Merge remote-tracking branch 'origin/support/2.7' into support/3.0

# Conflicts:
#	approot.inc.php
#	css/css-variables.scss
#	datamodels/2.x/authent-cas/module.authent-cas.php
#	datamodels/2.x/authent-external/module.authent-external.php
#	datamodels/2.x/authent-ldap/module.authent-ldap.php
#	datamodels/2.x/authent-local/module.authent-local.php
#	datamodels/2.x/combodo-db-tools/module.combodo-db-tools.php
#	datamodels/2.x/itop-attachments/module.itop-attachments.php
#	datamodels/2.x/itop-backup/module.itop-backup.php
#	datamodels/2.x/itop-bridge-virtualization-storage/module.itop-bridge-virtualization-storage.php
#	datamodels/2.x/itop-change-mgmt-itil/module.itop-change-mgmt-itil.php
#	datamodels/2.x/itop-change-mgmt/module.itop-change-mgmt.php
#	datamodels/2.x/itop-config-mgmt/module.itop-config-mgmt.php
#	datamodels/2.x/itop-config/module.itop-config.php
#	datamodels/2.x/itop-core-update/module.itop-core-update.php
#	datamodels/2.x/itop-datacenter-mgmt/module.itop-datacenter-mgmt.php
#	datamodels/2.x/itop-endusers-devices/module.itop-endusers-devices.php
#	datamodels/2.x/itop-files-information/module.itop-files-information.php
#	datamodels/2.x/itop-full-itil/module.itop-full-itil.php
#	datamodels/2.x/itop-hub-connector/module.itop-hub-connector.php
#	datamodels/2.x/itop-incident-mgmt-itil/module.itop-incident-mgmt-itil.php
#	datamodels/2.x/itop-knownerror-mgmt/module.itop-knownerror-mgmt.php
#	datamodels/2.x/itop-oauth-client/module.itop-oauth-client.php
#	datamodels/2.x/itop-portal-base/module.itop-portal-base.php
#	datamodels/2.x/itop-portal/module.itop-portal.php
#	datamodels/2.x/itop-problem-mgmt/module.itop-problem-mgmt.php
#	datamodels/2.x/itop-profiles-itil/module.itop-profiles-itil.php
#	datamodels/2.x/itop-request-mgmt-itil/module.itop-request-mgmt-itil.php
#	datamodels/2.x/itop-request-mgmt/module.itop-request-mgmt.php
#	datamodels/2.x/itop-service-mgmt-provider/module.itop-service-mgmt-provider.php
#	datamodels/2.x/itop-service-mgmt/module.itop-service-mgmt.php
#	datamodels/2.x/itop-sla-computation/module.itop-sla-computation.php
#	datamodels/2.x/itop-storage-mgmt/module.itop-storage-mgmt.php
#	datamodels/2.x/itop-tickets/module.itop-tickets.php
#	datamodels/2.x/itop-virtualization-mgmt/module.itop-virtualization-mgmt.php
#	datamodels/2.x/itop-welcome-itil/module.itop-welcome-itil.php
#	datamodels/2.x/version.xml

.doc/itop-version-history.md

@@ -1,67 +0,0 @@
-# iTop version history
-
-```mermaid
-%%{init: { 'logLevel': 'debug', 'theme': 'base', 'gitGraph': {'showBranches': true,'mainBranchName': 'develop','rotateCommitLabel': true}} }%%
-gitGraph
-    commit id: "2016-07-06" tag: "2.3.0" type: HIGHLIGHT
-    branch support/2.3 order: 900
-    commit id: "2016-07-08" tag: "2.3.1"
-    commit id: "2016-12-22" tag: "2.3.3"
-    commit id: "2017-04-14" tag: "2.3.4"
-    checkout develop
-    commit id: "2017-07-12" tag: "2.4.0-beta" type: REVERSE
-    commit id: "2017-11-16" tag: "2.4.0" type: HIGHLIGHT
-    branch support/2.4 order: 890
-    commit id: "2018-02-14" tag: "2.4.1"
-    checkout develop
-    commit id: "2018-04-25" tag: "2.5.0-beta" type: REVERSE
-    checkout support/2.4
-    commit id: "2018-06-14" tag: "2.4.2"
-    checkout develop
-    commit id: "2018-06-27" tag: "2.5.0" type: HIGHLIGHT
-    branch support/2.5 order: 880
-    checkout develop
-    commit id: "2019-01-09" tag: "2.6.0" type: HIGHLIGHT
-    branch support/2.6 order: 870
-    commit id: "2019-03-28" tag: "2.6.1"
-    checkout develop
-    commit id: "2019-12-18" tag: "2.7.0-beta" type: REVERSE
-    checkout support/2.5
-    commit id: "2020-01-22" tag: "2.5.4"
-    checkout support/2.6
-    commit id: "2020-01-23" tag: "2.6.3"
-    checkout develop
-    commit id: "2020-01-29" tag: "2.7.0-beta2" type: REVERSE
-    commit id: "2020-04-01" tag: "2.7.0-1" type: HIGHLIGHT
-    checkout support/2.6
-    commit id: "2020-04-22" tag: "2.6.4"
-    checkout develop
-    branch support/2.7 order: 860
-    commit id: "2020-06-26" tag: "2.7.1"
-    checkout support/2.7
-    commit id: "2020-12-09" tag: "2.7.3"
-    commit id: "2021-03-31" tag: "2.7.4"
-    checkout develop
-    commit id: "2021-04-06" tag: "3.0.0-beta" type: REVERSE
-    checkout support/2.7
-    commit id: "2021-07-05" tag: "2.7.5"
-    checkout develop
-    commit id: "2021-07-05." tag: "3.0.0-beta2" type: REVERSE
-    checkout support/2.7
-    commit id: "2021-12-17" tag: "2.7.6"
-    checkout develop
-    commit id: "2022-01-04" tag: "3.0.0" type: HIGHLIGHT
-    branch support/3.0 order: 850
-    commit id: "2022-04-08" tag: "3.0.1"
-    checkout support/2.7
-    commit id: "2022-07-11" tag: "2.7.7"
-    checkout support/3.0
-    commit id: "2022-09-12" tag: "3.0.2-1"
-    checkout develop
-    checkout support/2.7
-    commit id: "2022-12-28" tag: "2.7.8"
-    checkout support/3.0
-    commit id: "2023-04-12" tag: "3.0.3"
-```
-
-To learn more, check the [iTop community versions history on the official wiki](https://www.itophub.io/wiki/page?id=latest:release:start).

.github/pull_request_template.md

@@ -0,0 +1,83 @@
+<!--
+
+IMPORTANT: Please follow the guidelines within this PR template before submitting it, it will greatly help us process your PR. 🙏
+
+Any PRs not following the guidelines or with missing information will not be considered.
+
+-->
+
+## Base information
+| Question                                                      | Answer 
+|---------------------------------------------------------------|--------
+| Related to a SourceForge thead / Another PR / Combodo ticket? | <!-- Put the URL -->
+| Type of change?                                               | Bug fix / Enhancement / Translations
+
+
+## Symptom (bug) / Objective (enhancement)
+<!--
+If it's a bug
+  - Explain the symptom in details
+  - If possible put error messages, logs or screenshots (you can paste image directly in this editor).
+
+If it's an enhancement
+  - Describe what is blocking you, what is the objective with as much details as possible.
+  - Add screenshots if it's related to UI.
+-->
+
+
+## Reproduction procedure (bug)
+<!--
+Remove this section only if it's NOT a bug.
+
+Otherwise, explain step by step how to reproduce the issue on a standard iTop Community.
+
+If it requires a custom datamodel, provide the minimal XML delta to reproduce it on a standard iTop Community.
+-->
+
+1. On iTop x.y.z <!-- Put complete iTop version (eg. 3.1.0-2) -->
+2. With PHP x.y.z <!-- Put complete PHP version (eg. 8.1.24) -->
+2. First go there
+2. Then do that
+3. ...
+4. Finally, see that...
+
+
+## Cause (bug)
+<!--
+Remove this section only if it's NOT a bug.
+
+Otherwise, explain what is the cause of the issue (where in the code and why)
+-->
+
+
+## Proposed solution (bug and enhancement)
+<!--
+Explain in details how you are proposing to solve this:
+  - What did you do in the code and why
+  - If you changed something in the UI, put before / after screenshots (you can paste image directly in this editor)
+-->
+
+
+## Checklist before requesting a review
+<!--
+Don't remove these lines, check them once done.
+-->
+- [ ] I have performed a self-review of my code
+- [ ] I have tested all changes I made on an iTop instance
+- [ ] I have added a unit test, otherwise I have explained why I couldn't
+- [ ] Is the PR clear and detailed enough so anyone can understand digging in the code?
+
+## Checklist of things to do before PR is ready to merge
+<!--
+Things that needs to be done in the PR before it can be considered as ready to be merged
+
+Examples:
+- Changes requested in the review
+- Unit test to add
+- Dictionary entries to translate
+- ...
+-->
+
+- [ ] ...
+- [ ] ...
+- [ ] ...

.github/workflows/action.yml

@@ -0,0 +1,16 @@
+name: Add PRs to Combodo PRs Dashboard
+
+on:
+  pull_request_target:
+    types:
+      - opened
+
+jobs:
+  add-to-project:
+    name: Add PR to Combodo Project
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/add-to-project@v1.0.2
+        with:
+          project-url: https://github.com/orgs/Combodo/projects/5
+          github-token: ${{ secrets.PR_AUTOMATICALLY_ADD_TO_PROJECT }}

.gitignore

@@ -37,7 +37,9 @@ tests/*/vendor/*
 
 # iTop extensions
 /extensions/**
+!/extensions/.htaccess
 !/extensions/readme.txt
+!/extensions/web.config
 
 # all logs but listing prevention
 /log/**
@@ -45,8 +47,10 @@ tests/*/vendor/*
 !/log/index.php
 !/log/web.config
 
-# PHPUnit cache file
+# PHPUnit: Cache file, local XML working copies
 /tests/php-unit-tests/.phpunit.result.cache
+/tests/php-unit-tests/phpunit.xml
+/tests/php-unit-tests/postbuild_integration.xml
 
 
 # Jetbrains
@@ -146,10 +150,3 @@ local.properties
 .cache-main
 .scala_dependencies
 .worksheet
-
-# Mac
-.DS_Store
-
-# Windows
-Thumbs.db
-

.make/build/commands/setupCssCompiler.php

@@ -1,7 +1,7 @@
 <?php
 
 /**
- * Copyright (C) 2010-2023 Combodo SARL
+ * Copyright (C) 2010-2021 Combodo SARL
  *
  *   This file is part of iTop.
  *
@@ -27,7 +27,7 @@ $iTopFolder = __DIR__."/../../../";
 require_once("$iTopFolder/approot.inc.php");
 require_once(APPROOT."/application/utils.inc.php");
 
-if (php_sapi_name() !== 'cli')
+if (PHP_SAPI !== 'cli')
 {
 	throw new \Exception('This script can only run from CLI');
 }
@@ -48,4 +48,4 @@ if (!file_exists($sCssFile))
 {
 	fwrite(STDERR, "Failed to compile $sCssFile, exiting.");
 	exit(1);
-}
+}

.make/composer/listOutdated.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2010-2023 Combodo SARL
+ * Copyright (C) 2010-2021 Combodo SARL
  *
  *   This file is part of iTop.
  *
@@ -19,23 +19,16 @@
  *
  */
 
-/**
- * Alias for `composer show -loD`
- * You can also use `composer outdated -D`
- *
- * @link https://getcomposer.org/doc/03-cli.md#show
- */
+$iTopFolder = __DIR__ . "/../../" ;
 
-$iTopFolder = __DIR__."/../../";
-
-require_once("$iTopFolder/approot.inc.php");
+require_once ("$iTopFolder/approot.inc.php");
 $sApproot = APPROOT;
 $aTrace = array();
 
 $aParamsConfig = array(
 	'composer-path' => array(
-		'default' => 'composer',
-	),
+		'default' => 'composer.phar',
+	)
 );
 $aParamsConfigNotFound = array_flip(array_keys($aParamsConfig));
 $aGivenArgs = $argv;

.make/composer/rmDeniedTestDir.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2010-2023 Combodo SARL
+ * Copyright (C) 2010-2021 Combodo SARL
  *
  *   This file is part of iTop.
  *
@@ -26,7 +26,7 @@ $iTopFolder = __DIR__ . "/../../" ;
 require_once ("$iTopFolder/approot.inc.php");
 require_once (APPROOT."/setup/setuputils.class.inc.php");
 
-if  (php_sapi_name() !== 'cli')
+if  (PHP_SAPI !== 'cli')
 {
 	throw new \Exception('This script can only run from CLI');
 }
@@ -70,4 +70,4 @@ if (false === empty($aMissing)) {
 	echo "Some new tests dirs exists !\n"
 		.'  They must be declared either in the allowed or denied list in '.iTopComposer::class." (see N°2651).\n"
 		.'  List of dirs:'."\n".var_export($aMissing, true);
-}
+}

.make/release/update-xml.php

@@ -6,19 +6,11 @@
  * Will update version in the following files :
  *
  * datamodels/2.x/.../datamodel.*.xml
- * application/*.xml
- * core/*.xml
  *
  * Usage :
  * `php .make\release\update-xml.php "1.7"`
- * `php .make\release\update-xml.php`
  *
- * If no parameter provided then the current XML version will be used as target version
- *
- * @since 2.7.0 simple version change using regexp (not doing conversion)
- * @since 3.1.0 N°5405 now does a real conversion
- * @since 3.1.0 N°5633 allow to use without parameter
- * @since 3.1.0 N°5633 add /application and /core XML files
+ * @since 2.7.0
  ******************************************************************************/
 
 
@@ -30,12 +22,10 @@ require_once (__DIR__.DIRECTORY_SEPARATOR.'update.classes.inc.php');
 
 if (count($argv) === 1)
 {
-	echo '/!\ No version passed: assuming target XML version is current XML version ('.ITOP_DESIGN_LATEST_VERSION.")\n";
-	$sVersionLabel = ITOP_DESIGN_LATEST_VERSION;
-} else {
-	$sVersionLabel = $argv[1];
+	echo '/!\ You must pass the new version as parameter';
+	exit(1);
 }
-
+$sVersionLabel = $argv[1];
 if (empty($sVersionLabel))
 {
 	echo 'Version passed as parameter is empty !';

.make/release/update.classes.inc.php

@@ -125,31 +125,16 @@ class iTopVersionFileUpdater extends AbstractSingleFileVersionUpdater
 
 abstract class AbstractGlobFileVersionUpdater extends FileVersionUpdater
 {
-	/** @var array|string glob patterns to seek for files to modify */
-	protected $globPattern;
+	protected $sGlobPattern;
 
-	public function __construct($globPattern)
+	public function __construct($sGlobPattern)
 	{
-		$this->globPattern = $globPattern;
+		$this->sGlobPattern = $sGlobPattern;
 	}
 
 	public function GetFiles()
 	{
-		$aGlobPatterns = (is_array($this->globPattern))
-			? $this->globPattern
-			: [$this->globPattern];
-
-		$aFiles = [];
-		foreach ($aGlobPatterns as $sGlobPattern) {
-			$result = glob($sGlobPattern);
-			if (false === $result) {
-				continue;
-			}
-			/** @noinspection SlowArrayOperationsInLoopInspection */
-			$aFiles = array_merge($aFiles, $result);
-		}
-
-		return $aFiles;
+		return glob($this->sGlobPattern);
 	}
 }
 
@@ -181,11 +166,7 @@ class DatamodelsXmlFiles extends AbstractGlobFileVersionUpdater
 {
 	public function __construct()
 	{
-		parent::__construct([
-			APPROOT.'datamodels/2.x/*/datamodel.*.xml',
-			APPROOT.'application/*.xml',
-			APPROOT.'core/*.xml',
-		]);
+		parent::__construct(APPROOT.'datamodels/2.x/*/datamodel.*.xml');
 	}
 
 	/**
@@ -193,40 +174,10 @@ class DatamodelsXmlFiles extends AbstractGlobFileVersionUpdater
 	 */
 	public function UpdateFileContent($sVersionLabel, $sFileContent, $sFileFullPath)
 	{
-		require_once APPROOT.'setup/itopdesignformat.class.inc.php';
-		$oFileXml = new DOMDocument();
-		/** @noinspection PhpComposerExtensionStubsInspection */
-		libxml_clear_errors();
-		$oFileXml->formatOutput = true;
-		$oFileXml->preserveWhiteSpace = false;
-		$oFileXml->loadXML($sFileContent);
-
-		$oFileItopFormat = new iTopDesignFormat($oFileXml);
-
-		$sDesignVersionToSet = static::GetDesignVersionToSet($oFileItopFormat->GetVersion());
-		if (false === is_null($sDesignVersionToSet)) {
-			// N°5779 if same as target version, we will try to convert from version below
-			$oFileItopFormat->GetITopDesignNode()->setAttribute('version', $sDesignVersionToSet);
-		}
-
-		$bConversionResult = $oFileItopFormat->Convert($sVersionLabel);
-
-		if (false === $bConversionResult) {
-			throw new Exception("Error when converting $sFileFullPath");
-		}
-
-		return $oFileItopFormat->GetXmlAsString();
-	}
-
-	/**
-	 * @return ?string version to use : if file version is same as current version then return previous version, else return null
-	 * @since 3.1.0 N°5779
-	 */
-	protected static function GetDesignVersionToSet($sFileDesignVersion):?string {
-		if ($sFileDesignVersion !== ITOP_DESIGN_LATEST_VERSION) {
-			return null;
-		}
-
-		return iTopDesignFormat::GetPreviousDesignVersion(ITOP_DESIGN_LATEST_VERSION);
+		return preg_replace(
+			'/(<itop_design .* version=")[^"]+(">)/',
+			'${1}'.$sVersionLabel.'${2}',
+			$sFileContent
+		);
 	}
 }

CONTRIBUTING.md

@@ -27,14 +27,11 @@ If you have an idea you're sure would benefit to all of iTop users, you may
 [create a corresponding ticket](https://sourceforge.net/p/itop/tickets/new/) to submit it, but be warned that there are lots of good 
 reasons to refuse such changes.
 
-### 📄 License and copyright
-iTop is distributed under the AGPL-3.0 license (see the [license.txt] file).
+### 📄 License
+iTop is distributed under the AGPL-3.0 license (see the [license.txt] file),
+your code must comply with this license.
 
-The iTop repository is divided in three parts: iTop (mainly PHP/JS/XML sources and dictionaries), images, and third-party libraries.
-Combodo has the copyright on most of the source files in the iTop part of the repository: please do not modify the existing file copyrights.  
-Anyhow, you are encouraged to signal your contribution by the mean of `@author` annotations.
-
-If you want to use another license or keep the code ownership (copyright), you may [create an extension][wiki new ext].
+If you want to use another license, you may [create an extension][wiki new ext].
 
