Beispiel #1
0
 public function __construct($message = null, $code = 0)
 {
     parent::__construct($message, $code);
     Vtiger_Session::init();
     $request = new Vtiger_Request($_REQUEST);
     $dbLog = PearDatabase::getInstance('log');
     $userName = Vtiger_Session::get('full_user_name');
     $dbLog->insert('o_yf_access_for_api', ['username' => empty($userName) ? '-' : $userName, 'date' => date('Y-m-d H:i:s'), 'ip' => Vtiger_Functions::getRemoteIP(), 'url' => Vtiger_Functions::getBrowserInfo()->url, 'agent' => $_SERVER['HTTP_USER_AGENT'], 'request' => json_encode($_REQUEST)]);
 }
Beispiel #2
0
 function process(Vtiger_Request $request)
 {
     vglobal('log', LoggerManager::getLogger('System'));
     Vtiger_Session::init();
     $forceSSL = vglobal('forceSSL');
     if ($forceSSL && !Vtiger_Functions::getBrowserInfo()->https) {
         header("Location: https://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}");
     }
     // Better place this here as session get initiated
     //skipping the csrf checking for the forgot(reset) password
     $csrfProtection = vglobal('csrfProtection');
     if ($csrfProtection) {
         if ($request->get('mode') != 'reset' && $request->get('action') != 'Login') {
             require_once 'libraries/csrf-magic/csrf-magic.php';
         }
         require_once 'config/csrf_config.php';
     }
     // TODO - Get rid of global variable $current_user
     // common utils api called, depend on this variable right now
     $currentUser = $this->getLogin();
     vglobal('current_user', $currentUser);
     $currentLanguage = Vtiger_Language_Handler::getLanguage();
     vglobal('current_language', $currentLanguage);
     $module = $request->getModule();
     $qualifiedModuleName = $request->getModule(false);
     if ($currentUser && $qualifiedModuleName) {
         $moduleLanguageStrings = Vtiger_Language_Handler::getModuleStringsFromFile($currentLanguage, $qualifiedModuleName);
         vglobal('mod_strings', $moduleLanguageStrings['languageStrings']);
     }
     if ($currentUser) {
         $moduleLanguageStrings = Vtiger_Language_Handler::getModuleStringsFromFile($currentLanguage);
         vglobal('app_strings', $moduleLanguageStrings['languageStrings']);
     }
     $view = $request->get('view');
     $action = $request->get('action');
     $response = false;
     try {
         if ($this->isInstalled() === false && $module != 'Install') {
             header('Location:install/Install.php');
             exit;
         }
         if (empty($module)) {
             if ($this->hasLogin()) {
                 $defaultModule = vglobal('default_module');
                 if (!empty($defaultModule) && $defaultModule != 'Home') {
                     $module = $defaultModule;
                     $qualifiedModuleName = $defaultModule;
                     $view = 'List';
                     if ($module == 'Calendar') {
                         // To load MyCalendar instead of list view for calendar
                         //TODO: see if it has to enhanced and get the default view from module model
                         $view = 'Calendar';
                     }
                 } else {
                     $module = 'Home';
                     $qualifiedModuleName = 'Home';
                     $view = 'DashBoard';
                 }
             } else {
                 $module = 'Users';
                 $qualifiedModuleName = 'Settings:Users';
                 $view = 'Login';
             }
             $request->set('module', $module);
             $request->set('view', $view);
         }
         if (!empty($action)) {
             $componentType = 'Action';
             $componentName = $action;
         } else {
             $componentType = 'View';
             if (empty($view)) {
                 $view = 'Index';
             }
             $componentName = $view;
         }
         $handlerClass = Vtiger_Loader::getComponentClassName($componentType, $componentName, $qualifiedModuleName);
         $handler = new $handlerClass();
         if ($handler) {
             vglobal('currentModule', $module);
             $csrfProtection = vglobal('csrfProtection');
             if ($csrfProtection) {
                 // Ensure handler validates the request
                 $handler->validateRequest($request);
             }
             if ($handler->loginRequired()) {
                 $this->checkLogin($request);
             }
             //TODO : Need to review the design as there can potential security threat
             $skipList = array('Users', 'Home', 'CustomView', 'Import', 'Export', 'Inventory', 'Vtiger', 'PriceBooks', 'Migration', 'Install');
             if (!in_array($module, $skipList) && stripos($qualifiedModuleName, 'Settings') === false) {
                 $this->triggerCheckPermission($handler, $request);
             }
             // Every settings page handler should implement this method
             if (stripos($qualifiedModuleName, 'Settings') === 0 || $module == 'Users') {
                 $handler->checkPermission($request);
             }
             $notPermittedModules = array('ModComments', 'Integration', 'DashBoard');
             if (in_array($module, $notPermittedModules) && $view == 'List') {
                 header('Location:index.php?module=Home&view=DashBoard');
             }
             $this->triggerPreProcess($handler, $request);
             $response = $handler->process($request);
             $this->triggerPostProcess($handler, $request);
         } else {
             throw new AppException(vtranslate('LBL_HANDLER_NOT_FOUND'));
         }
     } catch (Exception $e) {
         if ($view) {
             // Log for developement.
