maintenancemsg.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2021 Combodo SARL
  *
  * This file is part of iTop.
  *

application/menunode.class.inc.php

@@ -1,10 +1,12 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
 use Combodo\iTop\Application\Helper\WebResourcesHelper;
+use Combodo\iTop\Application\UI\Base\Component\Title\Title;
+use Combodo\iTop\Application\UI\Base\Component\Title\TitleUIBlockFactory;
 
 require_once(APPROOT.'/application/utils.inc.php');
 require_once(APPROOT.'/application/template.class.inc.php');
@@ -265,14 +267,6 @@ class ApplicationMenu
 			/** @var \MenuGroup $oMenuNode */
 			$oMenuNode = static::GetMenuNode($sMenuGroupIdx);
 
-			if (!($oMenuNode instanceof MenuGroup)) {
-				IssueLog::Error('Menu node was not displayed as a menu group as it is actually not a menu group', LogChannels::CONSOLE, [
-					'menu_node_class' => get_class($oMenuNode),
-					'menu_node_label' => $oMenuNode->GetLabel(),
-				]);
-				continue;
-			}
-
 			$aMenuGroups[] = [
 				'sId' => $oMenuNode->GetMenuID(),
 				'sIconCssClasses' => $oMenuNode->GetDecorationClasses(),
@@ -291,17 +285,7 @@ class ApplicationMenu
 	 * @param string $sMenuGroupIdx
 	 * @param array $aExtraParams
 	 *
-	 * @return array{
-	 *     array{
-	 *        sId: string,
-	 *        sTitle: string,
-	 *        sLabel: string,
-	 *        bHasCount: boolean,
-	 *        sUrl: string,
-	 *        bOpenInNewWindow: boolean,
-	 *        aSubMenuNodes: array
-	 *     }
-	 * } The aSubMenuNodes key contains the same structure recursively
+	 * @return array
 	 * @throws \DictExceptionMissingString
 	 * @throws \Exception
 	 * @since 3.0.0
@@ -330,13 +314,12 @@ class ApplicationMenu
 			}
 
 			$aSubMenuNodes[] = [
-				'sId'              => $oSubMenuNode->GetMenuId(),
-				'sTitle'           => $oSubMenuNode->GetTitle(),
-				'sLabel'           => $oSubMenuNode->GetLabel(),
-				'bHasCount'        => $oSubMenuNode->HasCount(),
-				'sUrl'             => $oSubMenuNode->GetHyperlink($aExtraParams),
+				'sId' => $oSubMenuNode->GetMenuId(),
+				'sTitle' => $oSubMenuNode->GetTitle(),
+				'bHasCount' => $oSubMenuNode->HasCount(),
+				'sUrl' => $oSubMenuNode->GetHyperlink($aExtraParams),
 				'bOpenInNewWindow' => $oSubMenuNode->IsHyperLinkInNewWindow(),
-				'aSubMenuNodes'    => static::GetSubMenuNodes($sSubMenuItemIdx, $aExtraParams),
+				'aSubMenuNodes' => static::GetSubMenuNodes($sSubMenuItemIdx, $aExtraParams),
 			];
 		}
 
@@ -672,7 +655,8 @@ abstract class MenuNode
 		$this->sMenuId = $sMenuId;
 		$this->iParentIndex = $iParentIndex;
 		$this->aReflectionProperties = array();
-		if (utils::IsNotNullOrEmptyString($sEnableClass)) {
+		if (strlen($sEnableClass) > 0)
+		{
 			$this->aReflectionProperties['enable_class'] = $sEnableClass;
 			$this->aReflectionProperties['enable_action'] = $iActionCode;
 			$this->aReflectionProperties['enable_permission'] = $iAllowedResults;
@@ -757,7 +741,7 @@ abstract class MenuNode
 	}
 