 [license.txt]: https://github.com/Combodo/iTop/blob/develop/license.txt
 [wiki new ext]: https://www.itophub.io/wiki/page?id=latest%3Acustomization%3Astart#by_writing_your_own_extension
@@ -55,26 +52,26 @@ Here are the branches we use and their meaning :
 
 For example, if no version is currently prepared for shipping we could have:
 
-- `develop` containing future 3.1.0 version
-- `support/3.0`: 3.0.x maintenance version
+- `develop` containing future 3.0.0 version
 - `support/2.7`: 2.7.x maintenance version
 - `support/2.6`: 2.6.x maintenance version
+- `support/2.5`: 2.5.x maintenance version
 
-In this example, when 3.1.0-beta is shipped that will become:
+In this example, when 3.0.0-beta is shipped that will become:
 
-- `develop`: future 3.2.0 version
-- `release/3.1.0`: 3.1.0-beta
-- `support/3.0`: 3.0.x maintenance version
+- `develop`: future 3.1.0 version
+- `release/3.0.0`: 3.0.0-beta
 - `support/2.7`: 2.7.x maintenance version
 - `support/2.6`: 2.6.x maintenance version
+- `support/2.5`: 2.5.x maintenance version
 
-And when 3.1.0 final will be out:
+And when 3.0.0 final will be out:
 
-- `develop`: future 3.2.0 version
-- `support/3.1`: 3.1.x maintenance version (will host developments for 3.1.1)
-- `support/3.0`: 3.0.x maintenance version
+- `develop`: future 3.1.0 version
+- `support/3.0`: 3.0.x maintenance version (will host developments for 3.0.1)
 - `support/2.7`: 2.7.x maintenance version
 - `support/2.6`: 2.6.x maintenance version
+- `support/2.5`: 2.5.x maintenance version
 
 Also note that we have a "micro-version" concept : each of those versions have a very small amount of modifications. They are made from
  `support/*` branches as well. For example 2.6.2-1 and 2.6.2-2 were made from the `support/2.6.2` branch. 
@@ -134,20 +131,21 @@ Our tests are located in the `test/` directory, containing a PHPUnit config file
 
 When your code is working, please:
 
-* Squash as much as possible your commits,
-* Rebase your branch on our repo last commit,
-* Create a pull request. _Detailed procedure to work on fork and create PR is available [in GitHub help pages](https://help.github.com/articles/creating-a-pull-request-from-a-fork/)_.
-* Pull request description: mind to add all the information useful to understand why you're suggesting this modification and anything necessary to dive into your work. Especially:
-  - Bugfixes: exact steps to reproduce the bug (given/when/then), description of the bug cause and what solution is implemented 
-  - Enhancements: use cases, implementation details if needed
-* Mind to check the "[Allow edits from maintainers](https://docs.github.com/en/github-ae@latest/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork)" option !
+* squash as much as possible your commits,
+* rebase your branch on our repo last commit,
+* create a pull request.
 
+Detailed procedure to work on fork and create PR is available [in GitHub help pages](https://help.github.com/articles/creating-a-pull-request-from-a-fork/).
 
-## 🙏 We are thankful
+You might check the ["Allow edits from maintainers" PR checkbox][allow_edits_checkbox] to ease review.
 
-We are thankful for all your contributions to the iTop universe! As a thank you gift, we will send stickers to every iTop (& extensions) contributors!
+[allow_edits_checkbox]: https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork#enabling-repository-maintainer-permissions-on-existing-pull-requests
 
-We have one sticker per contribution type. You might get multiple stickers with one contribution though :)
+### 🙏 We are thankful
+
+We are thankful for all your contributions to the iTop universe! As a thank you gift, we will send stickers to every iTop (& extensions) contributors! 
+
+Stickers' design might change from one year to another. For the first year we wanted to try a "craft beer label" look, see examples below: 
 
 * Bug hunter: Fix a bug
 * Translator: Add/update translations
@@ -159,6 +157,4 @@ We have one sticker per contribution type. You might get multiple stickers with
 * Beta tester: Test and give feedback on beta releases
 * Extension developer: Develop and publish an extension
 
-Here is the design of each stickers for year 2022:
-
-![iTop stickers 2022](.doc/contributing-guide/2022.contributing-stickers-side-by-side.png)
+![](.doc/contributing-guide/contributing-stickers-side-by-side.png)

README.md

@@ -3,9 +3,9 @@
 </a></p>
 
 
-iTop stands for IT Operations Portal. It is a complete open source and web-based IT service management platform, including a fully customizable CMDB, a helpdesk system, and a document management tool. It is ITIL compliant and easily customizable and extensible thanks to a high number of add-ons and web services to integrate with your IT.
+iTop stands for IT Operations Portal. It is a complete open source and web based IT service management platform including a fully customizable CMDB, a helpdesk system and a document management tool. It is ITIL compliant and easily customizable and extensible thanks to a high number of adds-on and web services to integrate with your IT.
 
-iTop also offers mass import tools to help you become even more efficient.
+iTop also offers mass import tools to help you being even more efficient.
 
 ## Features
 - Fully configurable [Configuration Management (CMDB)][10]
@@ -40,7 +40,6 @@ iTop also offers mass import tools to help you become even more efficient.
  - [iTop requirements][4]
  - [Documentation][5] covering both iTop and its official extensions
  - [iTop Hub][6] : discover and install extensions !
- - [iTop versions history][7]
 
 
 [1]: https://sourceforge.net/p/itop/discussion/
@@ -49,7 +48,6 @@ iTop also offers mass import tools to help you become even more efficient.
 [4]: https://www.itophub.io/wiki/page?id=latest:install:requirements
 [5]: https://www.itophub.io/wiki
 [6]: https://store.itophub.io/en_US/
-[7]: .doc/itop-version-history.md
 
 [10]: https://www.itophub.io/wiki/page?id=latest%3Adatamodel%3Astart#configuration_management_cmdb
 [11]: https://www.itophub.io/wiki/page?id=latest%3Adatamodel%3Astart#ticketing
@@ -65,7 +63,7 @@ iTop also offers mass import tools to help you become even more efficient.
 
 ## About Us
 
-iTop development is sponsored, led, and supported by [Combodo][0].
+iTop development is sponsored, led and supported by [Combodo][0].
 
 [0]: https://www.combodo.com
 
@@ -100,14 +98,12 @@ We would like to give a special thank you 🤗 to the people from the community
 - Lucas, Jonathan
 - Malik, Remie
 - Mindêllo de Andrade, Lucas (a.k.a [@rokam](https://www.github.com/rokam))
-- Mozart de Oliveira, Eduardo (a.k.a [@eduardomozart](https://github.com/eduardomozart))
 - Raenker, Martin
-- Roháč, Richard (a.k.a [@RohacRichard](https://github.com/RohacRichard))
 - Rosenke, Stephan
-- Rudner, Björn (a.k.a [@rudnerbjoern](https://github.com/rudnerbjoern))
 - Seki, Shoji
 - Shilov, Vladimir
-- Stukalov, Ilya (a.k.a [@ilya](https://www.github.com/ilya)-stukalov)
+- Stukalov, Ilya (a.k.a [@ilya](https://www.github.com/ilya-stukalov))
+- Tarjányi, Csaba (a.k.a [@tacsaby](https://github.com/tacsaby))
 - Tulio, Marco
 - Turrubiates, Miguel
 

SECURITY.md

@@ -18,7 +18,8 @@ to [itop-security@combodo.com](mailto:itop-security@combodo.com).
 
 
 
-## 🔍 Combodo acknowledgment and investigation
+## 📆 Disclosure Policy
+
 Report sent to us will be acknowledged within the week.
 
 Then, a Combodo developer will be assigned to the reported issue and will:
@@ -33,12 +34,3 @@ Then, a Combodo developer will be assigned to the reported issue and will:
 Security issues always take precedence over bug fixes and feature work.
 
 The assignee will keep you informed of the resolution progress, and may ask you for additional information or guidance.
-
-
-## 📆 Disclosure Policy
-Once the fix is done and acknowledged by every stakeholder, it will be included in the next iTop version.  
-Mind we have at least 2 active branches (LTS and STS, see [iTop Community Releases [iTop Documentation]](https://www.itophub.io/wiki/page?id=latest:release:start)) 
-
-The release communications will include the information of the vulnerability fix.
-
-Corresponding GitHub advisories and CVE will be published 3 months after the iTop version release date so that iTop instances can be updated.  

addons/userrights/userrightsmatrix.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -19,7 +19,7 @@
 /**
  * UserRightsMatrix (User management Module)
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -121,6 +121,7 @@ class UserRightsMatrix extends UserRightsAddOnAPI
 	public function CreateAdministrator($sAdminUser, $sAdminPwd, $sLanguage = 'EN US')
 	{
 		// Maybe we should check that no other user with userid == 0 exists
+		CMDBObject::SetTrackInfo('Initialization');
 		$oUser = new UserLocal();
 		$oUser->Set('login', $sAdminUser);
 		$oUser->Set('password', $sAdminPwd);

addons/userrights/userrightsnull.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -20,7 +20,7 @@
  * UserRightsNull
  * User management Module - say Yeah! to everything
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

addons/userrights/userrightsprofile.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -34,15 +34,14 @@ class URP_Profiles extends UserRightsBaseClassGUI
 	{
 		$aParams = array
 		(
-			"category"                   => "addon/userrights,grant_by_profile,filter",
-			"key_type"                   => "autoincrement",
-			"name_attcode"               => "name",
-			"complementary_name_attcode" => array('description'),
-			"state_attcode"              => "",
-			"reconc_keys"                => array(),
-			"db_table"                   => "priv_urp_profiles",
-			"db_key_field"               => "id",
-			"db_finalclass_field"        => "",
+			"category" => "addon/userrights,grant_by_profile,filter",
+			"key_type" => "autoincrement",
+			"name_attcode" => "name",
+			"state_attcode" => "",
+			"reconc_keys" => array(),
+			"db_table" => "priv_urp_profiles",
+			"db_key_field" => "id",
+			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
@@ -125,7 +124,7 @@ class URP_Profiles extends UserRightsBaseClassGUI
 				$bGrant = $oUserRights->GetClassStimulusGrant($this->GetKey(), $sClass, $sStimulusCode);
 				if ($bGrant === true)
 				{
-					$aStimuli[] = '<span title="'.$sStimulusCode.': '.utils::EscapeHtml($oStimulus->GetDescription()).'">'.utils::EscapeHtml($oStimulus->GetLabel()).'</span>';
+					$aStimuli[] = '<span title="'.$sStimulusCode.': '.htmlentities($oStimulus->GetDescription(), ENT_QUOTES, 'UTF-8').'">'.htmlentities($oStimulus->GetLabel(), ENT_QUOTES, 'UTF-8').'</span>';
 				}
 			}
 			$sStimuli = implode(', ', $aStimuli);
@@ -220,37 +219,24 @@ class URP_UserProfile extends UserRightsBaseClassGUI
 	{
 		$aParams = array
 		(
-			"category"            => "addon/userrights,grant_by_profile,filter",
-			"key_type"            => "autoincrement",
-			"name_attcode"        => array("userlogin", "profile"),
-			"state_attcode"       => "",
-			"reconc_keys"         => array(),
-			"db_table"            => "priv_urp_userprofile",
-			"db_key_field"        => "id",
+			"category" => "addon/userrights,grant_by_profile,filter",
+			"key_type" => "autoincrement",
+			"name_attcode" => array("userlogin", "profile"),
+			"state_attcode" => "",
+			"reconc_keys" => array(),
+			"db_table" => "priv_urp_userprofile",
+			"db_key_field" => "id",
 			"db_finalclass_field" => "",
-			"is_link" 			  => true, /** @since 3.1.0 N°6482 */
-			'uniqueness_rules'    => array(
-				'no_duplicate' => array(
-					'attributes'  => array(
-						0 => 'userid',
-						1 => 'profileid',
-					),
-					'filter'      => '',
-					'disabled'    => false,
-					'is_blocking' => true,
-				),
-			),
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("userid", array("targetclass" => "User", "jointype" => "", "allowed_values" => null, "sql" => "userid", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("userlogin", array("allowed_values" => null, "extkey_attcode" => 'userid', "target_attcode" => "login")));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("userid", array("targetclass"=>"User", "jointype"=> "", "allowed_values"=>null, "sql"=>"userid", "is_null_allowed"=>false, "on_target_delete"=>DEL_AUTO, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("userlogin", array("allowed_values"=>null, "extkey_attcode"=> 'userid', "target_attcode"=>"login")));
 
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("profileid",
-			array("targetclass" => "URP_Profiles", "jointype" => "", "allowed_values" => null, "sql" => "profileid", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array(), "allow_target_creation" => false)));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("profile", array("allowed_values" => null, "extkey_attcode" => 'profileid', "target_attcode" => "name")));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("profileid", array("targetclass"=>"URP_Profiles", "jointype"=> "", "allowed_values"=>null, "sql"=>"profileid", "is_null_allowed"=>false, "on_target_delete"=>DEL_AUTO, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("profile", array("allowed_values"=>null, "extkey_attcode"=> 'profileid', "target_attcode"=>"name")));
 
-		MetaModel::Init_AddAttribute(new AttributeString("reason", array("allowed_values" => null, "sql" => "description", "default_value" => null, "is_null_allowed" => true, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeString("reason", array("allowed_values"=>null, "sql"=>"description", "default_value"=>null, "is_null_allowed"=>true, "depends_on"=>array())));
 
 		// Display lists
 		MetaModel::Init_SetZListItems('details', array('userid', 'profileid', 'reason')); // Attributes to be displayed for the complete details
@@ -446,21 +432,29 @@ class UserRightsProfile extends UserRightsAddOnAPI
 		UR_ACTION_BULK_DELETE => 'bd',
 	);
 
+    /**
+     * @var array $aUsersProfilesList Cache of users' profiles. Hash array of user ID => [profile ID => profile friendlyname, profile ID => profile friendlyname, ...]
+     * @since 2.7.10 3.0.4 3.1.1 3.2.0 N°6887
+     */
+	private $aUsersProfilesList = [];
+
 	// Installation: create the very first user
 	public function CreateAdministrator($sAdminUser, $sAdminPwd, $sLanguage = 'EN US')
 	{
-		CMDBObject::SetCurrentChangeFromParams('Initialization create administrator');
+		CMDBObject::SetTrackInfo('Initialization');
 
 		$iContactId = 0;
 		// Support drastic data model changes: no organization class (or not writable)!
-		if (MetaModel::IsValidClass('Organization') && !MetaModel::IsAbstract('Organization')) {
+		if (MetaModel::IsValidClass('Organization') && !MetaModel::IsAbstract('Organization'))
+		{
 			$oOrg = MetaModel::NewObject('Organization');
 			$oOrg->Set('name', 'My Company/Department');
 			$oOrg->Set('code', 'SOMECODE');
 			$iOrgId = $oOrg->DBInsertNoReload();
 
 			// Support drastic data model changes: no Person class  (or not writable)!
-			if (MetaModel::IsValidClass('Person') && !MetaModel::IsAbstract('Person')) {
+			if (MetaModel::IsValidClass('Person') && !MetaModel::IsAbstract('Person'))
+			{
 				$oContact = MetaModel::NewObject('Person');
 				$oContact->Set('name', 'My last name');
 				$oContact->Set('first_name', 'My first name');
@@ -502,6 +496,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
 	}
 
 	protected $m_aUserOrgs = array(); // userid -> array of orgid
+	protected $m_aAdministrators = null; // [user id]
 
 	// Built on demand, could be optimized if necessary (doing a query for each attribute that needs to be read)
 	protected $m_aObjectActionGrants = array();
@@ -558,6 +553,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
 
 		// Cache
 		$this->m_aObjectActionGrants = array();
+		$this->m_aAdministrators = null;
 	}
 
 	public function LoadCache()
@@ -700,12 +696,10 @@ class UserRightsProfile extends UserRightsAddOnAPI
 	 */
 	private function GetAdministrators()
 	{
-		static $aAdministrators = null;
-
-		if ($aAdministrators === null)
+		if ($this->m_aAdministrators === null)
 		{
 			// Find all administrators
-			$aAdministrators = array();
+			$this->m_aAdministrators = array();
 			$oAdministratorsFilter = new DBObjectSearch('User');
 			$oLnkFilter = new DBObjectSearch('URP_UserProfile');
 			$oExpression = new FieldExpression('profileid', 'URP_UserProfile');
@@ -718,10 +712,10 @@ class UserRightsProfile extends UserRightsAddOnAPI
 			$oSet->OptimizeColumnLoad(array('User' => array('login')));
 			while($oUser = $oSet->Fetch())
 			{
-				$aAdministrators[] = $oUser->GetKey();
+				$this->m_aAdministrators[] = $oUser->GetKey();
 			}
 		}
-		return $aAdministrators;
+		return $this->m_aAdministrators;
 	}
 
 	/**
@@ -758,8 +752,12 @@ class UserRightsProfile extends UserRightsAddOnAPI
 		$sAction = self::$m_aActionCodes[$iActionCode];
 
 		$bStatus = null;
+        // Cache user's profiles
+		if(false === array_key_exists($iUser, $this->aUsersProfilesList)){
+		     $this->aUsersProfilesList[$iUser] = UserRights::ListProfiles($oUser);
+		}
 		// Call the API of UserRights because it caches the list for us
-		foreach(UserRights::ListProfiles($oUser) as $iProfile => $oProfile)
+		foreach($this->aUsersProfilesList[$iUser] as $iProfile => $oProfile)
 		{
 			$bGrant = $this->GetProfileActionGrant($iProfile, $sClass, $sAction);
 			if (!is_null($bGrant))
@@ -885,11 +883,16 @@ class UserRightsProfile extends UserRightsAddOnAPI
 		// Note: this code is VERY close to the code of IsActionAllowed()
 		$iUser = $oUser->GetKey();
 
+        // Cache user's profiles
+		if(false === array_key_exists($iUser, $this->aUsersProfilesList)){
+			$this->aUsersProfilesList[$iUser] = UserRights::ListProfiles($oUser);
+		}
+
 		// Note: The object set is ignored because it was interesting to optimize for huge data sets
 		//       and acceptable to consider only the root class of the object set
 		$bStatus = null;
 		// Call the API of UserRights because it caches the list for us
-		foreach(UserRights::ListProfiles($oUser) as $iProfile => $oProfile)
+		foreach($this->aUsersProfilesList[$iUser] as $iProfile => $oProfile)
 		{
 			$bGrant = $this->GetClassStimulusGrant($iProfile, $sClass, $sStimulusCode);
 			if (!is_null($bGrant))
@@ -918,8 +921,9 @@ class UserRightsProfile extends UserRightsAddOnAPI
 	}
 
 	/**
-	 * Find out which attribute is corresponding the the dimension 'owner org'
-	 * returns null if no such attribute has been found (no filtering should occur)
+	 * @param string $sClass
+	 * @return string|null Find out which attribute is corresponding the dimension 'owner org'
+	 *                   returns null if no such attribute has been found (no filtering should occur)
 	 */
 	public static function GetOwnerOrganizationAttCode($sClass)
 	{

addons/userrights/userrightsprofile.db.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2021 Combodo SARL
  *
  * This file is part of iTop.
  *
@@ -69,15 +69,14 @@ class URP_Profiles extends UserRightsBaseClassGUI
 	{
 		$aParams = array
 		(
-			"category"                   => "addon/userrights",
-			"key_type"                   => "autoincrement",
-			"name_attcode"               => "name",
-			"complementary_name_attcode" => array('description'),
-			"state_attcode"              => "",
-			"reconc_keys"                => array(),
-			"db_table"                   => "priv_urp_profiles",
-			"db_key_field"               => "id",
-			"db_finalclass_field"        => "",
+			"category" => "addon/userrights",
+			"key_type" => "autoincrement",
+			"name_attcode" => "name",
+			"state_attcode" => "",
+			"reconc_keys" => array(),
+			"db_table" => "priv_urp_profiles",
+			"db_key_field" => "id",
+			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
@@ -279,8 +278,8 @@ class URP_Profiles extends UserRightsBaseClassGUI
 			{
 				$oGrant = $oUserRights->GetClassStimulusGrant($this->GetKey(), $sClass, $sStimulusCode);
 				if (is_object($oGrant) && ($oGrant->Get('permission') == 'yes'))
-				{
-					$aStimuli[] = '<span title="'.$sStimulusCode.': '.utils::EscapeHtml($oStimulus->GetDescription()).'">'.utils::EscapeHtml($oStimulus->GetLabel()).'</span>';
+				{ 
+					$aStimuli[] = '<span title="'.$sStimulusCode.': '.htmlentities($oStimulus->GetDescription(), ENT_QUOTES, 'UTF-8').'">'.htmlentities($oStimulus->GetLabel(), ENT_QUOTES, 'UTF-8').'</span>';
 				}
 			}
 			$sStimuli = implode(', ', $aStimuli);
@@ -326,26 +325,24 @@ class URP_UserProfile extends UserRightsBaseClassGUI
 	{
 		$aParams = array
 		(
-			"category"            => "addon/userrights",
-			"key_type"            => "autoincrement",
-			"name_attcode"        => array("userlogin", "profile"),
-			"state_attcode"       => "",
-			"reconc_keys"         => array(),
-			"db_table"            => "priv_urp_userprofile",
-			"db_key_field"        => "id",
+			"category" => "addon/userrights",
+			"key_type" => "autoincrement",
+			"name_attcode" => array("userlogin", "profile"),
+			"state_attcode" => "",
+			"reconc_keys" => array(),
+			"db_table" => "priv_urp_userprofile",
+			"db_key_field" => "id",
 			"db_finalclass_field" => "",
-			"is_link" 			  => true, /** @since 3.1.0 N°6482 */
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("userid", array("targetclass" => "User", "jointype" => "", "allowed_values" => null, "sql" => "userid", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("userlogin", array("allowed_values" => null, "extkey_attcode" => 'userid', "target_attcode" => "login")));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("userid", array("targetclass"=>"User", "jointype"=> "", "allowed_values"=>null, "sql"=>"userid", "is_null_allowed"=>false, "on_target_delete"=>DEL_AUTO, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("userlogin", array("allowed_values"=>null, "extkey_attcode"=> 'userid', "target_attcode"=>"login")));
 