             error_log($e->getTraceAsString(), E_NOTICE);
             Vtiger_Functions::throwNewException($e->getMessage());
         } else {
             $response = new Vtiger_Response();
             $response->setEmitType(Vtiger_Response::$EMIT_JSON);
             $response->setError($e->getMessage());
             //Vtiger_Functions::throwNewException($e->getMessage());
         }
     }
     if ($response) {
         $response->emit();
     }
 }
Beispiel #3
0
 * The contents of this file are subject to the vtiger CRM Public License Version 1.0
 * ("License"); You may not use this file except in compliance with the License
 * The Original Code is:  vtiger CRM Open Source
 * The Initial Developer of the Original Code is vtiger.
 * Portions created by vtiger are Copyright (C) vtiger.
 * All Rights Reserved.
 * ****************************************************************************** */
chdir(dirname(__FILE__) . '/../');
/**
 * Start the cron services configured.
 */
include_once 'include/Webservices/Relation.php';
include_once 'include/main/WebUI.php';
require_once 'vtlib/Vtiger/Cron.php';
require_once 'modules/Emails/mail.php';
Vtiger_Session::init();
if (PHP_SAPI === 'cli' || PHP_SAPI === 'cgi-fcgi' || !empty(Vtiger_Session::get('authenticated_user_id')) && !empty(Vtiger_Session::get('app_unique_key')) && Vtiger_Session::get('app_unique_key') == vglobal('application_unique_key')) {
    $log = LoggerManager::getLogger('CRON');
    vglobal('log', $log);
    $cronTasks = false;
    if (isset($_REQUEST['service'])) {
        // Run specific service
        $cronTasks = [Vtiger_Cron::getInstance($_REQUEST['service'])];
    } else {
        // Run all service
        $cronTasks = Vtiger_Cron::listAllActiveInstances();
    }
    $cronStarts = date('Y-m-d H:i:s');
    //set global current user permissions
    $current_user = vglobal('current_user');
    $current_user = Users::getActiveAdminUser();
Beispiel #4
0
 function process(Vtiger_Request $request)
 {
     Vtiger_Session::init();
     // Better place this here as session get initiated
     //skipping the csrf checking for the forgot(reset) password
     if ($request->get('mode') != 'reset' && $request->get('action') != 'Login') {
         require_once 'libraries/csrf-magic/csrf-magic.php';
     }
     // TODO - Get rid of global variable $current_user
     // common utils api called, depend on this variable right now
     $currentUser = $this->getLogin();
     vglobal('current_user', $currentUser);
     global $default_language;
     vglobal('default_language', $default_language);
     $currentLanguage = Vtiger_Language_Handler::getLanguage();
     vglobal('current_language', $currentLanguage);
     $module = $request->getModule();
     $qualifiedModuleName = $request->getModule(false);
     if ($currentUser && $qualifiedModuleName) {
         $moduleLanguageStrings = Vtiger_Language_Handler::getModuleStringsFromFile($currentLanguage, $qualifiedModuleName);
         vglobal('mod_strings', $moduleLanguageStrings['languageStrings']);
     }
     if ($currentUser) {
         $moduleLanguageStrings = Vtiger_Language_Handler::getModuleStringsFromFile($currentLanguage);
         vglobal('app_strings', $moduleLanguageStrings['languageStrings']);
     }
     $view = $request->get('view');
     $action = $request->get('action');
     $response = false;
     try {
         if ($this->isInstalled() === false && $module != 'Install') {
             header('Location:index.php?module=Install&view=Index');
             exit;
         }
         if (empty($module)) {
             if ($this->hasLogin()) {
                 $defaultModule = vglobal('default_module');
                 if (!empty($defaultModule) && $defaultModule != 'Home') {
                     $module = $defaultModule;
                     $qualifiedModuleName = $defaultModule;
                     $view = 'List';
                     if ($module == 'Calendar') {
                         // To load MyCalendar instead of list view for calendar
                         //TODO: see if it has to enhanced and get the default view from module model