 	/**
-	 * @return string The "+" dictionary entry for this menu if exists, otherwise the Title (if we have a parent title, will output parentTitle / currentTitle)
+	 * @return string
 	 */
 	public function GetLabel()
 	{
@@ -769,6 +753,7 @@ abstract class MenuNode
 			} else {
 				$sRet = $this->GetTitle();
 			}
+			//$sRet = $this->GetTitle();
 		}
 		return $sRet;
 	}
@@ -1111,7 +1096,6 @@ class OQLMenuNode extends MenuNode
 	 */
 	public function RenderContent(WebPage $oPage, $aExtraParams = array())
 	{
-		ContextTag::AddContext(ContextTag::TAG_OBJECT_SEARCH);
 		ApplicationMenu::CheckMenuIdEnabled($this->GetMenuId());
 		OQLMenuNode::RenderOQLSearch
 		(

application/newsroomprovider.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //

application/nicewebpage.class.inc.php

@@ -1,8 +1,8 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/NiceWebPage.php, now loadable using autoloader
+ * @deprecated  will be removed in 3.1.0 - moved to sources/application/WebPage/NiceWebPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/NiceWebPage.php, now loadable using autoloader');
+DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/NiceWebPage.php, now loadable using autoloader');

application/pdfpage.class.inc.php

@@ -1,8 +1,8 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/PDFPage.php, now loadable using autoloader
+ * @deprecated  will be removed in 3.1.0 - moved to sources/application/WebPage/PDFPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/PDFPage.php, now loadable using autoloader');
+DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/PDFPage.php, now loadable using autoloader');

application/query.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * Copyright (C) 2010-2023 Combodo SARL
+ * Copyright (C) 2010-2021 Combodo SARL
  *
  * This file is part of iTop.
  *
@@ -18,7 +18,8 @@
  */
 
 use Combodo\iTop\Application\UI\Base\Component\Alert\AlertUIBlockFactory;
-use Combodo\iTop\Application\UI\Base\Component\FieldSet\FieldSetUIBlockFactory;
+use Combodo\iTop\Application\UI\Base\Component\Field\Field;
+use Combodo\iTop\Application\UI\Base\Component\Field\FieldUIBlockFactory;
 use Combodo\iTop\Application\UI\Base\Component\Html\Html;
 use Combodo\iTop\Application\UI\Base\Component\Input\TextArea;
 
@@ -50,7 +51,6 @@ abstract class Query extends cmdbAbstractObject
 			"is_null_allowed" => false,
 			"depends_on" => array(),
 		)));
-
 		MetaModel::Init_AddAttribute(new AttributeText("description", array(
 			"allowed_values" => null,
 			"sql" => "description",
@@ -68,41 +68,6 @@ abstract class Query extends cmdbAbstractObject
 			'display_style' => 'radio_horizontal',
 		)));
 
-		MetaModel::Init_AddAttribute(new AttributeInteger("export_count", array(
-			"allowed_values" => null,
-			"sql" => "export_count",
-			"default_value" => 0,
-			"is_null_allowed" => false,
-			"depends_on" => array(),
-		)));
-
-		MetaModel::Init_AddAttribute(new AttributeDateTime("export_last_date", array(
-			"allowed_values" => null,
-			"sql" => "export_last_date",
-			"default_value" => null,
-			"is_null_allowed" => true,
-			"depends_on" => array(),
-		)));
-
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("export_last_user_id",
-			array(
-				"targetclass"=>'User',
-				"allowed_values"=>null,
-				"sql"=>'user_id',
-				"is_null_allowed"=>true,
-				"depends_on"=>array(),
-				"display_style"=>'select',
-				"always_load_in_tables"=>false,
-				"on_target_delete"=>DEL_SILENT
-			)));
-
-		MetaModel::Init_AddAttribute(new AttributeExternalField("export_last_user_contact",
-			array(
-				"allowed_values"=>null,
-				"extkey_attcode"=> "export_last_user_id",
-				"target_attcode"=>"contactid"
-			)));
-
 		// Display lists
 		MetaModel::Init_SetZListItems('details',
 			array('name', 'is_template', 'description')); // Attributes to be displayed for the complete details
@@ -113,55 +78,6 @@ abstract class Query extends cmdbAbstractObject
 			array('name', 'description', 'is_template')); // Criteria of the default search form
 		// MetaModel::Init_SetZListItems('advanced_search', array('name')); // Criteria of the advanced search form
 	}
-
-
-	/**
-	 * @inheritdoc
-	 *
-	 * @since 3.1.0
-	 */
-	public function GetAttributeFlags($sAttCode, &$aReasons = array(), $sTargetState = '')
-	{
-		// read only attribute
-		if (in_array($sAttCode, ['export_count', 'export_last_date', 'export_last_user_id'])){
-			return OPT_ATT_READONLY;
-		}
-
-		return parent::GetAttributeFlags($sAttCode, $aReasons, $sTargetState);
-	}
-
-
-	/**
-	 * Return export url.
-	 *
-	 * @param array|null $aValues optional values for the query
-	 *
-	 * @return string|null
-	 * @since 3.1.0
-	 */
-	abstract public function GetExportUrl(array $aValues = null) : ?string;
-
-	/**
-	 * Update last export information.
-	 *
-	 * @return void
-	 * @throws \ArchivedObjectException
-	 * @throws \CoreException
-	 * @throws \CoreUnexpectedValue
-	 * @throws \MySQLException
-	 * @since 3.1.0
-	 */
-	public function UpdateLastExportInformation() : void
-	{
-		// last export information
-		$this->Set('export_last_date', date(AttributeDateTime::GetSQLFormat()));
-		$this->Set('export_last_user_id', UserRights::GetUserObject());
-		$this->AllowWrite(true);
-		$this->DBUpdate();
-
-		// increment usage counter
-		$this->DBIncrement('export_count');
-	}
 }
 