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("profileid",
-			array("targetclass" => "URP_Profiles", "jointype" => "", "allowed_values" => null, "sql" => "profileid", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array(), "allow_target_creation" => false)));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("profile", array("allowed_values" => null, "extkey_attcode" => 'profileid', "target_attcode" => "name")));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("profileid", array("targetclass"=>"URP_Profiles", "jointype"=> "", "allowed_values"=>null, "sql"=>"profileid", "is_null_allowed"=>false, "on_target_delete"=>DEL_AUTO, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("profile", array("allowed_values"=>null, "extkey_attcode"=> 'profileid', "target_attcode"=>"name")));
 
-		MetaModel::Init_AddAttribute(new AttributeString("reason", array("allowed_values" => null, "sql" => "description", "default_value" => null, "is_null_allowed" => true, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeString("reason", array("allowed_values"=>null, "sql"=>"description", "default_value"=>null, "is_null_allowed"=>true, "depends_on"=>array())));
 
 		// Display lists
 		MetaModel::Init_SetZListItems('details', array('userid', 'profileid', 'reason')); // Attributes to be displayed for the complete details
@@ -511,18 +508,24 @@ class UserRightsProfile extends UserRightsAddOnAPI
 	public function CreateAdministrator($sAdminUser, $sAdminPwd, $sLanguage = 'EN US')
 	{
 		// Create a change to record the history of the User object
-		CMDBObject::SetCurrentChangeFromParams('Initialization : create first user admin profile');
+		/** @var \CMDBChange $oChange */
+		$oChange = MetaModel::NewObject("CMDBChange");
+		$oChange->Set("date", time());
+		$oChange->Set("userinfo", "Initialization");
 
 		$iContactId = 0;
 		// Support drastic data model changes: no organization class (or not writable)!
-		if (MetaModel::IsValidClass('Organization') && !MetaModel::IsAbstract('Organization')) {
+		if (MetaModel::IsValidClass('Organization') && !MetaModel::IsAbstract('Organization'))
+		{
 			$oOrg = MetaModel::NewObject('Organization');
 			$oOrg->Set('name', 'My Company/Department');
 			$oOrg->Set('code', 'SOMECODE');
+			$oOrg::SetCurrentChange($oChange);
 			$iOrgId = $oOrg->DBInsertNoReload();
 
 			// Support drastic data model changes: no Person class  (or not writable)!
-			if (MetaModel::IsValidClass('Person') && !MetaModel::IsAbstract('Person')) {
+			if (MetaModel::IsValidClass('Person') && !MetaModel::IsAbstract('Person'))
+			{
 				$oContact = MetaModel::NewObject('Person');
 				$oContact->Set('name', 'My last name');
 				$oContact->Set('first_name', 'My first name');
@@ -531,6 +534,7 @@ class UserRightsProfile extends UserRightsAddOnAPI
 					$oContact->Set('org_id', $iOrgId);
 				}
 				$oContact->Set('email', 'my.email@foo.org');
+				$oContact::SetCurrentChange($oChange);
 				$iContactId = $oContact->DBInsertNoReload();
 			}
 		}
@@ -539,22 +543,24 @@ class UserRightsProfile extends UserRightsAddOnAPI
 		$oUser = new UserLocal();
 		$oUser->Set('login', $sAdminUser);
 		$oUser->Set('password', $sAdminPwd);
-		if (MetaModel::IsValidAttCode('UserLocal', 'contactid') && ($iContactId != 0)) {
+		if (MetaModel::IsValidAttCode('UserLocal', 'contactid') && ($iContactId != 0))
+		{
 			$oUser->Set('contactid', $iContactId);
 		}
 		$oUser->Set('language', $sLanguage); // Language was chosen during the installation
 
 		// Add this user to the very specific 'admin' profile
 		$oAdminProfile = MetaModel::GetObjectFromOQL("SELECT URP_Profiles WHERE name = :name", array('name' => ADMIN_PROFILE_NAME), true /*all data*/);
-		if (is_object($oAdminProfile)) {
+		if (is_object($oAdminProfile))
+		{
 			$oUserProfile = new URP_UserProfile();
 			$oUserProfile->Set('profileid', $oAdminProfile->GetKey());
 			$oUserProfile->Set('reason', 'By definition, the administrator must have the administrator profile');
 			$oSet = DBObjectSet::FromObject($oUserProfile);
 			$oUser->Set('profile_list', $oSet);
 		}
-		$oUser->DBInsertNoReload();
-
+		$oUser::SetCurrentChange($oChange);
+		$iUserId = $oUser->DBInsertNoReload();
 		return true;
 	}
 
@@ -580,10 +586,10 @@ class UserRightsProfile extends UserRightsAddOnAPI
 	/**
 	 * Read and cache organizations allowed to the given user
 	 *
-	 * @param $oUser
-	 * @param $sClass (not used here but can be used in overloads)
+	 * @param User $oUser
+	 * @param string $sClass (not used here but can be used in overloads)
 	 *
-	 * @return array
+	 * @return array keys of the User allowed org
 	 * @throws \CoreException
 	 * @throws \Exception
 	 */

addons/userrights/userrightsprojection.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2021 Combodo SARL
  *
  * This file is part of iTop.
  *
@@ -50,15 +50,14 @@ class URP_Profiles extends UserRightsBaseClass
 	{
 		$aParams = array
 		(
-			"category"                   => "addon/userrights",
-			"key_type"                   => "autoincrement",
-			"name_attcode"               => "name",
-			"complementary_name_attcode" => array('description'),
-			"state_attcode"              => "",
-			"reconc_keys"                => array(),
-			"db_table"                   => "priv_urp_profiles",
-			"db_key_field"               => "id",
-			"db_finalclass_field"        => "",
+			"category" => "addon/userrights",
+			"key_type" => "autoincrement",
+			"name_attcode" => "name",
+			"state_attcode" => "",
+			"reconc_keys" => array(),
+			"db_table" => "priv_urp_profiles",
+			"db_key_field" => "id",
+			"db_finalclass_field" => "",
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
@@ -111,8 +110,8 @@ class URP_Profiles extends UserRightsBaseClass
 			{
 				$oGrant = $oUserRights->GetClassStimulusGrant($this->GetKey(), $sClass, $sStimulusCode);
 				if (is_object($oGrant) && ($oGrant->Get('permission') == 'yes'))
-				{
-					$aStimuli[] = '<span title="'.$sStimulusCode.': '.utils::EscapeHtml($oStimulus->GetDescription()).'">'.utils::EscapeHtml($oStimulus->GetLabel()).'</span>';
+				{ 
+					$aStimuli[] = '<span title="'.$sStimulusCode.': '.htmlentities($oStimulus->GetDescription(), ENT_QUOTES, 'UTF-8').'">'.htmlentities($oStimulus->GetLabel(), ENT_QUOTES, 'UTF-8').'</span>';
 				}
 			}
 			$sStimuli = implode(', ', $aStimuli);
@@ -269,26 +268,24 @@ class URP_UserProfile extends UserRightsBaseClass
 	{
 		$aParams = array
 		(
-			"category"            => "addon/userrights",
-			"key_type"            => "autoincrement",
-			"name_attcode"        => array("userlogin", "profile"),
-			"state_attcode"       => "",
-			"reconc_keys"         => array(),
-			"db_table"            => "priv_urp_userprofile",
-			"db_key_field"        => "id",
+			"category" => "addon/userrights",
+			"key_type" => "autoincrement",
+			"name_attcode" => array("userlogin", "profile"),
+			"state_attcode" => "",
+			"reconc_keys" => array(),
+			"db_table" => "priv_urp_userprofile",
+			"db_key_field" => "id",
 			"db_finalclass_field" => "",
-			"is_link" 			  => true, /** @since 3.1.0 N°6482 */
 		);
 		MetaModel::Init_Params($aParams);
 		//MetaModel::Init_InheritAttributes();
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("userid", array("targetclass" => "User", "jointype" => "", "allowed_values" => null, "sql" => "userid", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("userlogin", array("allowed_values" => null, "extkey_attcode" => 'userid', "target_attcode" => "login")));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("userid", array("targetclass"=>"User", "jointype"=> "", "allowed_values"=>null, "sql"=>"userid", "is_null_allowed"=>false, "on_target_delete"=>DEL_AUTO, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("userlogin", array("allowed_values"=>null, "extkey_attcode"=> 'userid', "target_attcode"=>"login")));
 
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("profileid",
-			array("targetclass" => "URP_Profiles", "jointype" => "", "allowed_values" => null, "sql" => "profileid", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array(), "allow_target_creation" => false)));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("profile", array("allowed_values" => null, "extkey_attcode" => 'profileid', "target_attcode" => "name")));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("profileid", array("targetclass"=>"URP_Profiles", "jointype"=> "", "allowed_values"=>null, "sql"=>"profileid", "is_null_allowed"=>false, "on_target_delete"=>DEL_AUTO, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("profile", array("allowed_values"=>null, "extkey_attcode"=> 'profileid', "target_attcode"=>"name")));
 
-		MetaModel::Init_AddAttribute(new AttributeString("reason", array("allowed_values" => null, "sql" => "description", "default_value" => null, "is_null_allowed" => true, "depends_on" => array())));
+		MetaModel::Init_AddAttribute(new AttributeString("reason", array("allowed_values"=>null, "sql"=>"description", "default_value"=>null, "is_null_allowed"=>true, "depends_on"=>array())));
 
 		// Display lists
 		MetaModel::Init_SetZListItems('details', array('userid', 'profileid', 'reason')); // Attributes to be displayed for the complete details
@@ -571,11 +568,14 @@ class UserRightsProjection extends UserRightsAddOnAPI
 	public function CreateAdministrator($sAdminUser, $sAdminPwd, $sLanguage = 'EN US')
 	{
 		// Create a change to record the history of the User object
-		CMDBObject::SetCurrentChangeFromParams('Initialization : create first user admin');
+		$oChange = MetaModel::NewObject("CMDBChange");
+		$oChange->Set("date", time());
+		$oChange->Set("userinfo", "Initialization");
 
 		$oOrg = new Organization();
 		$oOrg->Set('name', 'My Company/Department');
 		$oOrg->Set('code', 'SOMECODE');
+		$oOrg::SetCurrentChange($oChange);
 		$iOrgId = $oOrg->DBInsertNoReload();
 
 		$oContact = new Person();
@@ -584,6 +584,7 @@ class UserRightsProjection extends UserRightsAddOnAPI
 		//$oContact->Set('status', 'available');
 		$oContact->Set('org_id', $iOrgId);
 		$oContact->Set('email', 'my.email@foo.org');
+		$oContact::SetCurrentChange($oChange);
 		$iContactId = $oContact->DBInsertNoReload();
 		
 		$oUser = new UserLocal();
@@ -591,6 +592,7 @@ class UserRightsProjection extends UserRightsAddOnAPI
 		$oUser->Set('password', $sAdminPwd);
 		$oUser->Set('contactid', $iContactId);
 		$oUser->Set('language', $sLanguage); // Language was chosen during the installation
+		$oUser::SetCurrentChange($oChange);
 		$iUserId = $oUser->DBInsertNoReload();
 		
 		// Add this user to the very specific 'admin' profile
@@ -598,6 +600,7 @@ class UserRightsProjection extends UserRightsAddOnAPI
 		$oUserProfile->Set('userid', $iUserId);
 		$oUserProfile->Set('profileid', ADMIN_PROFILE_ID);
 		$oUserProfile->Set('reason', 'By definition, the administrator must have the administrator profile');
+		$oUserProfile::SetCurrentChange($oChange);
 		$oUserProfile->DBInsertNoReload();
 		return true;
 	}

application/DBSearchHelper.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/ajaxwebpage.class.inc.php

@@ -1,24 +1,20 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/AjaxPage.php, now loadable using autoloader
+ * @deprecated  3.0.0 will be removed in 3.1.0 - moved to sources/application/WebPage/AjaxPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-// cannot notify depreciation for now as this is still load in autoloader
-//DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/AjaxPage.php, now loadable using autoloader');
+// cannot notify depreciation for now as this is still MASSIVELY used in iTop core !
+//DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/AjaxPage.php, now loadable using autoloader');
 
 /**
  * Class ajax_page
  *
- * @deprecated 3.0.0 will be removed in 3.1.0 - moved to AjaxPage
+ * @deprecated will be removed in 3.1.0 - moved to AjaxPage
  */
 class ajax_page extends AjaxPage
 {
-	function __construct($s_title)
-	{
-		DeprecatedCallsLog::NotifyDeprecatedPhpMethod('ajax_page is deprecated. Please use AjaxPage instead');
-		parent::__construct($s_title);
-	}
+
 }
 

application/application.inc.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -12,7 +12,6 @@ require_once(APPROOT.'/application/applicationcontext.class.inc.php');
 require_once(APPROOT.'/application/cmdbabstract.class.inc.php');
 require_once(APPROOT.'/application/displayblock.class.inc.php');
 require_once(APPROOT.'/application/audit.category.class.inc.php');
-require_once(APPROOT.'/application/audit.domain.class.inc.php');
 require_once(APPROOT.'/application/audit.rule.class.inc.php');
 require_once(APPROOT.'/application/query.class.inc.php');
 require_once(APPROOT.'/setup/moduleinstallation.class.inc.php');

application/applicationcontext.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -20,7 +20,7 @@
 /**
  * Class ApplicationContext
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -224,7 +224,7 @@ class ApplicationContext
 	{
 		$sContext = "";
 		foreach ($this->aValues as $sName => $sValue) {
-			$sContext .= "<input type=\"hidden\" name=\"c[$sName]\" value=\"".utils::EscapeHtml($sValue)."\" />\n";
+			$sContext .= "<input type=\"hidden\" name=\"c[$sName]\" value=\"".htmlentities($sValue, ENT_QUOTES, 'UTF-8')."\" />\n";
 		}
 		return $sContext;
 	}
@@ -238,7 +238,7 @@ class ApplicationContext
 	{
 		$aContextInputBlocks = [];
 		foreach ($this->aValues as $sName => $sValue) {
-			$aContextInputBlocks[] = InputUIBlockFactory::MakeForHidden("c[$sName]", $sValue);
+			$aContextInputBlocks[] = InputUIBlockFactory::MakeForHidden("c[$sName]", htmlentities($sValue, ENT_QUOTES, 'UTF-8'));
 		}
 		return $aContextInputBlocks;
 	}

application/applicationextension.inc.php

@@ -1,7 +1,7 @@
 <?php
 
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2021 Combodo SARL
  *
  * This file is part of iTop.
  *
@@ -29,14 +29,10 @@ require_once(APPROOT.'application/newsroomprovider.class.inc.php');
  * Definition of interfaces that can be implemented to customize iTop.
  * You may implement such interfaces in a module file (e.g. main.mymodule.php)
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- * @since       2.7.0
- */
-
-/**
  * @api
  * @package     LoginExtensibilityAPI
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
  * @since       2.7.0
  */
 interface iLoginExtension
@@ -45,6 +41,7 @@ interface iLoginExtension
 	 * Return the list of supported login modes for this plugin
 	 *
 	 * @api
+	 *
 	 * @return array of supported login modes
 	 */
 	public function ListSupportedLoginModes();
@@ -74,17 +71,8 @@ interface iLoginFSMExtension extends iLoginExtension
 }
 
 /**
- * Login finite state machine
- *
- * Execute the action corresponding to the current login state.
- *
- *  * If a page is displayed, the action must exit at this point
- *  * if LoginWebPage::LOGIN_FSM_RETURN_ERROR is returned $iErrorCode must be set
- *  * if LoginWebPage::LOGIN_FSM_RETURN_OK is returned then the login is OK and terminated
- *  * if LoginWebPage::LOGIN_FSM_RETURN_IGNORE is returned then the FSM will proceed to next plugin or to next state
- *
  * @api
- * @package LoginExtensibilityAPI
+ * @package     LoginExtensibilityAPI
  * @since 2.7.0
  */
 abstract class AbstractLoginFSMExtension implements iLoginFSMExtension
@@ -160,7 +148,7 @@ abstract class AbstractLoginFSMExtension implements iLoginFSMExtension
 	 * This step can be called multiple times by the FSM:
 	 * for example:
 	 * 1 - display login form
-	 * 2 - read the values posted by the user (store that in session)
+	 * 2 - read the values posted by the user
 	 *
 	 * @api
 	 * @param int $iErrorCode (see LoginWebPage::EXIT_CODE_...)
@@ -173,7 +161,7 @@ abstract class AbstractLoginFSMExtension implements iLoginFSMExtension
 	}
 
 	/**
-	 * Control the validity of the data from the session
+	 * Control the validity of the data provided by the user
 	 * Automatic user provisioning can be done here
 	 *
 	 * @api
@@ -233,7 +221,7 @@ abstract class AbstractLoginFSMExtension implements iLoginFSMExtension
 
 /**
  * @api
- * @package LoginExtensibilityAPI
+ * @package     LoginExtensibilityAPI
  * @since 2.7.0
  */
 interface iLogoutExtension extends iLoginExtension
@@ -246,10 +234,8 @@ interface iLogoutExtension extends iLoginExtension
 }
 
 /**
- * Login page extensibility
- *
  * @api
- * @package UIExtensibilityAPI
+ * @package     UIExtensibilityAPI
  * @since 2.7.0
  */
 interface iLoginUIExtension extends iLoginExtension
@@ -335,7 +321,6 @@ abstract class AbstractPreferencesExtension implements iPreferencesExtension
  * A recommended pattern is to cache data by the mean of static members.
  *
  * @api
- * @deprecated  3.1.0 N°4756 use the new event service instead, see {@see DBObject::FireEvent()} method
  * @package     UIExtensibilityAPI
  */
 interface iApplicationUIExtension
@@ -487,7 +472,6 @@ interface iApplicationUIExtension
  * @api
  * @package     UIExtensibilityAPI
  * @since       2.7.0
- * @deprecated
  */
 abstract class AbstractApplicationUIExtension implements iApplicationUIExtension
 {
@@ -554,7 +538,7 @@ abstract class AbstractApplicationUIExtension implements iApplicationUIExtension
 }
 
