diff --git a/composer.json b/composer.json
index 30da448b..0fdf57bd 100644
--- a/composer.json
+++ b/composer.json
@@ -23,7 +23,7 @@
"require": {
"php": "^8.0",
"fleetbase/core-api": "*",
- "barryvdh/laravel-dompdf": "^2.0",
+ "barryvdh/laravel-dompdf": "^3.1",
"brick/geo": "0.7.2",
"cknow/laravel-money": "^7.1",
"geocoder-php/google-maps-places-provider": "^1.4",
@@ -33,7 +33,8 @@
"php-http/guzzle7-adapter": "^1.0",
"psr/http-factory-implementation": "*",
"toin0u/geocoder-laravel": "^4.4",
- "webit/eval-math": "^1.0"
+ "webit/eval-math": "^1.0",
+ "khaled.alshamaa/ar-php": "^6.3"
},
"require-dev": {
"friendsofphp/php-cs-fixer": "^3.34.1",
diff --git a/server/config/dompdf.php b/server/config/dompdf.php
index 499cc754..35eef8ff 100644
--- a/server/config/dompdf.php
+++ b/server/config/dompdf.php
@@ -12,8 +12,15 @@
|
*/
'show_warnings' => false, // Throw an Exception on warnings from dompdf
- 'orientation' => 'portrait',
- 'defines' => [
+
+ 'public_path' => null, // Override the public path if needed
+
+ /*
+ * Dejavu Sans font is missing glyphs for converted entities, turn it off if you need to show € and £.
+ */
+ 'convert_entities' => true,
+
+ 'options' => [
/**
* The location of the DOMPDF font directory
*
@@ -38,7 +45,7 @@
* Times-Roman, Times-Bold, Times-BoldItalic, Times-Italic,
* Symbol, ZapfDingbats.
*/
- "font_dir" => storage_path('fonts/'), // advised by dompdf (https://github.com/dompdf/dompdf/pull/782)
+ 'font_dir' => storage_path('fonts'), // advised by dompdf (https://github.com/dompdf/dompdf/pull/782)
/**
* The location of the DOMPDF font cache directory
@@ -48,16 +55,16 @@
*
* Note: This directory must exist and be writable by the webserver process.
*/
- "font_cache" => storage_path('fonts/'),
+ 'font_cache' => storage_path('fonts'),
/**
* The location of a temporary directory.
*
* The directory specified must be writeable by the webserver process.
* The temporary directory is required to download remote images and when
- * using the PFDLib back end.
+ * using the PDFLib back end.
*/
- "temp_dir" => sys_get_temp_dir(),
+ 'temp_dir' => sys_get_temp_dir(),
/**
* ==== IMPORTANT ====
@@ -69,23 +76,50 @@
* should be an absolute path.
* This is only checked on command line call by dompdf.php, but not by
* direct class use like:
- * $dompdf = new DOMPDF(); $dompdf->load_html($htmldata); $dompdf->render(); $pdfdata = $dompdf->output();
+ * $dompdf = new DOMPDF(); $dompdf->load_html($htmldata); $dompdf->render(); $pdfdata = $dompdf->output();
*/
- "chroot" => realpath(base_path()),
+ 'chroot' => realpath(base_path()),
+
+ /**
+ * Protocol whitelist
+ *
+ * Protocols and PHP wrappers allowed in URIs, and the validation rules
+ * that determine if a resouce may be loaded. Full support is not guaranteed
+ * for the protocols/wrappers specified
+ * by this array.
+ *
+ * @var array
+ */
+ 'allowed_protocols' => [
+ 'data://' => ['rules' => []],
+ 'file://' => ['rules' => []],
+ 'http://' => ['rules' => []],
+ 'https://' => ['rules' => []],
+ ],
+
+ /**
+ * Operational artifact (log files, temporary files) path validation
+ */
+ 'artifactPathValidation' => null,
+
+ /**
+ * @var string
+ */
+ 'log_output_file' => null,
/**
* Whether to enable font subsetting or not.
*/
- "enable_font_subsetting" => false,
+ 'enable_font_subsetting' => false,
/**
* The PDF rendering backend to use
*
* Valid settings are 'PDFLib', 'CPDF' (the bundled R&OS PDF class), 'GD' and
* 'auto'. 'auto' will look for PDFLib and use it if found, or if not it will
- * fall back on CPDF. 'GD' renders PDFs to graphic files. {@link
- * Canvas_Factory} ultimately determines which rendering class to instantiate
- * based on this setting.
+ * fall back on CPDF. 'GD' renders PDFs to graphic files.
+ * {@link * Canvas_Factory} ultimately determines which rendering class to
+ * instantiate based on this setting.
*
* Both PDFLib & CPDF rendering backends provide sufficient rendering
* capabilities for dompdf, however additional features (e.g. object,
@@ -106,21 +140,7 @@
* @link http://www.ros.co.nz/pdf
* @link http://www.php.net/image
*/
- "pdf_backend" => "auto",
-
- /**
- * PDFlib license key
- *
- * If you are using a licensed, commercial version of PDFlib, specify
- * your license key here. If you are using PDFlib-Lite or are evaluating
- * the commercial version of PDFlib, comment out this setting.
- *
- * @link http://www.pdflib.com
- *
- * If pdflib present in web server and auto or selected explicitely above,
- * a real license code must exist!