 class QueryOQL extends Query
@@ -200,51 +116,13 @@ class QueryOQL extends Query
 
 		// Display lists
 		MetaModel::Init_SetZListItems('details',
-			array(
-				'col:col1' => array('fieldset:Query:baseinfo' => array('name', 'is_template', 'description', 'oql', 'fields')),
-				'col:col2' => array('fieldset:Query:exportInfo' => array('export_count', 'export_last_date', 'export_last_user_id', 'export_last_user_contact'))
-			)
-		); // Attributes to be displayed for the complete details
+			array('name', 'is_template', 'description', 'oql', 'fields')); // Attributes to be displayed for the complete details
 		MetaModel::Init_SetZListItems('list', array('description')); // Attributes to be displayed for a list
 		// Search criteria
 		MetaModel::Init_SetZListItems('standard_search',
 			array('name', 'description', 'is_template', 'fields', 'oql')); // Criteria of the std search form
 	}
 
-	/** @inheritdoc */
-	public function GetExportUrl(array $aValues = null) : ?string
-	{
-		try{
-			// retrieve attributes
-			$sFields = trim($this->Get('fields'));
-			$sOql = $this->Get('oql');
-
-			// construct base url depending on version
-			$bExportV1Recommended = ($sFields == '');
-			if ($bExportV1Recommended) {
-				$sUrl = utils::GetAbsoluteUrlAppRoot().'webservices/export.php?format=spreadsheet&login_mode=basic&query='.$this->GetKey();
-			}
-			else{
-				$sUrl = utils::GetAbsoluteUrlAppRoot().'webservices/export-v2.php?format=spreadsheet&login_mode=basic&date_format='.urlencode((string)AttributeDateTime::GetFormat()).'&query='.$this->GetKey();
-			}
-
-			// search object from OQL
-			$oSearch = DBObjectSearch::FromOQL($sOql);
-
-			// inject parameters
-			$aParameters = $oSearch->GetQueryParams();
-			foreach ($aParameters as $sParam => $val) {
-				$paramValue = ($aValues === null || $aValues[$sParam] === null) ? $sParam : $aValues[$sParam];
-				$sUrl .= '&arg_' . $sParam . '=' . $paramValue;
-			}
-
-			return $sUrl;
-		}
-		catch(Exception $e){
-			return null;
-		}
-	}
-
 	function DisplayBareProperties(WebPage $oPage, $bEditMode = false, $sPrefix = '', $aExtraParams = array())
 	{
 		$aFieldsMap = parent::DisplayBareProperties($oPage, $bEditMode, $sPrefix, $aExtraParams);
@@ -274,11 +152,9 @@ class QueryOQL extends Query
 					$sUrl .= '&arg_'.$sParam.'=["'.$sParam.'"]';
 				}
 
-				// add text area inside field set
-				$oFieldSet = FieldSetUIBlockFactory::MakeStandard(Dict::S('UI:Query:UrlForExcel'));
 				$oTextArea = new TextArea("", $sUrl, null, 80, 3);
-				$oFieldSet->AddSubBlock($oTextArea);
-				$oPage->AddSubBlock($oFieldSet);
+				$oFieldUrl = FieldUIBlockFactory::MakeFromObject(Dict::S('UI:Query:UrlForExcel'), $oTextArea, Field::ENUM_FIELD_LAYOUT_LARGE);
+				$oPage->AddSubBlock($oFieldUrl);
 
 				if (count($aParameters) == 0) {
 					$oBlock = new DisplayBlock($oSearch, 'list');
@@ -302,7 +178,6 @@ class QueryOQL extends Query
 		return $aFieldsMap;
 	}
 