 /**
- * Implement this interface to perform specific operations when objects are manipulated
+ * Implement this interface to perform specific things when objects are manipulated
  *
  * Note that those methods will be called when objects are manipulated, either in a programmatic way
  * or through the GUI.
@@ -847,6 +831,7 @@ abstract class ApplicationPopupMenuItem
 	 * Constructor
 	 *
 	 * @api
+	 *
 	 * @param string $sUID The unique identifier of this menu in iTop... make sure you pass something unique enough
 	 * @param string $sLabel The display label of the menu (must be localized)
 	 */
@@ -916,7 +901,6 @@ abstract class ApplicationPopupMenuItem
 	/**
 	 * @param $sTooltip
 	 *
-	 * @api
 	 * @since 3.0.0
 	 */
 	public function SetTooltip($sTooltip)
@@ -927,7 +911,6 @@ abstract class ApplicationPopupMenuItem
 	/**
 	 * @return string
 	 *
-	 * @api
 	 * @since 3.0.0
 	 */
 	public function GetTooltip()
@@ -938,7 +921,6 @@ abstract class ApplicationPopupMenuItem
 	/**
 	 * @param $sIconClass
 	 *
-	 * @api
 	 * @since 3.0.0
 	 */
 	public function SetIconClass($sIconClass)
@@ -949,7 +931,6 @@ abstract class ApplicationPopupMenuItem
 	/**
 	 * @return string
 	 *
-	 * @api
 	 * @since 3.0.0
 	 */
 	public function GetIconClass()
@@ -1051,6 +1032,7 @@ class JSPopupMenuItem extends ApplicationPopupMenuItem
 	 * Class for adding an item that triggers some Javascript code
 	 *
 	 * @api
+	 *
 	 * @param string $sUID The unique identifier of this menu in iTop... make sure you pass something unique enough
 	 * @param string $sLabel The display label of the menu (must be localized)
 	 * @param string $sJSCode In case the menu consists in executing some havascript code inside the page, pass it here. If supplied $sURL
@@ -1221,7 +1203,7 @@ interface iPageUIExtension
  * the specified place and can use the passed iTopWebPage object to add javascript or CSS definitions
  *
  * @api
- * @package     BackofficeUIExtensibilityAPI
+ * @package     UIBlockExtensibilityAPI
  * @since 3.0.0
  */
 interface iPageUIBlockExtension
@@ -1229,7 +1211,6 @@ interface iPageUIBlockExtension
 	/**
 	 * Add content to the "admin banner"
 	 *
-	 * @api
 	 * @return iUIBlock|null The Block to add into the page
 	 */
 	public function GetBannerBlock();
@@ -1237,7 +1218,6 @@ interface iPageUIBlockExtension
 	/**
 	 * Add content to the header of the page
 	 *
-	 * @api
 	 * @return iUIBlock|null The Block to add into the page
 	 */
 	public function GetHeaderBlock();
@@ -1245,7 +1225,6 @@ interface iPageUIBlockExtension
 	/**
 	 * Add content to the footer of the page
 	 *
-	 * @api
 	 * @return iUIBlock|null The Block to add into the page
 	 */
 	public function GetFooterBlock();
@@ -1257,7 +1236,7 @@ interface iPageUIBlockExtension
  * @api
  * @package     UIExtensibilityAPI
  * @since       2.7.0
- * @deprecated 3.0.0 use AbstractPageUIBlockExtension instead
+ * @deprecated since 3.0.0 use AbstractPageUIBlockExtension instead
  */
 abstract class AbstractPageUIExtension implements iPageUIExtension
 {
@@ -1338,9 +1317,7 @@ abstract class AbstractPageUIBlockExtension implements iPageUIBlockExtension
 interface iBackofficeLinkedScriptsExtension
 {
 	/**
-	 * Each script will be included using this property
-	 * @api
-	 * @see \iTopWebPage::$a_linked_scripts
+	 * @see \iTopWebPage::$a_linked_scripts Each script will be included using this property
 	 * @return array An array of absolute URLs to the files to include
 	 */
 	public function GetLinkedScriptsAbsUrls(): array;
@@ -1358,7 +1335,6 @@ interface iBackofficeLinkedScriptsExtension
 interface iBackofficeEarlyScriptExtension
 {
 	/**
-	 * @api
 	 * @see \iTopWebPage::$a_early_scripts
 	 * @return string
 	 */
@@ -1376,7 +1352,6 @@ interface iBackofficeEarlyScriptExtension
 interface iBackofficeScriptExtension
 {
 	/**
-	 * @api
 	 * @see \iTopWebPage::$a_scripts
 	 * @return string
 	 */
@@ -1394,7 +1369,6 @@ interface iBackofficeScriptExtension
 interface iBackofficeInitScriptExtension
 {
 	/**
-	 * @api
 	 * @see \iTopWebPage::$a_init_scripts
 	 * @return string
 	 */
@@ -1412,7 +1386,6 @@ interface iBackofficeInitScriptExtension
 interface iBackofficeReadyScriptExtension
 {
 	/**
-	 * @api
 	 * @see \iTopWebPage::$a_ready_scripts
 	 * @return string
 	 */
@@ -1430,7 +1403,6 @@ interface iBackofficeReadyScriptExtension
 interface iBackofficeLinkedStylesheetsExtension
 {
 	/**
-	 * @api
 	 * @see \iTopWebPage::$a_linked_stylesheets
 	 * @return array An array of absolute URLs to the files to include
 	 */
@@ -1448,7 +1420,6 @@ interface iBackofficeLinkedStylesheetsExtension
 interface iBackofficeStyleExtension
 {
 	/**
-	 * @api
 	 * @see \iTopWebPage::$a_styles
 	 * @return string
 	 */
@@ -1466,7 +1437,6 @@ interface iBackofficeStyleExtension
 interface iBackofficeDictEntriesExtension
 {
 	/**
-	 * @api
 	 * @see \iTopWebPage::a_dict_entries
 	 * @return array
 	 */
@@ -1484,7 +1454,6 @@ interface iBackofficeDictEntriesExtension
 interface iBackofficeDictEntriesPrefixesExtension
 {
 	/**
-	 * @api
 	 * @see \iTopWebPage::a_dict_entries_prefixes
 	 * @return array
 	 */
@@ -1643,40 +1612,6 @@ abstract class AbstractPortalUIExtension implements iPortalUIExtension
 	}
 }
 
-/**
- * Implement this interface to register a new field renderer mapping to either:
- * - Add the rendering of a new attribute type
- * - Overload the default rendering of an attribute type
- *
- * @since 3.1.0 N°6041
- *
- * @experimental Form / Field / Renderer should be used in more places in next iTop releases, which may introduce major API changes
- */
-interface iFieldRendererMappingsExtension
-{
-	/**
-	 * @return array {
-	 *              array: {
-	 *                  field: string,
-	 *                  form_renderer: string,
-	 *                  field_renderer: string
-	 *              }
-	 *          }  List of field renderer mapping: FQCN field class, FQCN Form Renderer class, FQCN Field Renderer class
-	 *
-	 * Example:
-	 *
-	 * ```php
-	 * [
-	 *  ['field' => 'FQCN\FieldA', 'form_renderer' => 'Combodo\iTop\Renderer\Console\ConsoleFormRenderer', 'field_renderer' => 'FQCN\FieldRendererA'],
-	 *  ['field' => 'FQCN\FieldB', 'form_renderer' => 'Combodo\iTop\Renderer\Console\ConsoleFormRenderer', 'field_renderer' => 'FQCN\FieldRendererB'],
-	 *  ['field' => 'FQCN\FieldA', 'form_renderer' => 'Combodo\iTop\Renderer\Bootstrap\BsFormRenderer', 'field_renderer' => 'FQCN\FieldRendererA'],
-	 *  ['field' => 'FQCN\FieldB', 'form_renderer' => 'Combodo\iTop\Renderer\Bootstrap\BsFormRenderer', 'field_renderer' => 'FQCN\FieldRendererB'],
-	 * ]
-	 * ```
-	 */
-	public static function RegisterSupportedFields(): array;
-}
-
 /**
  * Implement this interface to add new operations to the REST/JSON web service
  *
@@ -1713,7 +1648,7 @@ interface iRestServiceProvider
  * Minimal REST response structure. Derive this structure to add response data and error codes.
  *
  * @api
- * @package     RESTAPI
+ * @package     RESTExtensibilityAPI
  * @since 2.0.1
  */
 class RestResult
@@ -1789,13 +1724,11 @@ class RestResult
 	}
 
 	/**
-	 * Result code
 	 * @var int
 	 * @api
 	 */
 	public $code;
 	/**
-	 * Result message
 	 * @var string
 	 * @api
 	 */
@@ -1806,7 +1739,7 @@ class RestResult
  * Helpers for implementing REST services
  *
  * @api
- * @package     RESTAPI
+ * @package     RESTExtensibilityAPI
  */
 class RestUtils
 {
@@ -1831,7 +1764,9 @@ class RestUtils
 	 * Read a mandatory parameter from  from a Rest/Json structure.
 	 *
 	 * @api
+	 *
 	 * @param string $sParamName Name of the parameter to fetch from the input data
+	 *
 	 * @param StdClass $oData Structured input data. Must contain the entry defined by sParamName.
 	 *
 	 * @return mixed parameter value if present
@@ -1851,9 +1786,10 @@ class RestUtils
 
 
 	/**
-	 * Read an optional parameter from a Rest/Json structure.
+	 * Read an optional parameter from  from a Rest/Json structure.
 	 *
 	 * @api
+	 *
 	 * @param string $sParamName Name of the parameter to fetch from the input data
 	 * @param mixed $default Default value if the parameter is not found in the input data
 	 *
@@ -1876,10 +1812,12 @@ class RestUtils
 
 
 	/**
-	 * Read a class from a Rest/Json structure.
+	 * Read a class  from a Rest/Json structure.
 	 *
 	 * @api
+	 *
 	 * @param string $sParamName Name of the parameter to fetch from the input data
+	 *
 	 * @param StdClass $oData Structured input data. Must contain the entry defined by sParamName.
 	 *
 	 * @return string
@@ -1901,6 +1839,7 @@ class RestUtils
 	 * Read a list of attribute codes from a Rest/Json structure.
 	 *
 	 * @api
+	 *
 	 * @param StdClass $oData Structured input data.
 	 * @param string $sParamName Name of the parameter to fetch from the input data
 	 *
@@ -2003,12 +1942,15 @@ class RestUtils
 	 * Find an object from a polymorph search specification (Rest/Json)
 	 *
 	 * @api
+	 *
 	 * @param mixed $key Either search criteria (substructure), or an object or an OQL string.
 	 * @param bool $bAllowNullValue Allow the cases such as key = 0 or key = {null} and return null then
 	 * @param string $sClass Name of the class
 	 *
 	 * @return DBObject The object found
 	 * @throws Exception If the input structure is not valid or it could not find exactly one object
+	 *
+	 * @see DBObject::CheckChangedExtKeysValues() generic method to check that we can access the linked object isn't used in that use case because values can be literal, OQL, friendlyname
 	 */
 	public static function FindObjectFromKey($sClass, $key, $bAllowNullValue = false)
 	{
@@ -2095,8 +2037,16 @@ class RestUtils
 		elseif (is_string($key))
 		{
 			// OQL
-			$oSearch = DBObjectSearch::FromOQL($key);
-		}
+            try {
+                $oSearch = DBObjectSearch::FromOQL($key);
+            } catch (Exception $e) {
+                throw new CoreOqlException('Query failed to execute', [
+                        'query' => $key,
+                        'exception_class' => get_class($e),
+                        'exception_message' => $e->getMessage(),
+                ]);
+            }
+        }
 		else
 		{
 			throw new Exception("Wrong format for key");
@@ -2110,6 +2060,7 @@ class RestUtils
 	 * Interpret the Rest/Json value and get a valid attribute value
 	 *
 	 * @api
+	 *
 	 * @param string $sAttCode Attribute code
 	 * @param mixed $value Depending on the type of attribute (a scalar, or search criteria, or list of related objects...)
 	 * @param string $sClass Name of the class
@@ -2176,6 +2127,7 @@ class RestUtils
 	 * Interpret a Rest/Json structure that defines attribute values, and build an object
 	 *
 	 * @api
+	 *
 	 * @param array $aFields A hash of attribute code => value specification.
 	 * @param string $sClass Name of the class
 	 *
@@ -2205,6 +2157,7 @@ class RestUtils
 	 * Interpret a Rest/Json structure that defines attribute values, and update the given object
 	 *
 	 * @api
+	 *
 	 * @param array $aFields A hash of attribute code => value specification.
 	 * @param DBObject $oObject The object being modified
 	 *
@@ -2241,8 +2194,29 @@ class RestUtils
  */
 interface iModuleExtension
 {
-	/**
-	 * @api
-	 */
 	public function __construct();
 }
+
+/**
+ * KPI logging extensibility point
+ *
+ * KPI Logger extension
+ */
+interface iKPILoggerExtension
+{
+    /**
+     * Init the statistics collected
+     *
+     * @return void
+     */
+    public function InitStats();
+
+    /**
+     * Add a new KPI to the stats
+     * 
+     * @param \Combodo\iTop\Core\Kpi\KpiLogData $oKpiLogData
+     *
+     * @return mixed
+     */
+    public function LogOperation($oKpiLogData);
+}

application/audit.category.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -20,9 +20,9 @@
 /**
  * This class manages the audit "categories". Each category defines a set of objects
  * to check and is linked to a set of rules that determine the valid or invalid objects
- * inside the set
+ * inside the set 
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -42,55 +42,19 @@ class AuditCategory extends cmdbAbstractObject
 			"db_table" => "priv_auditcategory",
 			"db_key_field" => "id",
 			"db_finalclass_field" => "",
-			'style' => new ormStyle(null, null, null, null, null, '../images/icons/icons8-audit-folder.svg'),
 		);
 		MetaModel::Init_Params($aParams);
 		MetaModel::Init_AddAttribute(new AttributeString("name", array("description"=>"Short name for this category", "allowed_values"=>null, "sql"=>"name", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
 		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values"=>null, "sql"=>"description", "default_value"=>"", "is_null_allowed"=>true, "depends_on"=>array())));
 		MetaModel::Init_AddAttribute(new AttributeOQL("definition_set", array("allowed_values"=>null, "sql"=>"definition_set", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
 		MetaModel::Init_AddAttribute(new AttributeLinkedSet("rules_list", array("linked_class"=>"AuditRule", "ext_key_to_me"=>"category_id", "allowed_values"=>null, "count_min"=>0, "count_max"=>0, "depends_on"=>array(), "edit_mode" => LINKSET_EDITMODE_INPLACE, "tracking_level" => LINKSET_TRACKING_ALL)));
-		MetaModel::Init_AddAttribute(new AttributeInteger("ok_error_tolerance", array("allowed_values"=>null, "sql"=>"ok_error_tolerance", "default_value"=>5, "is_null_allowed"=>true, "depends_on"=>array())));
-		MetaModel::Init_AddAttribute(new AttributeInteger("warning_error_tolerance", array("allowed_values" => null, "sql" => "warning_error_tolerance", "default_value" => 25, "is_null_allowed" => true, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("domains_list",
-			array("linked_class" => "lnkAuditCategoryToAuditDomain", "ext_key_to_me" => "category_id", "ext_key_to_remote" => "domain_id", "allowed_values" => null, "count_min" => 0, "count_max" => 0, "depends_on" => array(), "display_style" => 'property')));
 
 		// Display lists
-		MetaModel::Init_SetZListItems('details', array('name', 'description', 'definition_set', 'ok_error_tolerance', 'warning_error_tolerance', 'rules_list', 'domains_list')); // Attributes to be displayed for the complete details
+		MetaModel::Init_SetZListItems('details', array('name', 'description', 'definition_set', 'rules_list')); // Attributes to be displayed for the complete details
 		MetaModel::Init_SetZListItems('list', array('description', )); // Attributes to be displayed for a list
 		// Search criteria
 		MetaModel::Init_SetZListItems('standard_search', array('description', 'definition_set')); // Criteria of the std search form
 		MetaModel::Init_SetZListItems('default_search', array('name', 'description')); // Criteria of the default search form
 	}
-
-	/**
-	 * @param int $iTotal
-	 * @param int $iErrors
-	 *
-	 * @return string A semantic color name (eg. red, green, orange, success, failure, ... {@see css/backoffice/utils/variables/colors/_semantic-palette.scss}) to use for this category depending on its error count and tolerance
-	 * @throws \CoreException
-	 *
-	 * @since 3.1.0
-	 */
-	public function GetReportColor($iTotal, $iErrors)
-	{
-		$sResult = 'red';
-		if ( ($iTotal == 0) || ($iErrors / $iTotal) <= ($this->Get('ok_error_tolerance') / 100) ) {
-			$sResult = 'green';
-		} else if (($iErrors / $iTotal) <= ($this->Get('warning_error_tolerance') / 100)) {
-			$sResult = 'orange';
-		}
-
-		return $sResult;
-	}
-
-	public static function GetShortcutActions($sFinalClass)
-	{
-		$aShortcutActions = parent::GetShortcutActions($sFinalClass);
-		if (!in_array('UI:Menu:RunAudit', $aShortcutActions)) {
-			$aShortcutActions[] = 'UI:Menu:RunAudit';
-		}
-
-		return $aShortcutActions;
-	}
 }
 ?>

application/audit.domain.class.inc.php

@@ -1,123 +0,0 @@
-<?php
-// Copyright (C) 2010-2023 Combodo SARL
-//
-//   This file is part of iTop.
-//
-//   iTop is free software; you can redistribute it and/or modify
-//   it under the terms of the GNU Affero General Public License as published by
-//   the Free Software Foundation, either version 3 of the License, or
-//   (at your option) any later version.
-//
-//   iTop is distributed in the hope that it will be useful,
-//   but WITHOUT ANY WARRANTY; without even the implied warranty of
-//   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-//   GNU Affero General Public License for more details.
-//
-//   You should have received a copy of the GNU Affero General Public License
-//   along with iTop. If not, see <http://www.gnu.org/licenses/>
-
-
-/**
- * This class manages the audit "categories". Each category defines a set of objects
- * to check and is linked to a set of rules that determine the valid or invalid objects
- * inside the set
- *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-/**
- * @since 3.1.0
- */
-class AuditDomain extends cmdbAbstractObject
-{
-	public static function Init()
-	{
-		$aParams = array
-		(
-			"category"                   => "application, grant_by_profile",
-			"key_type"                   => "autoincrement",
-			"name_attcode"               => "name",
-			"complementary_name_attcode" => array('description'),
-			"state_attcode"              => "",
-			"reconc_keys"                => array('name'),
-			"db_table"                   => "priv_auditdomain",
-			"db_key_field"               => "id",
-			"db_finalclass_field"        => "",
-			'style'                      => new ormStyle(null, null, null, null, null, '../images/icons/icons8-audit-album.svg'),
-		);
-		MetaModel::Init_Params($aParams);
-		MetaModel::Init_AddAttribute(new AttributeString("name", array("description" => "Short name for this category", "allowed_values" => null, "sql" => "name", "default_value" => "", "is_null_allowed" => false, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values" => null, "sql" => "description", "default_value" => "", "is_null_allowed" => true, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeImage("icon", array("is_null_allowed" => true, "depends_on" => array(), "display_max_width" => 96, "display_max_height" => 96, "storage_max_width" => 256, "storage_max_height" => 256, "default_image" => null, "always_load_in_tables" => false)));
-		MetaModel::Init_AddAttribute(new AttributeLinkedSetIndirect("categories_list",
-			array("linked_class" => "lnkAuditCategoryToAuditDomain", "ext_key_to_me" => "domain_id", "ext_key_to_remote" => "category_id", "allowed_values" => null, "count_min" => 0, "count_max" => 0, "depends_on" => array())));
-
-		// Display lists
-		MetaModel::Init_SetZListItems('details', array('name', 'description', 'icon', 'categories_list')); // Attributes to be displayed for the complete details
-		MetaModel::Init_SetZListItems('list', array('description',)); // Attributes to be displayed for a list
-		// Search criteria
-		MetaModel::Init_SetZListItems('standard_search', array('description')); // Criteria of the std search form
-		MetaModel::Init_SetZListItems('default_search', array('name', 'description')); // Criteria of the default search form
-	}
-
-	public static function GetShortcutActions($sFinalClass)
-	{
-		$aShortcutActions = parent::GetShortcutActions($sFinalClass);
-		if (!in_array('UI:Menu:RunAudit', $aShortcutActions)) {
-			$aShortcutActions[] = 'UI:Menu:RunAudit';
-		}
-
-		return $aShortcutActions;
-	}
-
-}
-
-/**
- * @since 3.1.0
- */
-class lnkAuditCategoryToAuditDomain extends cmdbAbstractObject
-{
-	/**
-	 * @throws \CoreException
-	 * @throws \Exception
-	 */
-	public static function Init()
-	{
-		$aParams = array
-		(
-			"category"            => "application, grant_by_profile",
-			"key_type"            => "autoincrement",
-			"name_attcode"        => "",
-			"state_attcode"       => "",
-			"reconc_keys"         => array('category_id', 'domain_id'),
-			"db_table"            => "priv_link_audit_category_domain",
-			"db_key_field"        => "id",
-			"db_finalclass_field" => "",
-			"is_link"             => true,
-			'uniqueness_rules'    => array(
-				'no_duplicate' => array(
-					'attributes'  => array(
-						0 => 'category_id',
-						1 => 'domain_id',
-					),
-					'filter'      => '',
-					'disabled'    => false,
-					'is_blocking' => true,
-				),
-			),
-		);
-		MetaModel::Init_Params($aParams);
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("category_id", array("targetclass" => "AuditCategory", "jointype" => '', "allowed_values" => null, "sql" => "category_id", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("category_name", array("allowed_values" => null, "extkey_attcode" => 'category_id', "target_attcode" => "name")));
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("domain_id", array("targetclass" => "AuditDomain", "jointype" => '', "allowed_values" => null, "sql" => "domain_id", "is_null_allowed" => false, "on_target_delete" => DEL_AUTO, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("domain_name", array("allowed_values" => null, "extkey_attcode" => 'domain_id', "target_attcode" => "name")));
-
-		// Display lists
-		MetaModel::Init_SetZListItems('details', array('category_id', 'domain_id'));
-		MetaModel::Init_SetZListItems('list', array('category_id', 'domain_id'));
-		// Search criteria
-		MetaModel::Init_SetZListItems('standard_search', array('category_id', 'domain_id'));
-	}
-}
-

