supannMailPrivee is being used for recovery password with SECOURS tag

supannMailPrivee is being used for recovery password as well.

This replaces save_object and execute methods by 3 methods:
readPost - Reads POST data
update - Update object state
render - Render HTML UI

The point is to avoid reading POST and rendering HTML when this is not
 needed (when doing stuff through the webservice for instance).

It’s also more consisent across FD with all classes handling some kind
 of dialog implementing the new interface FusionDirectoryDialog which
 makes sure these 3 methods are implemented.

issue #6072

issue #6114

issue #6071

msgPool always returns escaped string because it may be used from
 smarty.
htmlescape now calls htmlspecialchars instead of htmlentities, allowing
 to escape strings with % without losing sprintf capability.

issue #6071

issue #6071

issue #6065

issue #6057

Also global_is_set to is_set.

issue #6024

issue #5997

Now $interactive parameter is used to indicate if standAlonePage
 instance should take care of config and session setup or not.
The webservice uses this to use password recovery programatically.

issue #5996

issue #5955

Basic fixes like identation

issue #5955

issue #5956

issue #5854

This is a work-around to avoid javascript injection. The better way
 would be for msg_dialog to escape error text but that would cause
 problem elsewhere, so in the mean time we escape here.

issue #5918

It will be the same as headline when available. It’s also set in login
 and recovery pages.

issue #5898

This should fix CSRF crashes with recovery

issue #5854

issue #5854

Resolve "Security: Missing Security Headers"

See merge request fusiondirectory/fd!303

(cherry picked from commit 7d9a58d9)

4a182d01  feat(core) Add header to forbid framing

Resolve "Security: Missing Security Headers"

See merge request fusiondirectory/fd!303

(cherry picked from commit 7d9a58d9)

4a182d01  feat(core) Add header to forbid framing

For PHP<7.0, we fall back on openssl_random_pseudo_bytes from openssl module.

issue #5843

Also added security headers in standAlonePage so that they are set on
 recovery page as well

issue #5842

Resolve "Security: Insecure Generation of Random Tokens"

See merge request fusiondirectory/fd!301

(cherry picked from commit 3bb68492)

b62266fa  fix(core) Use only random_int for pseudo-random int generation

For PHP<7.0, we fall back on openssl_random_pseudo_bytes from openssl module.

issue #5843

issue #5831

This also fix the workflow to make sure the language in the header is
 correct in all cases.
A PHP error is triggered if setlocale fails or if the wrong language
 header was sent.

issue #5820

There are some left in datepicker.js because of a bug in the sniffer,
 I did not find a way to fix that yet.

issue #5690

This reverts commit ac6539ad.

This reverts commit 7d9b69c0.

- Add copyright
- Remove odd looking icon and version
- Add a way to navigate back from password recovery
- Add icons to password recovery fields

Conflicts:
	ihtml/themes/breezy/recovery.tpl

- Add copyright
- Remove odd looking icon and version
- Add a way to navigate back from password recovery
- Add icons to password recovery fields