-
 // Rolled back until 'fields' can be properly managed by AttributeQueryAttCodeSet
 //
 //	public function ComputeValues()

application/shortcut.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -22,7 +22,7 @@ use Combodo\iTop\Application\UI\Base\Component\DataTable\DataTableSettings;
  * Persistent class Shortcut and derived
  * Shortcuts of any kind
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/startup.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -17,17 +17,16 @@
 //   along with iTop. If not, see <http://www.gnu.org/licenses/>
 use Combodo\iTop\Application\Helper\Session;
 
-require_once(APPROOT.'core/cmdbobject.class.inc.php');
-require_once(APPROOT.'application/utils.inc.php');
-require_once(APPROOT.'core/contexttag.class.inc.php');
-require_once(APPROOT.'core/kpi.class.inc.php');
-require_once(APPROOT.'setup/setuputils.class.inc.php');
+require_once(APPROOT.'/core/cmdbobject.class.inc.php');
+require_once(APPROOT.'/application/utils.inc.php');
+require_once(APPROOT.'/core/contexttag.class.inc.php');
+require_once(APPROOT.'/core/kpi.class.inc.php');
 
 
 /**
  * File to include to initialize the datamodel in memory
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/template.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2021 Combodo SARL
  *
  * This file is part of iTop.
  *
@@ -229,10 +229,12 @@ class DisplayTemplate
 	static public function UnitTest()
 	{
 		require_once(APPROOT.'/application/startup.inc.php');
+		require_once(APPROOT."/application/itopwebpage.class.inc.php");
 		
 		$sTemplate = '<div class="page_header">
 		<div class="actions_details"><a href="#"><span>Actions</span></a></div>
 		<h1>$class$: <span class="hilite">$name$</span></h1>
+		<itopblock blockclass="HistoryBlock" type="toggle" encoding="text/oql">SELECT CMDBChangeOp WHERE objkey = $id$ AND objclass = \'$class$\'</itopblock>
 		</div>
 		<img src="../../images/connect_to_network.png" style="margin-top:-10px; margin-right:10px; float:right">
 		<itoptabs>
@@ -351,7 +353,7 @@ class ObjectDetailsTemplate extends DisplayTemplate
 							$sTip = '';
 							foreach($aReasons as $aRow)
 							{
-								$sDescription = utils::EscapeHtml($aRow['description']);
+								$sDescription = htmlentities($aRow['description'], ENT_QUOTES, 'UTF-8');
 								$sDescription = str_replace(array("\r\n", "\n"), "<br/>", $sDescription);
 								$sTip .= "<div class='synchro-source'>";
 								$sTip .= "<div class='synchro-source-title'>Synchronized with {$aRow['name']}</div>";
@@ -359,10 +361,10 @@ class ObjectDetailsTemplate extends DisplayTemplate
 							}
 							$oPage->add_ready_script("$('#synchro_$iInputId').qtip( { content: '$sTip', show: 'mouseover', hide: 'mouseout', style: { name: 'dark', tip: 'leftTop' }, position: { corner: { target: 'rightMiddle', tooltip: 'leftTop' }} } );");
 						}
-
+	
 						// Attribute is read-only
 						$sHTMLValue = "<span id=\"field_{$iInputId}\">".$this->m_oObj->GetAsHTML($sAttCode);
-						$sHTMLValue .= '<input type="hidden" id="'.$iInputId.'" name="attr_'.$sAttCode.'" value="'.utils::EscapeHtml($this->m_oObj->Get($sAttCode)).'"/></span>';
+						$sHTMLValue .= '<input type="hidden" id="'.$iInputId.'" name="attr_'.$sAttCode.'" value="'.htmlentities($this->m_oObj->Get($sAttCode), ENT_QUOTES, 'UTF-8').'"/></span>';
 						$aFieldsMap[$sAttCode] = $iInputId;
 						$aParams['this->comments('.$sAttCode.')'] = $sSynchroIcon;
 					}