application/audit.rule.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -23,7 +23,7 @@
  * or the "bad" ones. The core audit engines computes the complement to the definition
  * set when needed to obtain either the valid objects, or the ones with an error
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -35,23 +35,22 @@ class AuditRule extends cmdbAbstractObject
 	{
 		$aParams = array
 		(
-			"category"            => "application, grant_by_profile",
-			"key_type"            => "autoincrement",
-			"name_attcode"        => "name",
-			"state_attcode"       => "",
-			"reconc_keys"         => array('name'),
-			"db_table"            => "priv_auditrule",
-			"db_key_field"        => "id",
+			"category" => "application, grant_by_profile",
+			"key_type" => "autoincrement",
+			"name_attcode" => "name",
+			"state_attcode" => "",
+			"reconc_keys" => array('name'),
+			"db_table" => "priv_auditrule",
+			"db_key_field" => "id",
 			"db_finalclass_field" => "",
-			'style'               => new ormStyle(null, null, null, null, null, '../images/icons/icons8-audit.svg'),
 		);
 		MetaModel::Init_Params($aParams);
-		MetaModel::Init_AddAttribute(new AttributeString("name", array("allowed_values" => null, "sql" => "name", "default_value" => "", "is_null_allowed" => false, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values" => null, "sql" => "description", "default_value" => "", "is_null_allowed" => true, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeOQL("query", array("allowed_values" => null, "sql" => "query", "default_value" => "", "is_null_allowed" => false, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeEnum("valid_flag", array("allowed_values" => new ValueSetEnum('true,false'), "sql" => "valid_flag", "default_value" => "true", "is_null_allowed" => false, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("category_id", array("allowed_values" => null, "sql" => "category_id", "targetclass" => "AuditCategory", "is_null_allowed" => false, "on_target_delete" => DEL_MANUAL, "depends_on" => array())));
-		MetaModel::Init_AddAttribute(new AttributeExternalField("category_name", array("allowed_values" => null, "extkey_attcode" => 'category_id', "target_attcode" => "name")));
+		MetaModel::Init_AddAttribute(new AttributeString("name", array("allowed_values"=>null, "sql"=>"name", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeString("description", array("allowed_values"=>null, "sql"=>"description", "default_value"=>"", "is_null_allowed"=>true, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeOQL("query", array("allowed_values"=>null, "sql"=>"query", "default_value"=>"", "is_null_allowed"=>false, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeEnum("valid_flag", array("allowed_values"=>new ValueSetEnum('true,false'), "sql"=>"valid_flag", "default_value"=>"true", "is_null_allowed"=>false, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalKey("category_id", array("allowed_values"=>null, "sql"=>"category_id", "targetclass"=>"AuditCategory", "is_null_allowed"=>false, "on_target_delete"=>DEL_MANUAL, "depends_on"=>array())));
+		MetaModel::Init_AddAttribute(new AttributeExternalField("category_name", array("allowed_values"=>null, "extkey_attcode"=> 'category_id', "target_attcode"=>"name")));
 
 		// Display lists
 		MetaModel::Init_SetZListItems('details', array('category_id', 'name', 'description', 'query', 'valid_flag')); // Attributes to be displayed for the complete details
@@ -60,16 +59,5 @@ class AuditRule extends cmdbAbstractObject
 		MetaModel::Init_SetZListItems('standard_search', array('category_id', 'name', 'description', 'valid_flag', 'query')); // Criteria of the std search form
 		MetaModel::Init_SetZListItems('default_search', array('name', 'description', 'category_id')); // Criteria of the advanced search form
 	}
-
-
-	public static function GetShortcutActions($sFinalClass)
-	{
-		$aShortcutActions = parent::GetShortcutActions($sFinalClass);
-		if (!in_array('UI:Menu:RunAudit', $aShortcutActions)) {
-			$aShortcutActions[] = 'UI:Menu:RunAudit';
-		}
-
-		return $aShortcutActions;
-	}
 }
 ?>

application/capturewebpage.class.inc.php

@@ -1,8 +1,8 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/CaptureWebPage.php, now loadable using autoloader
+ * @deprecated  3.0.0 will be removed in 3.1.0 - moved to sources/application/WebPage/CaptureWebPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/CaptureWebPage.php, now loadable using autoloader');
+DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/CaptureWebPage.php, now loadable using autoloader');

application/clipage.class.inc.php

@@ -1,8 +1,8 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/CLIPage.php, now loadable using autoloader
+ * @deprecated  3.0.0 will be removed in 3.1.0 - moved to sources/application/WebPage/CLIPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/CLIPage.php, now loadable using autoloader');
+DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/CLIPage.php, now loadable using autoloader');

application/compilecssservice.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2020 Combodo SARL
  *
  * This file is part of iTop.
  *

application/csvpage.class.inc.php

@@ -1,8 +1,8 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/CSVPage.php, now loadable using autoloader
+ * @deprecated  3.0.0 will be removed in 3.1.0 - moved to sources/application/WebPage/CSVPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/CSVPage.php, now loadable using autoloader');
+DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/CSVPage.php, now loadable using autoloader');

application/dashboard.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -918,6 +918,11 @@ class RuntimeDashboard extends Dashboard
 	{
 		$bCustomized = false;
 
+		$sDashboardFileSanitized = utils::RealPath(APPROOT.$sDashboardFile, APPROOT);
+		if (false === $sDashboardFileSanitized) {
+			throw new SecurityException('Invalid dashboard file !');
+		}
+
 		// Search for an eventual user defined dashboard
 		$oUDSearch = new DBObjectSearch('UserDashboard');
 		$oUDSearch->AddCondition('user_id', UserRights::GetUserId(), '=');
@@ -929,7 +934,7 @@ class RuntimeDashboard extends Dashboard
 			$sDashboardDefinition = $oUserDashboard->Get('contents');
 			$bCustomized = true;
 		} else {
-			$sDashboardDefinition = @file_get_contents($sDashboardFile);
+			$sDashboardDefinition = @file_get_contents($sDashboardFileSanitized);
 		}
 
 
@@ -937,7 +942,7 @@ class RuntimeDashboard extends Dashboard
 			$oDashboard = new RuntimeDashboard($sDashBoardId);
 			$oDashboard->FromXml($sDashboardDefinition);
 			$oDashboard->SetCustomFlag($bCustomized);
-			$oDashboard->SetDefinitionFile($sDashboardFile);
+			$oDashboard->SetDefinitionFile($sDashboardFileSanitized);
 		} else {
 			$oDashboard = null;
 		}
@@ -1136,7 +1141,7 @@ JS
 		$oToolbar->AddSubBlock($oActionButton);
 
 		$aActions = array();
-		$sFile = addslashes($this->sDefinitionFile);
+		$sFile = addslashes(utils::LocalPath($this->sDefinitionFile));
 		$sJSExtraParams = json_encode($aExtraParams);
 		if ($this->HasCustomDashboard()) {
 			$oEdit = new JSPopupMenuItem('UI:Dashboard:Edit', Dict::S('UI:Dashboard:EditCustom'), "return EditDashboard('{$this->sId}', '$sFile', $sJSExtraParams)");
@@ -1259,12 +1264,12 @@ EOF
 		$sOkButtonLabel = Dict::S('UI:Button:Save');
 		$sCancelButtonLabel = Dict::S('UI:Button:Cancel');
 		
-		$sId = addslashes($this->sId);
-		$sLayoutClass = addslashes($this->sLayoutClass);
+		$sId = utils::HtmlEntities($this->sId);
+		$sLayoutClass = utils::HtmlEntities($this->sLayoutClass);
 		$sAutoReload = $this->bAutoReload ? 'true' : 'false';
 		$sAutoReloadSec = (string) $this->iAutoReloadSec;
-		$sTitle = addslashes($this->sTitle);
-		$sFile = addslashes($this->GetDefinitionFile());
+		$sTitle = utils::HtmlEntities($this->sTitle);
+		$sFile = utils::HtmlEntities($this->GetDefinitionFile());
 		$sUrl = utils::GetAbsoluteUrlAppRoot().'pages/ajax.render.php';
 		$sReloadURL = $this->GetReloadURL();
 

application/dashboardlayout.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -23,7 +23,7 @@ use Combodo\iTop\Application\UI\Base\Layout\Dashboard\DashboardRow;
 /**
  * Dashboard presentation
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 abstract class DashboardLayout

application/dashlet.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2012-2023 Combodo SARL
+// Copyright (C) 2012-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -29,7 +29,7 @@ require_once(APPROOT.'application/forms.class.inc.php');
 /**
  * Base class for all 'dashlets' (i.e. widgets to be inserted into a dashboard)
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 abstract class Dashlet
@@ -667,7 +667,7 @@ class DashletUnknown extends Dashlet
 	 */
 	public function GetPropertiesFields(DesignerForm $oForm)
 	{
-		$oField = new DesignerXMLField('xml', Dict::S('UI:DashletUnknown:Prop-XMLConfiguration'), $this->sOriginalDashletXML);
+		$oField = new DesignerLongTextField('xml', Dict::S('UI:DashletUnknown:Prop-XMLConfiguration'), $this->sOriginalDashletXML);
 		$oForm->AddField($oField);
 	}
 
@@ -869,7 +869,7 @@ class DashletPlainText extends Dashlet
 	public function Render($oPage, $bEditMode = false, $aExtraParams = array())
 	{
 		$sText = $this->aProperties['text'];
-		$sText = utils::EscapeHtml(Dict::S($sText));
+		$sText = utils::EscapeHtml($sText);
 		$sText = str_replace(array("\r\n", "\n", "\r"), "<br/>", $sText);
 
 		$sId = 'plaintext_'.($bEditMode ? 'edit_' : '').$this->sId;

application/datamodel.application.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<itop_design xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="3.1">
+<itop_design xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="3.0">
   <classes>
     <class id="AbstractResource" _delta="define">
       <parent>cmdbAbstractObject</parent>
@@ -55,9 +55,9 @@
   <menus>
     <menu id="WelcomeMenu" xsi:type="MenuGroup" _delta="define">
       <rank>10</rank>
-      <style>
-        <decoration_classes>fas fa-home</decoration_classes>
-      </style>
+	    <style>
+		    <decoration_classes>fas fa-home</decoration_classes>
+	    </style>
     </menu>
     <menu id="WelcomeMenuPage" xsi:type="DashboardMenuNode" _delta="define">
       <rank>10</rank>
@@ -151,9 +151,9 @@
     </menu>
     <menu id="ConfigurationTools" xsi:type="MenuGroup" _delta="define_if_not_exists">
       <rank>90</rank>
-      <style>
-        <decoration_classes>fas fa-cog</decoration_classes>
-      </style>
+	    <style>
+		    <decoration_classes>fas fa-cog</decoration_classes>
+	    </style>
     </menu>
     <menu id="DataSources" xsi:type="OQLMenuNode" _delta="define">
       <rank>20</rank>
@@ -172,372 +172,19 @@
     </menu>
     <menu id="AdminTools" xsi:type="MenuGroup" _delta="define">
       <rank>80</rank>
-      <style>
-        <decoration_classes>fas fa-tools</decoration_classes>
-      </style>
+	    <style>
+		    <decoration_classes>fas fa-tools</decoration_classes>
+	    </style>
     </menu>
     <menu id="SystemTools" xsi:type="MenuGroup" _delta="define">
       <rank>100</rank>
       <enable_class>ResourceSystemMenu</enable_class>
       <enable_action>UR_ACTION_MODIFY</enable_action>
-      <style>
-        <decoration_classes>fas fa-terminal</decoration_classes>
-      </style>
+	    <style>
+		    <decoration_classes>fas fa-terminal</decoration_classes>
+	    </style>
     </menu>
   </menus>
-  <events>
-    <event id="EVENT_DB_BEFORE_WRITE" _delta="define">
-      <description>An object is about to be written into the database. The object can be modified.</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <replaces>DBObject::OnInsert</replaces>
-      <event_data>
-        <event_datum id="object">
-          <description>The object inserted</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="is_new">
-          <description>Creation flag</description>
-          <type>boolean</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_CHECK_TO_WRITE" _delta="define">
-      <description>Check an object before it is written into the database (no change possible). Call DBObject::AddCheckIssue() to signal an issue</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <replaces>cmdbAbstractObject::DoCheckToWrite</replaces>
-      <event_data>
-        <event_datum id="object">
-          <description>The object to check</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="is_new">
-          <description>Creation flag</description>
-          <type>boolean</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_AFTER_WRITE" _delta="define">
-      <description>An object has been written into the database. The modifications can be propagated to other objects.</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <replaces>DBObject::AfterInsert</replaces>
-      <event_data>
-        <event_datum id="object">
-          <description>The object inserted</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="is_new">
-          <description>Creation flag</description>
-          <type>boolean</type>
-        </event_datum>
-        <event_datum id="changes">
-          <description>For updates, the list of changes done during this operation</description>
-          <type>array</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_CHECK_TO_DELETE" _delta="define">
-      <description>Check an object before it is deleted from the database. Call DBObject::AddDeleteIssue() to signal an issue</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <replaces>cmdbAbstractObject::DoCheckToDelete</replaces>
-      <event_data>
-        <event_datum id="object">
-          <description>The object to check</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_AFTER_DELETE" _delta="define">
-      <description>An object has been deleted into the database</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <replaces>DBObject::AfterDelete</replaces>
-      <event_data>
-        <event_datum id="object">
-          <description>The object deleted</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_BEFORE_APPLY_STIMULUS" _delta="define">
-      <description>A stimulus is about to be applied to an object</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The object where the stimulus is targeted</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="stimulus">
-          <description>Current stimulus applied</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="previous_state">
-          <description>Object previous state</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="new_state">
-          <description>Object new state</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="save_object">
-          <description>The object must be saved in the database</description>
-          <type>boolean</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_AFTER_APPLY_STIMULUS" _delta="define">
-      <description>A stimulus has been applied to an object</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The object where the stimulus is targeted</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="stimulus">
-          <description>Current stimulus applied</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="previous_state">
-          <description>Object previous state</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="new_state">
-          <description>Object new state</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="save_object">
-          <description>The object is asked to be saved in the database</description>
-          <type>boolean</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_APPLY_STIMULUS_FAILED" _delta="define">
-      <description>A stimulus has failed</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="action">
-          <description>The action that failed to apply the stimulus</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="object">
-          <description>The object where the stimulus is targeted</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="stimulus">
-          <description>Current stimulus applied</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="previous_state">
-          <description>Object previous state</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="new_state">
-          <description>Object new state</description>
-          <type>string</type>
-        </event_datum>
-        <event_datum id="save_object">
-          <description>The object must be saved in the database</description>
-          <type>boolean</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_LINKS_CHANGED" _delta="define">
-      <description>At least one link class was changed</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The object where the link is or was pointing to</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_OBJECT_RELOAD" _delta="define">
-      <description>An object has been re-loaded from the database</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The object re-loaded</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_COMPUTE_VALUES" _delta="define">
-      <description>An object needs to be recomputed after changes</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <replaces>DBObject::ComputeValues</replaces>
-      <event_data>
-        <event_datum id="object">
-          <description>The object inserted</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_ARCHIVE" _delta="define">
-      <description>An object has been archived</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The object archived</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_UNARCHIVE" _delta="define">
-      <description>An object has been unarchived</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The object unarchived</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_SET_ATTRIBUTES_FLAGS" _delta="define">
-      <description>Set object attributes flags. Call cmdbAbstractObject::AddAttributeFlags() for all the attributes to be set for this target state.</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The current object</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="target_state">
-          <description>The target state in which to evaluate the flags</description>
-          <type>array</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DB_SET_INITIAL_ATTRIBUTES_FLAGS" _delta="define">
-      <description>Set object initial attributes flags. Call cmdbAbstractObject::AddInitialAttributeFlags() for all the initial attributes to be set initially.</description>
-      <sources>
-        <source id="cmdbAbstractObject">cmdbAbstractObject</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The current object</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_DOWNLOAD_DOCUMENT" _delta="define">
-      <description>A document has been downloaded from the GUI</description>
-      <sources>
-        <source id="Document">Document</source>
-      </sources>
-      <event_data>
-        <event_datum id="object">
-          <description>The object containing the document</description>
-          <type>DBObject</type>
-        </event_datum>
-        <event_datum id="document">
-          <description>The document downloaded</description>
-          <type>ormDocument</type>
-        </event_datum>
-        <event_datum id="debug_info">
-          <description>Debug string</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-    <event id="EVENT_LOGIN" _delta="define">
-      <description>Inform the listeners about the connection states</description>
-      <event_data>
-        <event_datum id="code">
-          <description>The login step result code (LoginWebPage::EXIT_CODE_...) </description>
-          <type>integer</type>
-        </event_datum>
-        <event_datum id="state">
-          <description>Current login state (LoginWebPage::LOGIN_STATE_CONNECTED...)</description>
-          <type>string</type>
-        </event_datum>
-      </event_data>
-    </event>
-  </events>
   <meta>
     <classes>
       <class id="cmdbAbstractObject" _delta="define">

application/datatable.class.inc.php

@@ -3,7 +3,7 @@
 use Combodo\iTop\Renderer\Console\ConsoleBlockRenderer;
 
