public function __construct($message = null, $code = 0)
{
parent::__construct($message, $code);
Vtiger_Session::init();
$request = new Vtiger_Request($_REQUEST);
$dbLog = PearDatabase::getInstance('log');
$userName = Vtiger_Session::get('full_user_name');
$dbLog->insert('o_yf_access_for_api', ['username' => empty($userName) ? '-' : $userName, 'date' => date('Y-m-d H:i:s'), 'ip' => Vtiger_Functions::getRemoteIP(), 'url' => Vtiger_Functions::getBrowserInfo()->url, 'agent' => $_SERVER['HTTP_USER_AGENT'], 'request' => json_encode($_REQUEST)]);
}
function process(Vtiger_Request $request)
{
vglobal('log', LoggerManager::getLogger('System'));
Vtiger_Session::init();
$forceSSL = vglobal('forceSSL');
if ($forceSSL && !Vtiger_Functions::getBrowserInfo()->https) {
header("Location: https://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}");
}
// Better place this here as session get initiated
//skipping the csrf checking for the forgot(reset) password
$csrfProtection = vglobal('csrfProtection');
if ($csrfProtection) {
if ($request->get('mode') != 'reset' && $request->get('action') != 'Login') {
require_once 'libraries/csrf-magic/csrf-magic.php';
}
require_once 'config/csrf_config.php';
}
// TODO - Get rid of global variable $current_user
// common utils api called, depend on this variable right now
$currentUser = $this->getLogin();
vglobal('current_user', $currentUser);
$currentLanguage = Vtiger_Language_Handler::getLanguage();
vglobal('current_language', $currentLanguage);
$module = $request->getModule();
$qualifiedModuleName = $request->getModule(false);
if ($currentUser && $qualifiedModuleName) {
$moduleLanguageStrings = Vtiger_Language_Handler::getModuleStringsFromFile($currentLanguage, $qualifiedModuleName);
vglobal('mod_strings', $moduleLanguageStrings['languageStrings']);
}
if ($currentUser) {
$moduleLanguageStrings = Vtiger_Language_Handler::getModuleStringsFromFile($currentLanguage);
vglobal('app_strings', $moduleLanguageStrings['languageStrings']);
}
$view = $request->get('view');
$action = $request->get('action');
$response = false;
try {
if ($this->isInstalled() === false && $module != 'Install') {
header('Location:install/Install.php');
exit;
}
if (empty($module)) {
if ($this->hasLogin()) {
$defaultModule = vglobal('default_module');
if (!empty($defaultModule) && $defaultModule != 'Home') {
$module = $defaultModule;
$qualifiedModuleName = $defaultModule;
$view = 'List';
if ($module == 'Calendar') {
// To load MyCalendar instead of list view for calendar
//TODO: see if it has to enhanced and get the default view from module model
$view = 'Calendar';
}
} else {
$module = 'Home';
$qualifiedModuleName = 'Home';
$view = 'DashBoard';
}
} else {
$module = 'Users';
$qualifiedModuleName = 'Settings:Users';
$view = 'Login';
}
$request->set('module', $module);
$request->set('view', $view);
}
if (!empty($action)) {
$componentType = 'Action';
$componentName = $action;
} else {
$componentType = 'View';
if (empty($view)) {
$view = 'Index';
}
$componentName = $view;
}
$handlerClass = Vtiger_Loader::getComponentClassName($componentType, $componentName, $qualifiedModuleName);
$handler = new $handlerClass();
if ($handler) {
vglobal('currentModule', $module);
$csrfProtection = vglobal('csrfProtection');
if ($csrfProtection) {
// Ensure handler validates the request
$handler->validateRequest($request);
}
if ($handler->loginRequired()) {
$this->checkLogin($request);
}
//TODO : Need to review the design as there can potential security threat
$skipList = array('Users', 'Home', 'CustomView', 'Import', 'Export', 'Inventory', 'Vtiger', 'PriceBooks', 'Migration', 'Install');
if (!in_array($module, $skipList) && stripos($qualifiedModuleName, 'Settings') === false) {
$this->triggerCheckPermission($handler, $request);
}
// Every settings page handler should implement this method
if (stripos($qualifiedModuleName, 'Settings') === 0 || $module == 'Users') {
$handler->checkPermission($request);
}
$notPermittedModules = array('ModComments', 'Integration', 'DashBoard');
if (in_array($module, $notPermittedModules) && $view == 'List') {
header('Location:index.php?module=Home&view=DashBoard');
}
$this->triggerPreProcess($handler, $request);
$response = $handler->process($request);
$this->triggerPostProcess($handler, $request);
} else {
throw new AppException(vtranslate('LBL_HANDLER_NOT_FOUND'));
}
} catch (Exception $e) {
if ($view) {
// Log for developement.
error_log($e->getTraceAsString(), E_NOTICE);
Vtiger_Functions::throwNewException($e->getMessage());
} else {
$response = new Vtiger_Response();
$response->setEmitType(Vtiger_Response::$EMIT_JSON);
$response->setError($e->getMessage());
//Vtiger_Functions::throwNewException($e->getMessage());
}
}
if ($response) {
$response->emit();
}
}
* The contents of this file are subject to the vtiger CRM Public License Version 1.0
* ("License"); You may not use this file except in compliance with the License
* The Original Code is: vtiger CRM Open Source
* The Initial Developer of the Original Code is vtiger.