application/templates/audit_category.html

@@ -1,6 +1,7 @@
 <div class="page_header">
 	<itopblock blockclass="MenuBlock" type="popup" encoding="text/oql" label="Actions">SELECT $class$ WHERE id = $id$</itopblock>
 	<h1>$class$: <span class="hilite">$name$</span></h1>
+	<itopblock blockclass="HistoryBlock" type="toggle" encoding="text/oql">SELECT CMDBChangeOp WHERE objkey = $id$ AND objclass = '$class$'</itopblock>
 </div>
 <img src="../../images/clean.png" style="margin-top:-20px; margin-right:10px; float:right">
 <itopblock blockclass="DisplayBlock" asynchronous="false" type="bare_details" encoding="text/oql">SELECT $class$ WHERE id = $id$</itopblock>

application/themehandler.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2021 Combodo SARL
  *
  * This file is part of iTop.
  *

application/themehandlerservice.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2020 Combodo SARL
  *
  * This file is part of iTop.
  *

application/transaction.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -24,7 +24,7 @@ use Combodo\iTop\Application\Helper\Session;
  * which choice is configured via the parameter 'transaction_storage'
  *  
  * @package     iTop
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 class privUITransaction

application/twigextension.class.inc.php

@@ -4,17 +4,14 @@ namespace Combodo\iTop;
 
 use AttributeDate;
 use AttributeDateTime;
-use DeprecatedCallsLog;
 use Dict;
 use Exception;
 use MetaModel;
-use Twig\Environment;
-use Twig\TwigFilter;
-use Twig\TwigFunction;
+use Twig_Environment;
+use Twig_SimpleFilter;
+use Twig_SimpleFunction;
 use utils;
 
-DeprecatedCallsLog::NotifyDeprecatedFile('instead use sources/Application/TwigBase/Twig/Extension.php, which is loaded by the autoloader');
-
 /**
  * Class TwigExtension
  *
@@ -28,13 +25,13 @@ class TwigExtension
 	 * Registers Twig extensions such as filters or functions.
 	 * It allows us to access some stuff directly in twig.
 	 *
-	 * @param Environment $oTwigEnv
+	 * @param \Twig_Environment $oTwigEnv
 	 */
-	public static function RegisterTwigExtensions(Environment &$oTwigEnv)
+	public static function RegisterTwigExtensions(Twig_Environment &$oTwigEnv)
 	{
 		// Filter to translate a string via the Dict::S function
 		// Usage in twig: {{ 'String:ToTranslate'|dict_s }}
-		$oTwigEnv->addFilter(new TwigFilter('dict_s',
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('dict_s',
 				function ($sStringCode, $sDefault = null, $bUserLanguageOnly = false) {
 					return Dict::S($sStringCode, $sDefault, $bUserLanguageOnly);
 				})
@@ -42,7 +39,7 @@ class TwigExtension
 
 		// Filter to format a string via the Dict::Format function
 		// Usage in twig: {{ 'String:ToTranslate'|dict_format() }}
-		$oTwigEnv->addFilter(new TwigFilter('dict_format',
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('dict_format',
 				function ($sStringCode, $sParam01 = null, $sParam02 = null, $sParam03 = null, $sParam04 = null) {
 					return Dict::Format($sStringCode, $sParam01, $sParam02, $sParam03, $sParam04);
 				})
@@ -51,13 +48,16 @@ class TwigExtension
 		// Filter to format output
 		// example a DateTime is converted to user format
 		// Usage in twig: {{ 'String:ToFormat'|output_format }}
-		$oTwigEnv->addFilter(new TwigFilter('date_format',
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('date_format',
 				function ($sDate) {
-					try {
-						if (preg_match('@^\d\d\d\d-\d\d-\d\d \d\d:\d\d:\d\d$@', trim($sDate))) {
+					try
+					{
+						if (preg_match('@^\d\d\d\d-\d\d-\d\d \d\d:\d\d:\d\d$@', trim($sDate)))
+						{
 							return AttributeDateTime::GetFormat()->Format($sDate);
 						}
-						if (preg_match('@^\d\d\d\d-\d\d-\d\d$@', trim($sDate))) {
+						if (preg_match('@^\d\d\d\d-\d\d-\d\d$@', trim($sDate)))
+						{
 							return AttributeDate::GetFormat()->Format($sDate);
 						}
 					}
@@ -72,7 +72,7 @@ class TwigExtension
 		// Filter to format output
 		// example a DateTime is converted to user format
 		// Usage in twig: {{ 'String:ToFormat'|output_format }}
-		$oTwigEnv->addFilter(new TwigFilter('size_format',
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('size_format',
 				function ($sSize) {
 					return utils::BytesToFriendlyFormat($sSize);
 				})
@@ -80,25 +80,24 @@ class TwigExtension
 