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2021 Combodo SARL
  *
  * This file is part of iTop.
  *
@@ -19,7 +19,7 @@ use Combodo\iTop\Renderer\Console\ConsoleBlockRenderer;
  *
  * You should have received a copy of the GNU Affero General Public License
  *
- * @deprecated 3.0.0 use Combodo\iTop\Application\UI\Base\Component\DataTable\Datatable
+ * @deprecated since 3.0.0 use Combodo\iTop\Application\UI\Base\Component\DataTable\Datatable
  */
 
 class DataTable

application/errorpage.class.inc.php

@@ -1,8 +1,8 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/ErrorPage.php, now loadable using autoloader
+ * @deprecated  3.0.0 will be removed in 3.1.0 - moved to sources/application/WebPage/ErrorPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/ErrorPage.php, now loadable using autoloader');
+DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/ErrorPage.php, now loadable using autoloader');

application/exceptions/ApplicationException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/ArchivedObjectException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/BulkChangeException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/CSVParserException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/ConfigException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/CoreCannotSaveObjectException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -48,7 +48,7 @@ class CoreCannotSaveObjectException extends CoreException
 
 		if (count($this->aIssues) == 1) {
 			$sIssue = reset($this->aIssues);
-			$sContent .= "&nbsp;<span>".utils::HtmlEntities($sIssue)."</span>";
+			$sContent .= " <span>".utils::HtmlEntities($sIssue)."</span>";
 		} else {
 			$sContent .= '<ul>';
 			foreach ($this->aIssues as $sError) {
@@ -60,6 +60,24 @@ class CoreCannotSaveObjectException extends CoreException
 		return $sContent;
 	}
 
+	public function getTextMessage()
+	{
+		$sTitle = Dict::S('UI:Error:SaveFailed');
+		$sContent = utils::HtmlEntities($sTitle);
+
+		if (count($this->aIssues) == 1) {
+			$sIssue = reset($this->aIssues);
+			$sContent .= utils::HtmlEntities($sIssue);
+		} else {
+			foreach ($this->aIssues as $sError) {
+				$sContent .= " ".utils::HtmlEntities($sError).", ";
+			}
+		}
+
+		return $sContent;
+	}
+
+
 	public function getIssues()
 	{
 		return $this->aIssues;

application/exceptions/CoreException.php

@@ -1,15 +1,11 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
 class CoreException extends Exception
 {
-	protected $m_sIssue;
-	protected $m_sImpact;
-	protected $m_aContextData;
-
 	/**
 	 * CoreException constructor.
 	 *

application/exceptions/CorePortalInvalidActionRuleException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/CoreTemplateException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/CoreUnexpectedValue.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/CoreWarning.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/DeleteException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/InvalidConfigParamException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/InvalidExternalKeyValueException.php

@@ -0,0 +1,36 @@
+<?php
+
+/**
+ * @since 2.7.10 3.0.4 3.1.1 3.2.0 N°6458 object creation
+ */
+class InvalidExternalKeyValueException extends CoreUnexpectedValue
+{
+	private const ENUM_PARAMS_OBJECT = 'current_object';
+	private const ENUM_PARAMS_ATTCODE = 'attcode';
+	private const ENUM_PARAMS_ATTVALUE = 'attvalue';
+	private const ENUM_PARAMS_USER = 'current_user';
+
+	public function __construct($oObject, $sAttCode, $aContextData = null, $oPrevious = null)
+	{
+		$aContextData[self::ENUM_PARAMS_OBJECT] = get_class($oObject) . '::' . $oObject->GetKey();
+		$aContextData[self::ENUM_PARAMS_ATTCODE] = $sAttCode;
+		$aContextData[self::ENUM_PARAMS_ATTVALUE] = $oObject->Get($sAttCode);
+
+		$oCurrentUser = UserRights::GetUserObject();
+		if (false === is_null($oCurrentUser)) {
+			$aContextData[self::ENUM_PARAMS_USER] = get_class($oCurrentUser) . '::' . $oCurrentUser->GetKey();
+		}
+
+		parent::__construct('Attribute pointing to an object that is either non existing or not readable by the current user', $aContextData, '', $oPrevious);
+	}
+
+	public function GetAttCode(): string
+	{
+		return $this->getContextData()[self::ENUM_PARAMS_ATTCODE];
+	}
+
+	public function GetAttValue(): string
+	{
+		return $this->getContextData()[self::ENUM_PARAMS_ATTVALUE];
+	}
+}

application/exceptions/InvalidPasswordAttributeOneWayPassword.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/PageNotFoundException.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/SecurityException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/SynchroExceptionNotStarted.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/UserRightException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/dict/DictException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/dict/DictExceptionMissingString.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/dict/DictExceptionUnknownLanguage.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/iTopXmlException.php

@@ -1,10 +0,0 @@
-<?php
-/*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
- * @license     http://opensource.org/licenses/AGPL-3.0
- */
-
-class iTopXmlException extends CoreException
-{
-
-}

application/exceptions/mysql/MySQLException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/mysql/MySQLHasGoneAwayException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/mysql/MySQLNoTransactionException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/mysql/MySQLQueryHasNoResultException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/mysql/MySQLTransactionNotClosedException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/oql/CoreOqlException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/oql/CoreOqlMultipleResultsForbiddenException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/process/ProcessException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/process/ProcessFatalException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/exceptions/process/ProcessInvalidConfigException.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/findstylesheetobject.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2020 Combodo SARL
  *
  * This file is part of iTop.
  *

application/forms.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -20,7 +20,7 @@
  * Helper class to build interactive forms to be used either in stand-alone
  * modal dialog or in "property-sheet" panes.
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 class DesignerForm
@@ -60,7 +60,7 @@ class DesignerForm
 		$this->sHierarchySelector = '';
 		$this->StartFieldSet($this->sCurrentFieldSet);
 		$this->bDisplayed = true;
-		$this->aDefaultValues = array();
+		$this->aDefaultvalues = array();
 	}
 	
 	public function AddField(DesignerFormField $oField)
@@ -838,8 +838,7 @@ class DesignerFormField
 	{
 		$sId = $this->oForm->GetFieldId($this->sCode);
 		$sName = $this->oForm->GetFieldName($this->sCode);
-
-		return array('label' => $this->sLabel, 'value' => "<input type=\"text\" id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($this->defaultValue)."\">");
+		return array('label' => $this->sLabel, 'value' => "<input type=\"text\" id=\"$sId\" name=\"$sName\" value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\">");
 	}
 
 	/**
@@ -1013,8 +1012,9 @@ class DesignerTextField extends DesignerFormField
 		$sId = $this->oForm->GetFieldId($this->sCode);
 		
 		$sName = $this->oForm->GetFieldName($this->sCode);
-		if ($this->IsReadOnly()) {
-			$sHtmlValue = "<span>".utils::EscapeHtml($this->defaultValue)."<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($this->defaultValue)."\"/></span>";
+		if ($this->IsReadOnly())
+		{
+			$sHtmlValue = "<span>".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\"/></span>";
 		}
 		else
 		{
@@ -1038,10 +1038,11 @@ $('#$sId').on('change keyup validate', function() { ValidateWithPattern('$sId',
 EOF
 			);
 			$sCSSClasses = '';
-			if (count($this->aCSSClasses) > 0) {
+			if (count($this->aCSSClasses) > 0)
+			{
 				$sCSSClasses = 'class="'.implode(' ', $this->aCSSClasses).'"';
 			}
-			$sHtmlValue = "<input type=\"text\" $sCSSClasses id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($this->defaultValue)."\">";
+			$sHtmlValue = "<input type=\"text\" $sCSSClasses id=\"$sId\" name=\"$sName\" value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\">";
 		}
 		return array('label' => $this->sLabel, 'value' => $sHtmlValue);
 	}
@@ -1100,9 +1101,10 @@ class DesignerLongTextField extends DesignerTextField
 		{
 			$sCSSClasses = 'class="'.implode(' ', $this->aCSSClasses).'"';
 		}
-		if (!$this->IsReadOnly()) {
+		if (!$this->IsReadOnly())
+		{
 			$oP->add_ready_script(
-				<<<EOF
+<<<EOF
 $('#$sId').on('change keyup validate', function() { ValidateWithPattern('$sId', $sMandatory, '$sPattern',  $(this).closest('form').attr('id'), $sForbiddenValues); } );
 {
 	var myTimer = null;
@@ -1110,41 +1112,14 @@ $('#$sId').on('change keyup validate', function() { ValidateWithPattern('$sId',
 }
 EOF
 			);
-			$sValue = "<textarea $sCSSClasses id=\"$sId\" name=\"$sName\">".$this->PrepareValueForRendering()."</textarea>";
+			$sValue = "<textarea $sCSSClasses id=\"$sId\" name=\"$sName\">".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."</textarea>";
 		}
-		else {
-			$sValue = "<div $sCSSClasses id=\"$sId\">".$this->PrepareValueForRendering()."</div>";
+		else
+		{
+			$sValue = "<div $sCSSClasses id=\"$sId\">".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."</div>";
 		}
 		return array('label' => $this->sLabel, 'value' => $sValue);
 	}
-
-	/**
-	 * @return string|null The value itself as expected for rendering. May it be encoded, escaped or else.
-	 * @since 3.1.0 N°6405
-	 */
-	protected function PrepareValueForRendering(): ?string
-	{
-		return utils::EscapeHtml($this->defaultValue);
-	}
-}
-
-/**
- * Class DesignerXMLField
- *
- * Field to display XML content
- *
- * @author Guillaume Lajarige <guillaume.lajarige@combodo.com>
- * @since 3.1.0 N°6405
- */
-class DesignerXMLField extends DesignerLongTextField
-{
-	/**
-	 * @inheritDoc
-	 */
-	protected function PrepareValueForRendering(): ?string
-	{
-		return utils::EscapeHtml($this->defaultValue, true);
-	}
 }
 
 class DesignerIntegerField extends DesignerFormField
@@ -1170,8 +1145,9 @@ class DesignerIntegerField extends DesignerFormField
 		$sId = $this->oForm->GetFieldId($this->sCode);
 		
 		$sName = $this->oForm->GetFieldName($this->sCode);
-		if ($this->IsReadOnly()) {
-			$sHtmlValue = "<span>".utils::EscapeHtml($this->defaultValue)."<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($this->defaultValue)."\"/></span>";
+		if ($this->IsReadOnly())
+		{
+			$sHtmlValue = "<span>".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\"/></span>";
 		}
 		else
 		{
@@ -1188,10 +1164,11 @@ $('#$sId').on('change keyup validate', function() { ValidateInteger('$sId', $sMa
 EOF
 			);
 			$sCSSClasses = '';
-			if (count($this->aCSSClasses) > 0) {
+			if (count($this->aCSSClasses) > 0)
+			{
 				$sCSSClasses = 'class="'.implode(' ', $this->aCSSClasses).'"';
 			}
-			$sHtmlValue = "<input type=\"text\" $sCSSClasses id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($this->defaultValue)."\">";
+			$sHtmlValue = "<input type=\"text\" $sCSSClasses id=\"$sId\" name=\"$sName\" value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\">";
 		}
 		return array('label' => $this->sLabel, 'value' => $sHtmlValue);
 	}
@@ -1312,18 +1289,22 @@ class DesignerComboField extends DesignerFormField
 			{
 				if ($this->bMultipleSelection)
 				{
-					if(in_array($sKey, $this->defaultValue)) {
+					if(in_array($sKey, $this->defaultValue))
+					{
 						$aSelected[] = $sDisplayValue;
-						$aHiddenValues[] = "<input type=\"hidden\" name=\"{$sName}[]\" value=\"".utils::EscapeHtml($sKey)."\"/>";
+						$aHiddenValues[] = "<input type=\"hidden\" name=\"{$sName}[]\" value=\"".htmlentities($sKey, ENT_QUOTES, 'UTF-8')."\"/>";
 					}
-				} else {
-					if ($sKey == $this->defaultValue) {
+				}
+				else
+				{
+					if ($sKey == $this->defaultValue)
+					{
 						$aSelected[] = $sDisplayValue;
-						$aHiddenValues[] = "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($sKey)."\"/>";
+						$aHiddenValues[] = "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".htmlentities($sKey, ENT_QUOTES, 'UTF-8')."\"/>";
 					}
 				}
 			}
-			$sHtml = "<span $sCSSClasses>".utils::EscapeHtml(implode(', ', $aSelected)).implode($aHiddenValues)."</span>";
+			$sHtml = "<span $sCSSClasses>".htmlentities(implode(', ', $aSelected), ENT_QUOTES, 'UTF-8').implode($aHiddenValues)."</span>";
 		}
 		else
 		{
@@ -1347,7 +1328,7 @@ class DesignerComboField extends DesignerFormField
 				}
 				// Quick and dirty: display the menu parents as a tree
 				$sHtmlValue = str_replace(' ', '&nbsp;', $sDisplayValue);
-				$sHtml .= "<option value=\"".utils::EscapeHtml($sKey)."\" $sSelected>$sHtmlValue</option>";
+				$sHtml .= "<option value=\"".htmlentities($sKey, ENT_QUOTES, 'UTF-8')."\" $sSelected>$sHtmlValue</option>";
 			}
 			$sHtml .= "</select></span>";
 			if ($this->bOtherChoices)
@@ -1398,9 +1379,10 @@ class DesignerBooleanField extends DesignerFormField
 		$sId = $this->oForm->GetFieldId($this->sCode);
 		$sName = $this->oForm->GetFieldName($this->sCode);
 		$sChecked = $this->defaultValue ? 'checked' : '';
-		if ($this->IsReadOnly()) {
+		if ($this->IsReadOnly())
+		{
 			$sLabel = $this->defaultValue ? Dict::S('UI:UserManagement:ActionAllowed:Yes') : Dict::S('UI:UserManagement:ActionAllowed:No'); //TODO use our own yes/no translations
-			$sHtmlValue = "<span>".utils::EscapeHtml($sLabel)."<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($this->defaultValue)."\"/></span>";
+			$sHtmlValue = "<span>".htmlentities($sLabel)."<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\"/></span>";
 		}
 		else
 		{
@@ -1468,8 +1450,8 @@ class DesignerHiddenField extends DesignerFormField
 	{
 		$sId = $this->oForm->GetFieldId($this->sCode);
 		$sName = $this->oForm->GetFieldName($this->sCode);
-
-		return array('label' => '', 'value' => "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($this->defaultValue)."\">");
+		$sChecked = $this->defaultValue ? 'checked' : '';
+		return array('label' =>'', 'value' => "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\">");
 	}
 }
 
@@ -1536,7 +1518,7 @@ class DesignerIconSelectionField extends DesignerFormField
 EOF
 			);
 		} else {
-			$sValue = '<span style="display:inline-block;line-height:48px;height:48px;"><span><img style="vertical-align:middle" src="'.$this->aAllowedValues[$idx]['icon'].'" />&nbsp;'.utils::EscapeHtml($this->aAllowedValues[$idx]['label']).'</span></span>';
+			$sValue = '<span style="display:inline-block;line-height:48px;height:48px;"><span><img style="vertical-align:middle" src="'.$this->aAllowedValues[$idx]['icon'].'" />&nbsp;'.htmlentities($this->aAllowedValues[$idx]['label'], ENT_QUOTES, 'UTF-8').'</span></span>';
 		}
 		$sReadOnly = $this->IsReadOnly() ? 'disabled' : '';
 		return array('label' => $this->sLabel, 'value' => $sValue);
@@ -1683,14 +1665,14 @@ class DesignerSortableField extends DesignerFormField
 		$sId = $this->oForm->GetFieldId($this->sCode);
 		$sName = $this->oForm->GetFieldName($this->sCode);
 		$sReadOnly = $this->IsReadOnly() ? 'readonly="readonly"' : '';
-		$aResult = array('label' => $this->sLabel, 'value' => "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" $sReadOnly value=\"".utils::EscapeHtml($this->defaultValue)."\">");
-
+		$aResult = array('label' => $this->sLabel, 'value' => "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" $sReadOnly value=\"".htmlentities($this->defaultValue, ENT_QUOTES, 'UTF-8')."\">");
+		
 
 		$sJSFields = json_encode(array_keys($this->aAllowedValues));
 		$oP->add_ready_script(
 			"$('#$sId').sortable_field({aAvailableFields: $sJSFields});"
 		);
-
+		
 		return $aResult;
 	}
 }
@@ -1779,8 +1761,8 @@ class DesignerFormSelectorField extends DesignerFormField
 			foreach ($this->aSubForms as $iKey => $aFormData) {
 				if ($iKey == $this->defaultValue) // Default value is actually the index
 				{
-					$sDisplayValue = utils::EscapeHtml($aFormData['label']);
-					$sHiddenValue = "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".utils::EscapeHtml($iKey)."\"/>";
+					$sDisplayValue = htmlentities($aFormData['label'], ENT_QUOTES, 'UTF-8');
+					$sHiddenValue = "<input type=\"hidden\" id=\"$sId\" name=\"$sName\" value=\"".htmlentities($iKey, ENT_QUOTES, 'UTF-8')."\"/>";
 					break;
 				}
 			}
@@ -1788,8 +1770,8 @@ class DesignerFormSelectorField extends DesignerFormField
 		} else {
 			$sHtml = "<span class=\"ibo-input-select-wrapper\"><select $sCSSClasses id=\"$sId\" name=\"$sName\" $sReadOnly>";
 			foreach ($this->aSubForms as $iKey => $aFormData) {
-				$sDisplayValue = utils::EscapeHtml($aFormData['label']);
-				$sValue = utils::EscapeHtml($aFormData['value']);
+				$sDisplayValue = htmlentities($aFormData['label'], ENT_QUOTES, 'UTF-8');
+				$sValue = htmlentities($aFormData['value'], ENT_QUOTES, 'UTF-8');
 				$sSelected = ($iKey == $this->defaultValue) ? 'selected' : '';
 				$sHtml .= "<option data-value=\"$sValue\" value=\"$iKey\" $sSelected>".$sDisplayValue."</option>";
 			}

application/iotask.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -20,7 +20,7 @@
 /**
  * Persistent class InputOutputTask
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/itopwebpage.class.inc.php

@@ -1,9 +1,9 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/iTopWebPage.php, now loadable using autoloader
+ * @deprecated  3.0.0 will be removed in 3.1.0 - moved to sources/application/WebPage/iTopWebPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
 // cannot notify depreciation for now as this is still MASSIVELY used in iTop core !
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/iTopWebPage.php, now loadable using autoloader');
+//DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/iTopWebPage.php, now loadable using autoloader');

application/itopwizardwebpage.class.inc.php

@@ -1,8 +1,8 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/iTopWizardWebPage.php, now loadable using autoloader
+ * @deprecated  3.0.0 will be removed in 3.1.0 - moved to sources/application/WebPage/iTopWizardWebPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/iTopWizardWebPage.php, now loadable using autoloader');
+DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/iTopWizardWebPage.php, now loadable using autoloader');

application/loginbasic.class.inc.php

@@ -5,7 +5,7 @@ use Combodo\iTop\Application\Helper\Session;
 /**
  * Class LoginBasic
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/logindefault.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -119,6 +119,11 @@ class LoginDefaultAfter extends AbstractLoginFSMExtension implements iLogoutExte
 	protected function OnConnected(&$iErrorCode)
 	{
 		Session::Unset('login_temp_auth_user');
+		if (is_null(UserRights::GetUserObject())){
+			//N°7085 avoid infinite loop
+			IssueLog::Error("No user logged in. exit");
+			exit(-1);
+		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
 
@@ -134,4 +139,4 @@ class LoginDefaultAfter extends AbstractLoginFSMExtension implements iLogoutExte
 			}
 		}
 	}
-}
+}

application/loginexternal.class.inc.php

@@ -5,7 +5,7 @@ use Combodo\iTop\Application\Helper\Session;
 /**
  * Class LoginExternal
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -93,4 +93,4 @@ class LoginExternal extends AbstractLoginFSMExtension
 		/** @var string $sAuthUser */
 		return $sAuthUser; // Retrieve the value
 	}
-}
+}

application/loginform.class.inc.php

@@ -1,7 +1,7 @@
 <?php
 
 /**
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/logintwig.class.inc.php

@@ -2,16 +2,13 @@
 
 /**
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
 
 use Combodo\iTop\Application\Branding;
-use Combodo\iTop\Application\TwigBase\Twig\Extension;
-use Twig\Environment;
-use Twig\Loader\ChainLoader;
-use Twig\Loader\FilesystemLoader;
+use Combodo\iTop\TwigExtension;
 
