/** * Constructor - Sets the templateDir and compileDir for the Smarty files * @param <String> - $media Layout/Media name */ function __construct($media = '') { parent::__construct(); $THISDIR = dirname(__FILE__); $compileDir = ''; $templateDir = []; if (!empty($media)) { self::$currentLayout = $media; $customTemplatesDir = $THISDIR . '/../../custom/layouts/' . $media; $templateDir[] = $THISDIR . '/../../layouts/' . $media; $compileDir = $THISDIR . '/../../cache/templates_c/' . $media; } else { self::$currentLayout = Yeti_Layout::getActiveLayout(); $templateDir[] = $THISDIR . '/../../custom/layouts/' . self::$currentLayout; $templateDir[] = $THISDIR . '/../../layouts/' . self::$currentLayout; } $templateDir[] = $THISDIR . '/../../custom/layouts/' . self::getDefaultLayoutName(); $templateDir[] = $THISDIR . '/../../layouts/' . self::getDefaultLayoutName(); $compileDir = $THISDIR . '/../../cache/templates_c/' . self::getDefaultLayoutName(); if (!file_exists($compileDir)) { mkdir($compileDir, 0777, true); } $this->setTemplateDir($templateDir); $this->setCompileDir($compileDir); self::$debugViewer = AppConfig::debug('DEBUG_VIEWER'); // FOR SECURITY // Escape all {$variable} to overcome XSS // We need to use {$variable nofilter} to overcome double escaping // TODO: Until we review the use disabled. //$this->registerFilter('variable', array($this, 'safeHtmlFilter')); // FOR DEBUGGING: We need to have this only once. static $debugViewerURI = false; if (self::$debugViewer && $debugViewerURI === false) { $debugViewerURI = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH); if (!empty($_POST)) { $debugViewerURI .= '?' . http_build_query($_POST); } else { $debugViewerURI = $_SERVER['REQUEST_URI']; } $this->log("URI: {$debugViewerURI}, TYPE: " . $_SERVER['REQUEST_METHOD']); } }
public static function load($key, $config) { switch ($key) { case 'debug': self::$debug = $config; break; case 'developer': self::$developer = $config; break; case 'security': self::$security = $config; break; case 'securityKeys': self::$securityKeys = $config; break; case 'performance': self::$performance = $config; break; case 'relation': self::$relation = $config; break; } }
public function checkError($message, $dieOnError = false, $query = false, $params = false) { if ($this->hasActiveTransaction) { $this->rollbackTransaction(); } if ($this->dieOnError || $dieOnError) { $backtrace = false; if (AppConfig::debug('DISPLAY_DEBUG_BACKTRACE')) { $backtrace = Vtiger_Functions::getBacktrace(); } $message = ['message' => $message, 'trace' => $backtrace, 'query' => $query, 'params' => $params]; Vtiger_Functions::throwNewException($message, true, 'DatabaseException.tpl'); } }
* The contents of this file are subject to the SugarCRM Public License Version 1.1.2 * ("License"); You may not use this file except in compliance with the * License. You may obtain a copy of the License at http://www.sugarcrm.com/SPL * Software distributed under the License is distributed on an "AS IS" basis, * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for * the specific language governing rights and limitations under the License. * The Original Code is: SugarCRM Open Source * The Initial Developer of the Original Code is SugarCRM, Inc. * Portions created by SugarCRM are Copyright (C) SugarCRM, Inc.; * All Rights Reserved. * Contributor(s): YetiForce.com * ****************************************************************************** */ /* * ******************************************************************************* * $Header: /advent/projects/wesat/vtiger_crm/sugarcrm/include/logging.php,v 1.1 2004/08/17 13:23:37 gjayakrishnan Exp $ * Description: Kicks off log4php. * ****************************************************************************** */ require_once 'include/ConfigUtils.php'; // Performance Optimization: Configure the log folder if (AppConfig::debug('LOG4PHP_DEBUG')) { define('LOG4PHP_DIR', 'libraries/log4php.debug'); } else { define('LOG4PHP_DIR', 'libraries/log4php'); } // END define('LOG4PHP_DEFAULT_INIT_OVERRIDE', true); require_once LOG4PHP_DIR . '/LoggerManager.php'; require_once LOG4PHP_DIR . '/LoggerPropertyConfigurator.php'; $config = new LoggerPropertyConfigurator(); $config->configure('config/log4php.properties'); global $log; $log = LoggerManager::getLogger('System');