 		// Filter to enable base64 encode/decode
 		// Usage in twig: {{ 'String to encode'|base64_encode }}
-		$oTwigEnv->addFilter(new TwigFilter('base64_encode', 'base64_encode'));
-		$oTwigEnv->addFilter(new TwigFilter('base64_decode', 'base64_decode'));
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('base64_encode', 'base64_encode'));
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('base64_decode', 'base64_decode'));
 
 		// Filter to enable json decode  (encode already exists)
 		// Usage in twig: {{ aSomeArray|json_decode }}
-		$oTwigEnv->addFilter(new TwigFilter('json_decode', function ($sJsonString, $bAssoc = false) {
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('json_decode', function ($sJsonString, $bAssoc = false) {
 				return json_decode($sJsonString, $bAssoc);
 			})
 		);
 
 		// Filter to add itopversion to an url
-		$oTwigEnv->addFilter(new TwigFilter('add_itop_version', function ($sUrl) {
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('add_itop_version', function ($sUrl) {
 			$sUrl = utils::AddParameterToUrl($sUrl, 'itopversion', ITOP_VERSION);
-
 			return $sUrl;
 		}));
 
 		// Filter to add a module's version to an url
-		$oTwigEnv->addFilter(new TwigFilter('add_module_version', function ($sUrl, $sModuleName) {
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('add_module_version', function ($sUrl, $sModuleName) {
 			$sModuleVersion = utils::GetCompiledModuleVersion($sModuleName);
 			$sUrl = utils::AddParameterToUrl($sUrl, 'moduleversion', $sModuleVersion);
 
@@ -107,19 +106,38 @@ class TwigExtension
 
 		// Function to check our current environment
 		// Usage in twig:   {% if is_development_environment() %}
-		$oTwigEnv->addFunction(new TwigFunction('is_development_environment', function () {
+		$oTwigEnv->addFunction(new Twig_SimpleFunction('is_development_environment', function()
+		{
 			return utils::IsDevelopmentEnvironment();
 		}));
 
+		// Function to get configuration parameter
+		// Usage in twig: {{ get_config_parameter('foo') }}
+		$oTwigEnv->addFunction(new Twig_SimpleFunction('get_config_parameter', function($sParamName)
+		{
+			$oConfig = MetaModel::GetConfig();
+			return $oConfig->Get($sParamName);
+		}));
+
+		// Function to get a module setting
+		// Usage in twig: {{ get_module_setting(<MODULE_CODE>, <PROPERTY_CODE> [, <DEFAULT_VALUE>]) }}
+		// since 3.0.0, but see N°4034 for upcoming evolutions in the 3.1
+		$oTwigEnv->addFunction(new Twig_SimpleFunction('get_module_setting', function (string $sModuleCode, string $sPropertyCode, $defaultValue = null) {
+			$oConfig = MetaModel::GetConfig();
+			return $oConfig->GetModuleSetting($sModuleCode, $sPropertyCode, $defaultValue);
+		}));
+
 		// Function to get the URL of a static page in a module
 		// Usage in twig: {{ get_static_page_module_url('itop-my-module', 'path-to-my-page') }}
-		$oTwigEnv->addFunction(new TwigFunction('get_static_page_module_url', function ($sModuleName, $sPage) {
+		$oTwigEnv->addFunction(new Twig_SimpleFunction('get_static_page_module_url', function($sModuleName, $sPage)
+		{
 			return utils::GetAbsoluteUrlModulesRoot().$sModuleName.'/'.$sPage;
 		}));
 
 		// Function to get the URL of a php page in a module
 		// Usage in twig: {{ get_page_module_url('itop-my-module', 'path-to-my-my-page.php') }}
-		$oTwigEnv->addFunction(new TwigFunction('get_page_module_url', function ($sModuleName, $sPage) {
+		$oTwigEnv->addFunction(new Twig_SimpleFunction('get_page_module_url', function($sModuleName, $sPage)
+		{
 			return utils::GetAbsoluteUrlModulePage($sModuleName, $sPage);
 		}));
 	}