 /**
  * Twig context for modules extending the login screen
@@ -220,14 +217,14 @@ class LoginTwigRenderer
 			$sTwigLoaderPath = $oLoginContext->GetTwigLoaderPath();
 			if ($sTwigLoaderPath != null)
 			{
-				$oExtensionLoader = new FilesystemLoader();
+				$oExtensionLoader = new Twig_Loader_Filesystem();
 				$oExtensionLoader->setPaths($sTwigLoaderPath);
 				$aTwigLoaders[] = $oExtensionLoader;
 			}
 			$this->aPostedVars = array_merge($this->aPostedVars, $oLoginContext->GetPostedVars());
 		}
 
-		$oCoreLoader = new FilesystemLoader(array(), APPROOT.'templates');
+		$oCoreLoader = new Twig_Loader_Filesystem(array(), APPROOT.'templates');
 		$aCoreTemplatesPaths = array('pages/login', 'pages/login/password');
 		// Having this path declared after the plugins let the plugins replace the core templates
 		$oCoreLoader->setPaths($aCoreTemplatesPaths);
@@ -235,9 +232,9 @@ class LoginTwigRenderer
 		$oCoreLoader->setPaths($aCoreTemplatesPaths, 'ItopCore');
 		$aTwigLoaders[] = $oCoreLoader;
 
-		$oLoader = new ChainLoader($aTwigLoaders);
-		$this->oTwig = new Environment($oLoader);
-		Extension::RegisterTwigExtensions($this->oTwig);
+		$oLoader = new Twig_Loader_Chain($aTwigLoaders);
+		$this->oTwig = new Twig_Environment($oLoader);
+		TwigExtension::RegisterTwigExtensions($this->oTwig);
 	}
 
 	public function GetDefaultVars()
@@ -309,7 +306,7 @@ class LoginTwigRenderer
 	}
 
 	/**
-	 * @return \Twig\Environment
+	 * @return \Twig_Environment
 	 */
 	public function GetTwig()
 	{

application/loginurl.class.inc.php

@@ -5,7 +5,7 @@ use Combodo\iTop\Application\Helper\Session;
 /**
  * Class LoginURL
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -92,4 +92,4 @@ class LoginURL extends AbstractLoginFSMExtension
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
-}
+}

application/loginwebpage.class.inc.php

@@ -20,14 +20,12 @@
 /**
  * Class LoginWebPage
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
 use Combodo\iTop\Application\Branding;
 use Combodo\iTop\Application\Helper\Session;
-use Combodo\iTop\Service\Events\EventData;
-use Combodo\iTop\Service\Events\EventService;
 
 /**
  * Web page used for displaying the login form
@@ -37,7 +35,7 @@ class LoginWebPage extends NiceWebPage
 {
 	const EXIT_PROMPT = 0;
 	const EXIT_HTTP_401 = 1;
-	const EXIT_RETURN = 2;
+	const EXIT_RETURN = 2; // Non interactive mode (ajax, rest, ...)
 	
 	const EXIT_CODE_OK = 0;
 	const EXIT_CODE_MISSINGLOGIN = 1;
@@ -90,7 +88,7 @@ class LoginWebPage extends NiceWebPage
 		parent::__construct($sTitle);
 		$this->SetStyleSheet();
 		$this->no_cache();
-		$this->add_xframe_options();
+		$this->add_http_headers();
 	}
 	
 	public function SetStyleSheet()
@@ -107,6 +105,7 @@ class LoginWebPage extends NiceWebPage
 	/**
 	 * @param $oUser
 	 * @param array $aProfiles
+	 * @param $sOrigin
 	 *
 	 * @return array
 	 * @throws \CoreException
@@ -133,6 +132,10 @@ class LoginWebPage extends NiceWebPage
 		//add profiles not already linked with user
 		foreach ($aProfiles as $iProfileId)
 		{
+			$oLink = new URP_UserProfile();
+			$oLink->Set('profileid', $iProfileId);
+			$oLink->Set('reason', $sOrigin);
+
 			$oProfilesSet->AddItem(MetaModel::NewObject('URP_UserProfile', array('profileid' => $iProfileId, 'reason' => $sOrigin)));
 		}
 		$oUser->Set('profile_list', $oProfilesSet);
@@ -383,19 +386,20 @@ class LoginWebPage extends NiceWebPage
 		$this->output();
 	}
 
-	public static function ResetSession()
+	public static function ResetSession($bFullCleanup = false)
 	{
-		// Unset all of the session variables.
-		Session::Unset('auth_user');
-		Session::Unset('login_state');
-		Session::Unset('can_logoff');
-		Session::Unset('archive_mode');
-		Session::Unset('impersonate_user');
-		Session::Unset('PluginProperties');
-		Session::Unset('UrlMakerClass');
-		Session::Unset('itop_env');
-		Session::Unset('obj_messages');
-		Session::Unset('profile_list');
+        if ($bFullCleanup) {
+            // Unset all of the session variables.
+            foreach (array_keys($_SESSION) as $sKey) {
+	            Session::Unset($sKey);
+            }
+        } else {
+	        Session::Unset('auth_user');
+	        Session::Unset('login_state');
+	        Session::Unset('can_logoff');
+	        Session::Unset('archive_mode');
+	        Session::Unset('impersonate_user');
+        }
 		UserRights::_ResetSessionCache();
 		// If it's desired to kill the session, also delete the session cookie.
 		// Note: This will destroy the session, and not just the session data!
@@ -486,13 +490,11 @@ class LoginWebPage extends NiceWebPage
 					$iResponse = $oLoginFSMExtensionInstance->LoginAction($sLoginState, $iErrorCode);
 					if ($iResponse == self::LOGIN_FSM_RETURN)
 					{
-						EventService::FireEvent(new EventData(EVENT_LOGIN, null, ['code' => $iErrorCode, 'state' => $sLoginState]));
 						Session::WriteClose();
 						return $iErrorCode; // Asked to exit FSM, generally login OK
 					}
 					if ($iResponse == self::LOGIN_FSM_ERROR)
 					{
-						EventService::FireEvent(new EventData(EVENT_LOGIN, null, ['code' => $iErrorCode, 'state' => $sLoginState]));
 						$sLoginState = self::LOGIN_STATE_SET_ERROR; // Next state will be error
 						// An error was detected, skip the other plugins turn
 						break;
@@ -506,7 +508,6 @@ class LoginWebPage extends NiceWebPage
 			}
 			catch (Exception $e)
 			{
-				EventService::FireEvent(new EventData(EVENT_LOGIN, null, ['state' => $_SESSION['login_state']]));
 				IssueLog::Error($e->getTraceAsString());
 				static::ResetSession();
 				die($e->getMessage());
@@ -963,7 +964,7 @@ class LoginWebPage extends NiceWebPage
 		}
 		else
 		{
-			if ($iOnExit == self::EXIT_RETURN)
+			if ($iOnExit === self::EXIT_RETURN)
 			{
 				return self::EXIT_CODE_PORTALUSERNOTAUTHORIZED;
 			}
@@ -1018,7 +1019,7 @@ class LoginWebPage extends NiceWebPage
 		{
 			if ($bMustBeAdmin && !UserRights::IsAdministrator())
 			{
-				if ($iOnExit == self::EXIT_RETURN)
+				if ($iOnExit === self::EXIT_RETURN)
 				{
 					return self::EXIT_CODE_MUSTBEADMIN;
 				}
@@ -1034,7 +1035,7 @@ class LoginWebPage extends NiceWebPage
 			}
 			$iRet = call_user_func(array(self::$sHandlerClass, 'ChangeLocation'), $sRequestedPortalId, $iOnExit);
 		}
-		if ($iOnExit == self::EXIT_RETURN)
+		if ($iOnExit === self::EXIT_RETURN)
 		{
 			return $iRet;
 		}

application/maintenancemsg.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2021 Combodo SARL
  *
  * This file is part of iTop.
  *

application/menunode.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -291,17 +291,7 @@ class ApplicationMenu
 	 * @param string $sMenuGroupIdx
 	 * @param array $aExtraParams
 	 *
-	 * @return array{
-	 *     array{
-	 *        sId: string,
-	 *        sTitle: string,
-	 *        sLabel: string,
-	 *        bHasCount: boolean,
-	 *        sUrl: string,
-	 *        bOpenInNewWindow: boolean,
-	 *        aSubMenuNodes: array
-	 *     }
-	 * } The aSubMenuNodes key contains the same structure recursively
+	 * @return array
 	 * @throws \DictExceptionMissingString
 	 * @throws \Exception
 	 * @since 3.0.0
@@ -330,13 +320,12 @@ class ApplicationMenu
 			}
 
 			$aSubMenuNodes[] = [
-				'sId'              => $oSubMenuNode->GetMenuId(),
-				'sTitle'           => $oSubMenuNode->GetTitle(),
-				'sLabel'           => $oSubMenuNode->GetLabel(),
-				'bHasCount'        => $oSubMenuNode->HasCount(),
-				'sUrl'             => $oSubMenuNode->GetHyperlink($aExtraParams),
+				'sId' => $oSubMenuNode->GetMenuId(),
+				'sTitle' => $oSubMenuNode->GetTitle(),
+				'bHasCount' => $oSubMenuNode->HasCount(),
+				'sUrl' => $oSubMenuNode->GetHyperlink($aExtraParams),
 				'bOpenInNewWindow' => $oSubMenuNode->IsHyperLinkInNewWindow(),
-				'aSubMenuNodes'    => static::GetSubMenuNodes($sSubMenuItemIdx, $aExtraParams),
+				'aSubMenuNodes' => static::GetSubMenuNodes($sSubMenuItemIdx, $aExtraParams),
 			];
 		}
 
@@ -757,7 +746,7 @@ abstract class MenuNode
 	}
 
 	/**
-	 * @return string The "+" dictionary entry for this menu if exists, otherwise the Title (if we have a parent title, will output parentTitle / currentTitle)
+	 * @return string
 	 */
 	public function GetLabel()
 	{
@@ -769,6 +758,7 @@ abstract class MenuNode
 			} else {
 				$sRet = $this->GetTitle();
 			}
+			//$sRet = $this->GetTitle();
 		}
 		return $sRet;
 	}
@@ -1111,7 +1101,6 @@ class OQLMenuNode extends MenuNode
 	 */
 	public function RenderContent(WebPage $oPage, $aExtraParams = array())
 	{
-		ContextTag::AddContext(ContextTag::TAG_OBJECT_SEARCH);
 		ApplicationMenu::CheckMenuIdEnabled($this->GetMenuId());
 		OQLMenuNode::RenderOQLSearch
 		(

application/newsroomprovider.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //

application/nicewebpage.class.inc.php

@@ -1,8 +1,8 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/NiceWebPage.php, now loadable using autoloader
+ * @deprecated  3.0.0 will be removed in 3.1.0 - moved to sources/application/WebPage/NiceWebPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/NiceWebPage.php, now loadable using autoloader');
+DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/NiceWebPage.php, now loadable using autoloader');

application/pdfpage.class.inc.php

@@ -1,8 +1,8 @@
 <?php
 /**
- * @deprecated  will be removed in 3.1.0 - moved to sources/Application/WebPage/PDFPage.php, now loadable using autoloader
+ * @deprecated  3.0.0 will be removed in 3.1.0 - moved to sources/application/WebPage/PDFPage.php, now loadable using autoloader
  * @license     http://opensource.org/licenses/AGPL-3.0
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  */
 
-DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/Application/WebPage/PDFPage.php, now loadable using autoloader');
+DeprecatedCallsLog::NotifyDeprecatedFile('moved to sources/application/WebPage/PDFPage.php, now loadable using autoloader');

application/query.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * Copyright (C) 2010-2023 Combodo SARL
+ * Copyright (C) 2010-2021 Combodo SARL
  *
  * This file is part of iTop.
  *
@@ -18,7 +18,8 @@
  */
 
 use Combodo\iTop\Application\UI\Base\Component\Alert\AlertUIBlockFactory;
-use Combodo\iTop\Application\UI\Base\Component\FieldSet\FieldSetUIBlockFactory;
+use Combodo\iTop\Application\UI\Base\Component\Field\Field;
+use Combodo\iTop\Application\UI\Base\Component\Field\FieldUIBlockFactory;
 use Combodo\iTop\Application\UI\Base\Component\Html\Html;
 use Combodo\iTop\Application\UI\Base\Component\Input\TextArea;
 
@@ -50,7 +51,6 @@ abstract class Query extends cmdbAbstractObject
 			"is_null_allowed" => false,
 			"depends_on" => array(),
 		)));
-
 		MetaModel::Init_AddAttribute(new AttributeText("description", array(
 			"allowed_values" => null,
 			"sql" => "description",
@@ -68,45 +68,6 @@ abstract class Query extends cmdbAbstractObject
 			'display_style' => 'radio_horizontal',
 		)));
 
-		MetaModel::Init_AddAttribute(new AttributeInteger("export_count", array(
-			"allowed_values" => null,
-			"sql" => "export_count",
-			"default_value" => 0,
-			"is_null_allowed" => false,
-			"depends_on" => array(),
-			"tracking_level" => ATTRIBUTE_TRACKING_NONE,
-		)));
-
-		MetaModel::Init_AddAttribute(new AttributeDateTime("export_last_date", array(
-			"allowed_values" => null,
-			"sql" => "export_last_date",
-			"default_value" => null,
-			"is_null_allowed" => true,
-			"depends_on" => array(),
-			"tracking_level" => ATTRIBUTE_TRACKING_NONE,
-		)));
-
-		MetaModel::Init_AddAttribute(new AttributeExternalKey("export_last_user_id",
-			array(
-				"targetclass"=>'User',
-				"allowed_values"=>null,
-				"sql"=>'user_id',
-				"is_null_allowed"=>true,
-				"depends_on"=>array(),
-				"display_style"=>'select',
-				"always_load_in_tables"=>false,
-				"on_target_delete"=>DEL_SILENT,
-				"tracking_level" => ATTRIBUTE_TRACKING_NONE,
-			)));
-
-		MetaModel::Init_AddAttribute(new AttributeExternalField("export_last_user_contact",
-			array(
-				"allowed_values"=>null,
-				"extkey_attcode"=> "export_last_user_id",
-				"target_attcode"=>"contactid",
-				"tracking_level" => ATTRIBUTE_TRACKING_NONE,
-			)));
-
 		// Display lists
 		MetaModel::Init_SetZListItems('details',
 			array('name', 'is_template', 'description')); // Attributes to be displayed for the complete details
@@ -117,55 +78,6 @@ abstract class Query extends cmdbAbstractObject
 			array('name', 'description', 'is_template')); // Criteria of the default search form
 		// MetaModel::Init_SetZListItems('advanced_search', array('name')); // Criteria of the advanced search form
 	}
-
-
-	/**
-	 * @inheritdoc
-	 *
-	 * @since 3.1.0
-	 */
-	public function GetAttributeFlags($sAttCode, &$aReasons = array(), $sTargetState = '')
-	{
-		// read only attribute
-		if (in_array($sAttCode, ['export_count', 'export_last_date', 'export_last_user_id'])){
-			return OPT_ATT_READONLY;
-		}
-
-		return parent::GetAttributeFlags($sAttCode, $aReasons, $sTargetState);
-	}
-
-
-	/**
-	 * Return export url.
-	 *
-	 * @param array|null $aValues optional values for the query
-	 *
-	 * @return string|null
-	 * @since 3.1.0
-	 */
-	abstract public function GetExportUrl(array $aValues = null) : ?string;
-
-	/**
-	 * Update last export information.
-	 *
-	 * @return void
-	 * @throws \ArchivedObjectException
-	 * @throws \CoreException
-	 * @throws \CoreUnexpectedValue
-	 * @throws \MySQLException
-	 * @since 3.1.0
-	 */
-	public function UpdateLastExportInformation() : void
-	{
-		// last export information
-		$this->Set('export_last_date', date(AttributeDateTime::GetSQLFormat()));
-		$this->Set('export_last_user_id', UserRights::GetUserObject());
-		$this->AllowWrite(true);
-		$this->DBUpdate();
-
-		// increment usage counter
-		$this->DBIncrement('export_count');
-	}
 }
 
 class QueryOQL extends Query
@@ -204,51 +116,13 @@ class QueryOQL extends Query
 
 		// Display lists
 		MetaModel::Init_SetZListItems('details',
-			array(
-				'col:col1' => array('fieldset:Query:baseinfo' => array('name', 'is_template', 'description', 'oql', 'fields')),
-				'col:col2' => array('fieldset:Query:exportInfo' => array('export_count', 'export_last_date', 'export_last_user_id', 'export_last_user_contact'))
-			)
-		); // Attributes to be displayed for the complete details
+			array('name', 'is_template', 'description', 'oql', 'fields')); // Attributes to be displayed for the complete details
 		MetaModel::Init_SetZListItems('list', array('description')); // Attributes to be displayed for a list
 		// Search criteria
 		MetaModel::Init_SetZListItems('standard_search',
 			array('name', 'description', 'is_template', 'fields', 'oql')); // Criteria of the std search form
 	}
 
-	/** @inheritdoc */
-	public function GetExportUrl(array $aValues = null) : ?string
-	{
-		try{
-			// retrieve attributes
-			$sFields = trim($this->Get('fields'));
-			$sOql = $this->Get('oql');
-
-			// construct base url depending on version
-			$bExportV1Recommended = ($sFields == '');
-			if ($bExportV1Recommended) {
-				$sUrl = utils::GetAbsoluteUrlAppRoot().'webservices/export.php?format=spreadsheet&login_mode=basic&query='.$this->GetKey();
-			}
-			else{
-				$sUrl = utils::GetAbsoluteUrlAppRoot().'webservices/export-v2.php?format=spreadsheet&login_mode=basic&date_format='.urlencode((string)AttributeDateTime::GetFormat()).'&query='.$this->GetKey();
-			}
-
-			// search object from OQL
-			$oSearch = DBObjectSearch::FromOQL($sOql);
-
-			// inject parameters
-			$aParameters = $oSearch->GetQueryParams();
-			foreach ($aParameters as $sParam => $val) {
-				$paramValue = ($aValues === null || $aValues[$sParam] === null) ? $sParam : $aValues[$sParam];
-				$sUrl .= '&arg_' . $sParam . '=' . $paramValue;
-			}
-
-			return $sUrl;
-		}
-		catch(Exception $e){
-			return null;
-		}
-	}
-
 	function DisplayBareProperties(WebPage $oPage, $bEditMode = false, $sPrefix = '', $aExtraParams = array())
 	{
 		$aFieldsMap = parent::DisplayBareProperties($oPage, $bEditMode, $sPrefix, $aExtraParams);
@@ -278,11 +152,9 @@ class QueryOQL extends Query
 					$sUrl .= '&arg_'.$sParam.'=["'.$sParam.'"]';
 				}
 
-				// add text area inside field set
-				$oFieldSet = FieldSetUIBlockFactory::MakeStandard(Dict::S('UI:Query:UrlForExcel'));
 				$oTextArea = new TextArea("", $sUrl, null, 80, 3);
-				$oFieldSet->AddSubBlock($oTextArea);
-				$oPage->AddSubBlock($oFieldSet);
+				$oFieldUrl = FieldUIBlockFactory::MakeFromObject(Dict::S('UI:Query:UrlForExcel'), $oTextArea, Field::ENUM_FIELD_LAYOUT_LARGE);
+				$oPage->AddSubBlock($oFieldUrl);
 
 				if (count($aParameters) == 0) {
 					$oBlock = new DisplayBlock($oSearch, 'list');
@@ -306,7 +178,6 @@ class QueryOQL extends Query
 		return $aFieldsMap;
 	}
 
-
 // Rolled back until 'fields' can be properly managed by AttributeQueryAttCodeSet
 //
 //	public function ComputeValues()

application/shortcut.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -22,7 +22,7 @@ use Combodo\iTop\Application\UI\Base\Component\DataTable\DataTableSettings;
  * Persistent class Shortcut and derived
  * Shortcuts of any kind
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 

application/startup.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -17,17 +17,16 @@
 //   along with iTop. If not, see <http://www.gnu.org/licenses/>
 use Combodo\iTop\Application\Helper\Session;
 