- */
- //"DOMPDF_PDFLIB_LICENSE" => "your license key here",
+ 'pdf_backend' => 'CPDF',
/**
* html target media view which should be rendered into pdf.
@@ -132,7 +152,7 @@
* the desired content might be different (e.g. screen or projection view of html file).
* Therefore allow specification of content here.
*/
- "default_media_type" => "screen",
+ 'default_media_type' => 'screen',
/**
* The default paper size.
@@ -141,15 +161,25 @@
*
* @see CPDF_Adapter::PAPER_SIZES for valid sizes ('letter', 'legal', 'A4', etc.)
*/
- "default_paper_size" => "a4",
+ 'default_paper_size' => 'a4',
+
+ /**
+ * The default paper orientation.
+ *
+ * The orientation of the page (portrait or landscape).
+ *
+ * @var string
+ */
+ 'default_paper_orientation' => 'portrait',
/**
* The default font family
*
* Used if no suitable fonts can be found. This must exist in the font folder.
+ *
* @var string
*/
- "default_font" => "sans-serif",
+ 'default_font' => 'serif',
/**
* Image DPI setting
@@ -184,59 +214,88 @@
*
* @var int
*/
- "dpi" => 96,
+ 'dpi' => 96,
/**
- * Enable inline PHP
+ * Enable embedded PHP
*
- * If this setting is set to true then DOMPDF will automatically evaluate
- * inline PHP contained within tags.
+ * If this setting is set to true then DOMPDF will automatically evaluate embedded PHP contained
+ * within tags.
*
- * Enabling this for documents you do not trust (e.g. arbitrary remote html
- * pages) is a security risk. Set this option to false if you wish to process
- * untrusted documents.
+ * ==== IMPORTANT ==== Enabling this for documents you do not trust (e.g. arbitrary remote html pages)
+ * is a security risk.
+ * Embedded scripts are run with the same level of system access available to dompdf.
+ * Set this option to false (recommended) if you wish to process untrusted documents.
+ * This setting may increase the risk of system exploit.
+ * Do not change this settings without understanding the consequences.
+ * Additional documentation is available on the dompdf wiki at:
+ * https://github.com/dompdf/dompdf/wiki
*
* @var bool
*/
- "enable_php" => false,
+ 'enable_php' => false,
/**
- * Enable inline Javascript
+ * Rnable inline JavaScript
*
- * If this setting is set to true then DOMPDF will automatically insert
- * JavaScript code contained within tags.
+ * If this setting is set to true then DOMPDF will automatically insert JavaScript code contained
+ * within tags as written into the PDF.
+ * NOTE: This is PDF-based JavaScript to be executed by the PDF viewer,
+ * not browser-based JavaScript executed by Dompdf.
*
* @var bool
*/
- "enable_javascript" => true,
+ 'enable_javascript' => true,
/**
* Enable remote file access
*
- * If this setting is set to true, DOMPDF will access remote sites for
- * images and CSS files as required.
- * This is required for part of test case www/test/image_variants.html through www/examples.php
+ * If this setting is set to true, DOMPDF will access remote sites for
+ * images and CSS files as required.
*
- * Attention!
- * This can be a security risk, in particular in combination with DOMPDF_ENABLE_PHP and
- * allowing remote access to dompdf.php or on allowing remote html code to be passed to
- * $dompdf = new DOMPDF(, $dompdf->load_html(...,
- * This allows anonymous users to download legally doubtful internet content which on
- * tracing back appears to being downloaded by your server, or allows malicious php code
- * in remote html pages to be executed by your server with your account privileges.
+ * ==== IMPORTANT ====
+ * This can be a security risk, in particular in combination with isPhpEnabled and
+ * allowing remote html code to be passed to $dompdf = new DOMPDF(); $dompdf->load_html(...);
+ * This allows anonymous users to download legally doubtful internet content which on
+ * tracing back appears to being downloaded by your server, or allows malicious php code
+ * in remote html pages to be executed by your server with your account privileges.
+ *
+ * This setting may increase the risk of system exploit. Do not change
+ * this settings without understanding the consequences. Additional
+ * documentation is available on the dompdf wiki at:
+ * https://github.com/dompdf/dompdf/wiki
*
* @var bool
*/
- "enable_remote" => true,
+ 'enable_remote' => false,
+
+ /**
+ * List of allowed remote hosts
+ *
+ * Each value of the array must be a valid hostname.
+ *
+ * This will be used to filter which resources can be loaded in combination with
+ * isRemoteEnabled. If enable_remote is FALSE, then this will have no effect.
+ *
+ * Leave to NULL to allow any remote host.
+ *
+ * @var array|null
+ */
+ 'allowed_remote_hosts' => null,
/**
* A ratio applied to the fonts height to be more like browsers' line height
*/
- "font_height_ratio" => 1.1,
+ 'font_height_ratio' => 1.1,
/**
- * Use the more-than-experimental HTML5 Lib parser
+ * Use the HTML5 Lib parser
+ *
+ * @deprecated This feature is now always on in dompdf 2.x
+ *
+ * @var bool
*/
- "enable_html5_parser" => false,
+ 'enable_html5_parser' => true,
],
+
];
diff --git a/server/resources/views/labels/default.php b/server/resources/views/labels/default.php
index 901ba6a3..44436881 100755
--- a/server/resources/views/labels/default.php
+++ b/server/resources/views/labels/default.php
@@ -12,6 +12,10 @@