function process(Vtiger_Request $request) { $log = LoggerManager::getLogger('System'); vglobal('log', $log); Vtiger_Session::init(); if (AppConfig::main('forceSSL') && !Vtiger_Functions::getBrowserInfo()->https) { header("Location: https://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}"); } // Better place this here as session get initiated //skipping the csrf checking for the forgot(reset) password if (AppConfig::main('csrfProtection') && $request->get('mode') != 'reset' && $request->get('action') != 'Login') { require_once 'libraries/csrf-magic/csrf-magic.php'; require_once 'config/csrf_config.php'; } // TODO - Get rid of global variable $current_user // common utils api called, depend on this variable right now $currentUser = $this->getLogin(); vglobal('current_user', $currentUser); $currentLanguage = Vtiger_Language_Handler::getLanguage(); vglobal('current_language', $currentLanguage); $module = $request->getModule(); $qualifiedModuleName = $request->getModule(false); if ($currentUser && $qualifiedModuleName) { $moduleLanguageStrings = Vtiger_Language_Handler::getModuleStringsFromFile($currentLanguage, $qualifiedModuleName); vglobal('mod_strings', $moduleLanguageStrings['languageStrings']); } if ($currentUser) { $moduleLanguageStrings = Vtiger_Language_Handler::getModuleStringsFromFile($currentLanguage); vglobal('app_strings', $moduleLanguageStrings['languageStrings']); } $view = $request->get('view'); $action = $request->get('action'); $response = false; try { if ($this->isInstalled() === false && $module != 'Install') { header('Location:install/Install.php'); exit; } if (empty($module)) { if ($this->hasLogin()) { $defaultModule = AppConfig::main('default_module'); if (!empty($defaultModule) && $defaultModule != 'Home') { $module = $defaultModule; $qualifiedModuleName = $defaultModule; $view = 'List'; if ($module == 'Calendar') { // To load MyCalendar instead of list view for calendar //TODO: see if it has to enhanced and get the default view from module model $view = 'Calendar'; } } else { $module = 'Home'; $qualifiedModuleName = 'Home'; $view = 'DashBoard'; } } else { $module = 'Users'; $qualifiedModuleName = 'Settings:Users'; $view = 'Login'; } $request->set('module', $module); $request->set('view', $view); } if (!empty($action)) { $componentType = 'Action'; $componentName = $action; } else { $componentType = 'View'; if (empty($view)) { $view = 'Index'; } $componentName = $view; } $handlerClass = Vtiger_Loader::getComponentClassName($componentType, $componentName, $qualifiedModuleName); $handler = new $handlerClass(); if ($handler) { vglobal('currentModule', $module); $csrfProtection = vglobal('csrfProtection'); if ($csrfProtection) { // Ensure handler validates the request $handler->validateRequest($request); } if ($handler->loginRequired()) { $this->checkLogin($request); } //TODO : Need to review the design as there can potential security threat $skipList = array('Users', 'Home', 'CustomView', 'Import', 'Export', 'Inventory', 'Vtiger', 'Migration', 'Install'); if (!in_array($module, $skipList) && stripos($qualifiedModuleName, 'Settings') === false) { $this->triggerCheckPermission($handler, $request); } // Every settings page handler should implement this method if (stripos($qualifiedModuleName, 'Settings') === 0 || $module == 