-require_once(APPROOT.'core/cmdbobject.class.inc.php');
-require_once(APPROOT.'application/utils.inc.php');
-require_once(APPROOT.'core/contexttag.class.inc.php');
-require_once(APPROOT.'core/kpi.class.inc.php');
-require_once(APPROOT.'setup/setuputils.class.inc.php');
+require_once(APPROOT.'/core/cmdbobject.class.inc.php');
+require_once(APPROOT.'/application/utils.inc.php');
+require_once(APPROOT.'/core/contexttag.class.inc.php');
+require_once(APPROOT.'/core/kpi.class.inc.php');
 
 
 /**
  * File to include to initialize the datamodel in memory
  *
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
@@ -99,4 +98,10 @@ else
 	Session::Set('itop_env', ITOP_DEFAULT_ENV);
 }
 $sConfigFile = APPCONF.$sEnv.'/'.ITOP_CONFIG_FILE;
-MetaModel::Startup($sConfigFile, false /* $bModelOnly */, $bAllowCache, false /* $bTraceSourceFiles */, $sEnv);
+try {
+    MetaModel::Startup($sConfigFile, false /* $bModelOnly */, $bAllowCache, false /* $bTraceSourceFiles */, $sEnv);
+}
+catch (MySQLException $e) {
+    IssueLog::Debug($e->getMessage());
+    throw new MySQLException('Could not connect to the DB server', []);
+}

application/template.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2021 Combodo SARL
  *
  * This file is part of iTop.
  *
@@ -229,10 +229,12 @@ class DisplayTemplate
 	static public function UnitTest()
 	{
 		require_once(APPROOT.'/application/startup.inc.php');
+		require_once(APPROOT."/application/itopwebpage.class.inc.php");
 		
 		$sTemplate = '<div class="page_header">
 		<div class="actions_details"><a href="#"><span>Actions</span></a></div>
 		<h1>$class$: <span class="hilite">$name$</span></h1>
+		<itopblock blockclass="HistoryBlock" type="toggle" encoding="text/oql">SELECT CMDBChangeOp WHERE objkey = $id$ AND objclass = \'$class$\'</itopblock>
 		</div>
 		<img src="../../images/connect_to_network.png" style="margin-top:-10px; margin-right:10px; float:right">
 		<itoptabs>
@@ -351,7 +353,7 @@ class ObjectDetailsTemplate extends DisplayTemplate
 							$sTip = '';
 							foreach($aReasons as $aRow)
 							{
-								$sDescription = utils::EscapeHtml($aRow['description']);
+								$sDescription = htmlentities($aRow['description'], ENT_QUOTES, 'UTF-8');
 								$sDescription = str_replace(array("\r\n", "\n"), "<br/>", $sDescription);
 								$sTip .= "<div class='synchro-source'>";
 								$sTip .= "<div class='synchro-source-title'>Synchronized with {$aRow['name']}</div>";
@@ -359,10 +361,10 @@ class ObjectDetailsTemplate extends DisplayTemplate
 							}
 							$oPage->add_ready_script("$('#synchro_$iInputId').qtip( { content: '$sTip', show: 'mouseover', hide: 'mouseout', style: { name: 'dark', tip: 'leftTop' }, position: { corner: { target: 'rightMiddle', tooltip: 'leftTop' }} } );");
 						}
-
+	
 						// Attribute is read-only
 						$sHTMLValue = "<span id=\"field_{$iInputId}\">".$this->m_oObj->GetAsHTML($sAttCode);
-						$sHTMLValue .= '<input type="hidden" id="'.$iInputId.'" name="attr_'.$sAttCode.'" value="'.utils::EscapeHtml($this->m_oObj->Get($sAttCode)).'"/></span>';
+						$sHTMLValue .= '<input type="hidden" id="'.$iInputId.'" name="attr_'.$sAttCode.'" value="'.htmlentities($this->m_oObj->Get($sAttCode), ENT_QUOTES, 'UTF-8').'"/></span>';
 						$aFieldsMap[$sAttCode] = $iInputId;
 						$aParams['this->comments('.$sAttCode.')'] = $sSynchroIcon;
 					}

application/templates/audit_category.html

@@ -1,6 +1,7 @@
 <div class="page_header">
 	<itopblock blockclass="MenuBlock" type="popup" encoding="text/oql" label="Actions">SELECT $class$ WHERE id = $id$</itopblock>
 	<h1>$class$: <span class="hilite">$name$</span></h1>
+	<itopblock blockclass="HistoryBlock" type="toggle" encoding="text/oql">SELECT CMDBChangeOp WHERE objkey = $id$ AND objclass = '$class$'</itopblock>
 </div>
 <img src="../../images/clean.png" style="margin-top:-20px; margin-right:10px; float:right">
 <itopblock blockclass="DisplayBlock" asynchronous="false" type="bare_details" encoding="text/oql">SELECT $class$ WHERE id = $id$</itopblock>

application/themehandler.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2021 Combodo SARL
  *
  * This file is part of iTop.
  *

application/themehandlerservice.class.inc.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (C) 2013-2023 Combodo SARL
+ * Copyright (C) 2013-2020 Combodo SARL
  *
  * This file is part of iTop.
  *

application/transaction.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -24,7 +24,7 @@ use Combodo\iTop\Application\Helper\Session;
  * which choice is configured via the parameter 'transaction_storage'
  *  
  * @package     iTop
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 class privUITransaction

application/twigextension.class.inc.php

@@ -4,17 +4,13 @@ namespace Combodo\iTop;
 
 use AttributeDate;
 use AttributeDateTime;
-use DeprecatedCallsLog;
 use Dict;
 use Exception;
-use MetaModel;
-use Twig\Environment;
-use Twig\TwigFilter;
-use Twig\TwigFunction;
+use Twig_Environment;
+use Twig_SimpleFilter;
+use Twig_SimpleFunction;
 use utils;
 
-DeprecatedCallsLog::NotifyDeprecatedFile('instead use sources/Application/TwigBase/Twig/Extension.php, which is loaded by the autoloader');
-
 /**
  * Class TwigExtension
  *
@@ -28,13 +24,13 @@ class TwigExtension
 	 * Registers Twig extensions such as filters or functions.
 	 * It allows us to access some stuff directly in twig.
 	 *
-	 * @param Environment $oTwigEnv
+	 * @param \Twig_Environment $oTwigEnv
 	 */
-	public static function RegisterTwigExtensions(Environment &$oTwigEnv)
+	public static function RegisterTwigExtensions(Twig_Environment &$oTwigEnv)
 	{
 		// Filter to translate a string via the Dict::S function
 		// Usage in twig: {{ 'String:ToTranslate'|dict_s }}
-		$oTwigEnv->addFilter(new TwigFilter('dict_s',
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('dict_s',
 				function ($sStringCode, $sDefault = null, $bUserLanguageOnly = false) {
 					return Dict::S($sStringCode, $sDefault, $bUserLanguageOnly);
 				})
@@ -42,7 +38,7 @@ class TwigExtension
 
 		// Filter to format a string via the Dict::Format function
 		// Usage in twig: {{ 'String:ToTranslate'|dict_format() }}
-		$oTwigEnv->addFilter(new TwigFilter('dict_format',
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('dict_format',
 				function ($sStringCode, $sParam01 = null, $sParam02 = null, $sParam03 = null, $sParam04 = null) {
 					return Dict::Format($sStringCode, $sParam01, $sParam02, $sParam03, $sParam04);
 				})
@@ -51,13 +47,16 @@ class TwigExtension
 		// Filter to format output
 		// example a DateTime is converted to user format
 		// Usage in twig: {{ 'String:ToFormat'|output_format }}
-		$oTwigEnv->addFilter(new TwigFilter('date_format',
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('date_format',
 				function ($sDate) {
-					try {
-						if (preg_match('@^\d\d\d\d-\d\d-\d\d \d\d:\d\d:\d\d$@', trim($sDate))) {
+					try
+					{
+						if (preg_match('@^\d\d\d\d-\d\d-\d\d \d\d:\d\d:\d\d$@', trim($sDate)))
+						{
 							return AttributeDateTime::GetFormat()->Format($sDate);
 						}
-						if (preg_match('@^\d\d\d\d-\d\d-\d\d$@', trim($sDate))) {
+						if (preg_match('@^\d\d\d\d-\d\d-\d\d$@', trim($sDate)))
+						{
 							return AttributeDate::GetFormat()->Format($sDate);
 						}
 					}
@@ -72,7 +71,7 @@ class TwigExtension
 		// Filter to format output
 		// example a DateTime is converted to user format
 		// Usage in twig: {{ 'String:ToFormat'|output_format }}
-		$oTwigEnv->addFilter(new TwigFilter('size_format',
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('size_format',
 				function ($sSize) {
 					return utils::BytesToFriendlyFormat($sSize);
 				})
@@ -80,25 +79,24 @@ class TwigExtension
 
 		// Filter to enable base64 encode/decode
 		// Usage in twig: {{ 'String to encode'|base64_encode }}
-		$oTwigEnv->addFilter(new TwigFilter('base64_encode', 'base64_encode'));
-		$oTwigEnv->addFilter(new TwigFilter('base64_decode', 'base64_decode'));
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('base64_encode', 'base64_encode'));
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('base64_decode', 'base64_decode'));
 
 		// Filter to enable json decode  (encode already exists)
 		// Usage in twig: {{ aSomeArray|json_decode }}
-		$oTwigEnv->addFilter(new TwigFilter('json_decode', function ($sJsonString, $bAssoc = false) {
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('json_decode', function ($sJsonString, $bAssoc = false) {
 				return json_decode($sJsonString, $bAssoc);
 			})
 		);
 
 		// Filter to add itopversion to an url
-		$oTwigEnv->addFilter(new TwigFilter('add_itop_version', function ($sUrl) {
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('add_itop_version', function ($sUrl) {
 			$sUrl = utils::AddParameterToUrl($sUrl, 'itopversion', ITOP_VERSION);
-
 			return $sUrl;
 		}));
 
 		// Filter to add a module's version to an url
-		$oTwigEnv->addFilter(new TwigFilter('add_module_version', function ($sUrl, $sModuleName) {
+		$oTwigEnv->addFilter(new Twig_SimpleFilter('add_module_version', function ($sUrl, $sModuleName) {
 			$sModuleVersion = utils::GetCompiledModuleVersion($sModuleName);
 			$sUrl = utils::AddParameterToUrl($sUrl, 'moduleversion', $sModuleVersion);
 
@@ -107,19 +105,22 @@ class TwigExtension
 
 		// Function to check our current environment
 		// Usage in twig:   {% if is_development_environment() %}
-		$oTwigEnv->addFunction(new TwigFunction('is_development_environment', function () {
+		$oTwigEnv->addFunction(new Twig_SimpleFunction('is_development_environment', function()
+		{
 			return utils::IsDevelopmentEnvironment();
 		}));
 
 		// Function to get the URL of a static page in a module
 		// Usage in twig: {{ get_static_page_module_url('itop-my-module', 'path-to-my-page') }}
-		$oTwigEnv->addFunction(new TwigFunction('get_static_page_module_url', function ($sModuleName, $sPage) {
+		$oTwigEnv->addFunction(new Twig_SimpleFunction('get_static_page_module_url', function($sModuleName, $sPage)
+		{
 			return utils::GetAbsoluteUrlModulesRoot().$sModuleName.'/'.$sPage;
 		}));
 
 		// Function to get the URL of a php page in a module
 		// Usage in twig: {{ get_page_module_url('itop-my-module', 'path-to-my-my-page.php') }}
-		$oTwigEnv->addFunction(new TwigFunction('get_page_module_url', function ($sModuleName, $sPage) {
+		$oTwigEnv->addFunction(new Twig_SimpleFunction('get_page_module_url', function($sModuleName, $sPage)
+		{
 			return utils::GetAbsoluteUrlModulePage($sModuleName, $sPage);
 		}));
 	}

application/ui.extkeywidget.class.inc.php

@@ -1,11 +1,11 @@
 <?php
 /*
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
-use Combodo\iTop\Application\Helper\FormHelper;
 use Combodo\iTop\Application\UI\Base\Component\Form\FormUIBlockFactory;
+use Combodo\iTop\Application\UI\Base\Component\Input\InputUIBlockFactory;
 use Combodo\iTop\Application\UI\Base\Layout\UIContentBlockUIBlockFactory;
 use Combodo\iTop\Core\MetaModel\FriendlyNameType;
 
@@ -168,6 +168,8 @@ class UIExtKeyWidget
 		$sMessage = Dict::S('UI:Message:EmptyList:UseSearchForm');
 		$sAttrFieldPrefix = ($this->bSearchMode) ? '' : 'attr_';
 
+		
+		
 		$sFilter = addslashes($oAllowedValues->GetFilter()->ToOQL());
 		if ($this->bSearchMode) {
 			$sWizHelper = 'null';
@@ -306,7 +308,7 @@ EOF
 			$sHTMLValue .= "<input class=\"field_autocomplete ibo-input ibo-input-select ibo-input-select-autocomplete\" type=\"text\"  id=\"label_$this->iId\" value=\"$sDisplayValue\" placeholder='...'/>";
 
 			// another hidden input to store & pass the object's Id
-			$sHTMLValue .= "<input type=\"hidden\" id=\"$this->iId\" name=\"{$sAttrFieldPrefix}{$sFieldName}\" value=\"".utils::HtmlEntities($value)."\" />\n";
+			$sHTMLValue .= "<input type=\"hidden\" id=\"$this->iId\" name=\"{$sAttrFieldPrefix}{$sFieldName}\" value=\"".htmlentities($value, ENT_QUOTES, 'UTF-8')."\" />\n";
 
 			$JSSearchMode = $this->bSearchMode ? 'true' : 'false';
 			// Scripts to start the autocomplete and bind some events to it
@@ -618,7 +620,7 @@ EOF
 			$sHTMLValue .= "<div class=\"ibo-input-select--action-buttons\"><span class=\"field_input_btn\"><div class=\"mini_button ibo-input-select--action-button\"  id=\"mini_search_{$this->iId}\" onClick=\"oACWidget_{$this->iId}.Search();\"><i class=\"fas fa-search\"></i></div></span></div>";
 
 			// another hidden input to store & pass the object's Id
-			$sHTMLValue .= "<input type=\"hidden\" id=\"$this->iId\" name=\"{$sAttrFieldPrefix}{$sFieldName}\" value=\"".utils::EscapeHtml($value)."\" />\n";
+			$sHTMLValue .= "<input type=\"hidden\" id=\"$this->iId\" name=\"{$sAttrFieldPrefix}{$sFieldName}\" value=\"".htmlentities($value, ENT_QUOTES, 'UTF-8')."\" />\n";
 
 			$JSSearchMode = $this->bSearchMode ? 'true' : 'false';
 			// Scripts to start the autocomplete and bind some events to it
@@ -684,15 +686,15 @@ JS
 		}
 		$oFilter->SetModifierProperty('UserRightsGetSelectFilter', 'bSearchMode', $this->bSearchMode);
 		$oBlock = new DisplayBlock($oFilter, 'search', false, $aParams);
-		$oPage->AddUiBlock($oBlock->GetDisplay($oPage, 'dtc_'.$this->iId,
+		$oPage->AddUiBlock($oBlock->GetDisplay($oPage, $this->iId,
 			array(
-				'menu'           => false,
-				'currentId'      => $this->iId,
-				'table_id'       => "dr_{$this->iId}",
+				'menu' => false,
+				'currentId' => $this->iId,
+				'table_id' => "dr_{$this->iId}",
 				'table_inner_id' => "{$this->iId}_results",
 				'selection_mode' => true,
 				'selection_type' => 'single',
-				'cssCount'       => '#count_'.$this->iId.'_results',
+				'cssCount' => '#count_'.$this->iId.'_results',
 			)
 		));
 		$sCancel = Dict::S('UI:Button:Cancel');
@@ -966,16 +968,15 @@ JS
 	<div id="dcr_{$this->iId}">
 HTML
 		);
-
-		$aFormExtraParams = array(
-			'formPrefix'  => $this->iId,
-			'noRelations' => true,
-		);
-
-		// Remove blob edition from creation form @see N°5863 to allow blob edition in modal context
-		FormHelper::DisableAttributeBlobInputs($this->sTargetClass, $aFormExtraParams);
-
-		cmdbAbstractObject::DisplayCreationForm($oPage, $this->sTargetClass, $oNewObj, array(), $aFormExtraParams);
+		$aFieldsFlags = array();
+		$aFieldsComments = array();
+		foreach (MetaModel::ListAttributeDefs($this->sTargetClass) as $sAttCode => $oAttDef) {
+			if (($oAttDef instanceof AttributeBlob) || (false)) {
+				$aFieldsFlags[$sAttCode] = OPT_ATT_READONLY;
+				$aFieldsComments[$sAttCode] = '&nbsp;<img src="../images/transp-lock.png" style="vertical-align:middle" title="'.htmlentities(Dict::S('UI:UploadNotSupportedInThisMode')).'"/>';
+			}
+		}
+		cmdbAbstractObject::DisplayCreationForm($oPage, $this->sTargetClass, $oNewObj, array(), array('formPrefix' => $this->iId, 'noRelations' => true, 'fieldsFlags' => $aFieldsFlags, 'fieldsComments' => $aFieldsComments));
 		$oPage->add(<<<HTML
 	</div>
 </div>
@@ -985,7 +986,7 @@ HTML
 		$oPage->add_ready_script(<<<JS
 $('#ac_create_{$this->iId}').dialog({ width: $(window).width() * 0.6, height: 'auto', maxHeight: $(window).height() - 50, autoOpen: false, modal: true});
 $('#dcr_{$this->iId} form').removeAttr('onsubmit');
-$('#dcr_{$this->iId} form').find('button[type="submit"]').on('click', oACWidget_{$this->iId}.DoCreateObject);
+$('#dcr_{$this->iId} form').on('submit.uilinksWizard', oACWidget_{$this->iId}.DoCreateObject);
 JS
 		);
 	}
@@ -1068,27 +1069,18 @@ JS
 		{
 			$oObj = MetaModel::NewObject($this->sTargetClass);
 			$aErrors = $oObj->UpdateObjectFromPostedForm($this->iId);
-			if (count($aErrors) == 0) {
-
-				// Retrieve JSON data
-				$sJSON = utils::ReadParam('json', '{}', false, utils::ENUM_SANITIZATION_FILTER_RAW_DATA);
-				$oJSON = json_decode($sJSON);
-
-				$oObj->SetContextSection('temporary_objects', [
-					'create' => [
-						'transaction_id' => utils::ReadParam('root_transaction_id', '', false, utils::ENUM_SANITIZATION_FILTER_TRANSACTION_ID),
-						'host_class'     => $oJSON->m_sClass,
-						'host_att_code'  => $this->sAttCode,
-					],
-				]);
-				$oObj->DBInsertNoReload();
-
+			if (count($aErrors) == 0)
+			{
+				$oObj->DBInsert();
 				return array('name' => $oObj->GetName(), 'id' => $oObj->GetKey());
-			} else {
+			}
+			else
+			{
 				return array('error' => implode(' ', $aErrors), 'id' => 0);
 			}
 		}
-		catch (Exception $e) {
+		catch(Exception $e)
+		{
 			return array('error' => $e->getMessage(), 'id' => 0);
 		}
 	}

application/ui.htmleditorwidget.class.inc.php

@@ -1,5 +1,5 @@
 <?php
-// Copyright (C) 2010-2023 Combodo SARL
+// Copyright (C) 2010-2021 Combodo SARL
 //
 //   This file is part of iTop.
 //
@@ -22,7 +22,7 @@ use Combodo\iTop\Application\Helper\WebResourcesHelper;
  * UI wdiget for displaying and editing one-way encrypted passwords
  *
  * @author      Romain Quetiez
- * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @copyright   Copyright (C) 2010-2021 Combodo SARL
  * @license     http://opensource.org/licenses/AGPL-3.0
  */