                         $view = 'Calendar';
                     }
                 } else {
                     $module = 'Home';
                     $qualifiedModuleName = 'Home';
                     $view = 'DashBoard';
                 }
             } else {
                 $module = 'Users';
                 $qualifiedModuleName = 'Settings:Users';
                 $view = 'Login';
             }
             $request->set('module', $module);
             $request->set('view', $view);
         }
         if (!empty($action)) {
             $componentType = 'Action';
             $componentName = $action;
         } else {
             $componentType = 'View';
             if (empty($view)) {
                 $view = 'Index';
             }
             $componentName = $view;
         }
         $handlerClass = Vtiger_Loader::getComponentClassName($componentType, $componentName, $qualifiedModuleName);
         $handler = new $handlerClass();
         if ($handler) {
             vglobal('currentModule', $module);
             // Ensure handler validates the request
             $handler->validateRequest($request);
             if ($handler->loginRequired()) {
                 $this->checkLogin($request);
             }
             //TODO : Need to review the design as there can potential security threat
             $skipList = array('Users', 'Home', 'CustomView', 'Import', 'Export', 'Inventory', 'Vtiger', 'PriceBooks', 'Migration', 'Install');
             if (!in_array($module, $skipList) && stripos($qualifiedModuleName, 'Settings') === false) {
                 $this->triggerCheckPermission($handler, $request);
             }
             // Every settings page handler should implement this method
             if (stripos($qualifiedModuleName, 'Settings') === 0 || $module == 'Users') {
                 $handler->checkPermission($request);
             }
             $notPermittedModules = array('ModComments', 'Integration', 'DashBoard');
             if (in_array($module, $notPermittedModules) && $view == 'List') {
                 header('Location:index.php?module=Home&view=DashBoard');
             }
             $this->triggerPreProcess($handler, $request);
             /** EventHandler START */
             list($handler, $request) = EventHandler_Module_Model::do_filter(array("vtiger.filter.process." . strtolower($module . '.' . $componentName . "." . $componentType) . ".before", "vtiger.filter.process." . strtolower($componentName . "." . $componentType) . ".before"), array($handler, $request));
             /** EventHandler ENDE */
             $response = $handler->process($request);
             /** EventHandler START */
             list($handler, $request) = EventHandler_Module_Model::do_filter(array("vtiger.filter.process." . strtolower($module . '.' . $componentName . "." . $componentType) . ".after", "vtiger.filter.process." . strtolower($componentName . "." . $componentType) . ".after"), array($handler, $request));
             /** EventHandler ENDE */
             $this->triggerPostProcess($handler, $request);
         } else {
             throw new AppException(vtranslate('LBL_HANDLER_NOT_FOUND'));
         }
     } catch (Exception $e) {
         if ($view) {
             // Log for developement.
             error_log($e->getTraceAsString(), E_NOTICE);
             $viewer = new Vtiger_Viewer();
             $viewer->assign('MESSAGE', $e->getMessage());
             $viewer->view('OperationNotPermitted.tpl', 'Vtiger');
         } else {
             $response = new Vtiger_Response();
             $response->setEmitType(Vtiger_Response::$EMIT_JSON);
             $response->setError($e->getMessage());
         }
     }
     /** EventHandler START */
     EventHandler_Module_Model::do_action("vtiger.process.finish", array($module, $componentName, $componentType));
     EventHandler_Module_Model::do_action("vtiger.process." . strtolower($module . '.' . $componentName . "." . $componentType) . ".finish", array($module, $componentName, $componentType));
     /** EventHandler ENDE */
     if ($response) {
         $response->emit();
     }
 }