'Users') { $handler->checkPermission($request); } $notPermittedModules = array('ModComments', 'Integration', 'DashBoard'); if (in_array($module, $notPermittedModules) && $view == 'List') { header('Location:index.php?module=Home&view=DashBoard'); } $this->triggerPreProcess($handler, $request); $response = $handler->process($request); $this->triggerPostProcess($handler, $request); } else { throw new AppException(vtranslate('LBL_HANDLER_NOT_FOUND')); } } catch (AppException $e) { $log->error($e->getMessage() . ' => ' . $e->getFile() . ':' . $e->getLine()); Vtiger_Functions::throwNewException($e->getMessage(), false); if (AppConfig::debug('DISPLAY_DEBUG_BACKTRACE')) { exit('<pre>' . $e->getTraceAsString() . '</pre>'); } } catch (NoPermittedToRecordException $e) { //No permissions for the record $log->error($e->getMessage() . ' => ' . $e->getFile() . ':' . $e->getLine()); Vtiger_Functions::throwNewException($e->getMessage(), false, 'NoPermissionsForRecord.tpl'); if (AppConfig::debug('DISPLAY_DEBUG_BACKTRACE')) { exit('<pre>' . $e->getTraceAsString() . '</pre>'); } } catch (Exception $e) { $log->error($e->getMessage() . ' => ' . $e->getFile() . ':' . $e->getLine()); Vtiger_Functions::throwNewException($e->getMessage(), false); if (AppConfig::debug('DISPLAY_DEBUG_BACKTRACE')) { exit('<pre>' . $e->getTraceAsString() . '</pre>'); } } if ($response) { $response->emit(); } }
$directory->getRootChild(); $nodes[] = $directory; } // The object tree needs in turn to be passed to the server class $server = new Yeti\DAV_Server($nodes); $server->setBaseUri($baseUri); $server->debugExceptions = AppConfig::debug('DAV_DEBUG_EXCEPTIONS'); // Plugins $server->addPlugin(new Sabre\DAV\Auth\Plugin($authBackend, 'YetiDAV')); $server->addPlugin(new Sabre\DAVACL\Plugin()); $server->addPlugin(new Sabre\DAV\Sync\Plugin()); if ($enableBrowser) { $server->addPlugin(new Sabre\DAV\Browser\Plugin()); // Automatically guess (some) contenttypes, based on extesion $server->addPlugin(new Sabre\DAV\Browser\GuessContentType()); } if ($enableCardDAV) { //CardDav integration $server->addPlugin(new Sabre\CardDAV\Plugin()); } if ($enableCalDAV) { //CalDAV integration $server->addPlugin(new Sabre\CalDAV\Plugin()); $server->addPlugin(new Sabre\CalDAV\Subscriptions\Plugin()); $server->addPlugin(new Sabre\CalDAV\Schedule\Plugin()); } if (AppConfig::debug('DAV_DEBUG_PLUGIN')) { $server->addPlugin(new Yeti\Debug()); } // And off we go! $server->exec();
public function checkError($message, $dieOnError = false, $query = false, $params = false) { if ($this->hasActiveTransaction) { $this->rollbackTransaction(); } if ($this->dieOnError || $dieOnError) { if (AppConfig::debug('DISPLAY_DEBUG_BACKTRACE')) { $queryInfo = ''; if ($query !== false) { $queryInfo .= 'Query: ' . $query . PHP_EOL; } if ($params !== false && $params != NULL) { $queryInfo .= 'Params: ' . implode(',', $params) . PHP_EOL; } $backtrace = Vtiger_Functions::getBacktrace(); $trace = '<pre>' . $queryInfo . $backtrace . '</pre>'; } Vtiger_Functions::throwNewException('Database ERROR: ' . PHP_EOL . $message . PHP_EOL . $trace); } }
/** * Initialize new Smarty object */ public function __construct() { // selfpointer needed by some other class methods $this->smarty = $this; if (is_callable('mb_internal_encoding')) { mb_internal_encoding(Smarty::$_CHARSET); } $this->start_time = microtime(true); // set default dirs $this->setTemplateDir('.' . DS . 'templates' . DS)->setCompileDir('.' . DS . 'templates_c' . DS)->setPluginsDir(SMARTY_PLUGINS_DIR)->setCacheDir('.' . DS . 'cache' . DS)->setConfigDir('.' . DS . 'configs' . DS); $this->debug_tpl = 'file:' . dirname(__FILE__) . '/debug.tpl'; if (isset($_SERVER['SCRIPT_NAME'])) { $this->assignGlobal('SCRIPT_NAME', $_SERVER['SCRIPT_NAME']); } $this->debugging = AppConfig::debug('DISPLAY_DEBUG_VIEWER'); // YetiForce Sp. z o.o. // }