* Portions created by vtiger are Copyright (C) vtiger.
* All Rights Reserved.
* ****************************************************************************** */
chdir(dirname(__FILE__) . '/../');
/**
* Start the cron services configured.
*/
include_once 'include/Webservices/Relation.php';
include_once 'include/main/WebUI.php';
require_once 'vtlib/Vtiger/Cron.php';
require_once 'modules/Emails/mail.php';
Vtiger_Session::init();
if (PHP_SAPI === 'cli' || PHP_SAPI === 'cgi-fcgi' || !empty(Vtiger_Session::get('authenticated_user_id')) && !empty(Vtiger_Session::get('app_unique_key')) && Vtiger_Session::get('app_unique_key') == vglobal('application_unique_key')) {
$log = LoggerManager::getLogger('CRON');
vglobal('log', $log);
$cronTasks = false;
if (isset($_REQUEST['service'])) {
// Run specific service
$cronTasks = [Vtiger_Cron::getInstance($_REQUEST['service'])];
} else {
// Run all service
$cronTasks = Vtiger_Cron::listAllActiveInstances();
}
$cronStarts = date('Y-m-d H:i:s');
//set global current user permissions
$current_user = vglobal('current_user');
$current_user = Users::getActiveAdminUser();
function process(Vtiger_Request $request)
{
Vtiger_Session::init();
// Better place this here as session get initiated
//skipping the csrf checking for the forgot(reset) password
if ($request->get('mode') != 'reset' && $request->get('action') != 'Login') {
require_once 'libraries/csrf-magic/csrf-magic.php';
}
// TODO - Get rid of global variable $current_user
// common utils api called, depend on this variable right now
$currentUser = $this->getLogin();
vglobal('current_user', $currentUser);
global $default_language;
vglobal('default_language', $default_language);
$currentLanguage = Vtiger_Language_Handler::getLanguage();
vglobal('current_language', $currentLanguage);
$module = $request->getModule();
$qualifiedModuleName = $request->getModule(false);
if ($currentUser && $qualifiedModuleName) {
$moduleLanguageStrings = Vtiger_Language_Handler::getModuleStringsFromFile($currentLanguage, $qualifiedModuleName);
vglobal('mod_strings', $moduleLanguageStrings['languageStrings']);
}
if ($currentUser) {
$moduleLanguageStrings = Vtiger_Language_Handler::getModuleStringsFromFile($currentLanguage);
vglobal('app_strings', $moduleLanguageStrings['languageStrings']);
}
$view = $request->get('view');
$action = $request->get('action');
$response = false;
try {
if ($this->isInstalled() === false && $module != 'Install') {
header('Location:index.php?module=Install&view=Index');
exit;
}
if (empty($module)) {
if ($this->hasLogin()) {
$defaultModule = vglobal('default_module');
if (!empty($defaultModule) && $defaultModule != 'Home') {
$module = $defaultModule;
$qualifiedModuleName = $defaultModule;
$view = 'List';
if ($module == 'Calendar') {
// To load MyCalendar instead of list view for calendar
//TODO: see if it has to enhanced and get the default view from module model
$view = 'Calendar';
}
} else {
$module = 'Home';
$qualifiedModuleName = 'Home';
$view = 'DashBoard';
}
} else {
$module = 'Users';
$qualifiedModuleName = 'Settings:Users';
$view = 'Login';
}
$request->set('module', $module);
$request->set('view', $view);
}
if (!empty($action)) {
$componentType = 'Action';
$componentName = $action;
} else {
$componentType = 'View';
if (empty($view)) {
$view = 'Index';
}
$componentName = $view;
}
$handlerClass = Vtiger_Loader::getComponentClassName($componentType, $componentName, $qualifiedModuleName);
$handler = new $handlerClass();
if ($handler) {
vglobal('currentModule', $module);
// Ensure handler validates the request
$handler->validateRequest($request);
if ($handler->loginRequired()) {
$this->checkLogin($request);
}
//TODO : Need to review the design as there can potential security threat
$skipList = array('Users', 'Home', 'CustomView', 'Import', 'Export', 'Inventory', 'Vtiger', 'PriceBooks', 'Migration', 'Install');
if (!in_array($module, $skipList) && stripos($qualifiedModuleName, 'Settings') === false) {
$this->triggerCheckPermission($handler, $request);
}
// Every settings page handler should implement this method
if (stripos($qualifiedModuleName, 'Settings') === 0 || $module == 'Users') {
$handler->checkPermission($request);
}
$notPermittedModules = array('ModComments', 'Integration', 'DashBoard');
if (in_array($module, $notPermittedModules) && $view == 'List') {
header('Location:index.php?module=Home&view=DashBoard');
}
$this->triggerPreProcess($handler, $request);
/** EventHandler START */
list($handler, $request) = EventHandler_Module_Model::do_filter(array("vtiger.filter.process." . strtolower($module . '.' . $componentName . "." . $componentType) . ".before", "vtiger.filter.process." . strtolower($componentName . "." . $componentType) . ".before"), array($handler, $request));
/** EventHandler ENDE */
$response = $handler->process($request);
/** EventHandler START */
list($handler, $request) = EventHandler_Module_Model::do_filter(array("vtiger.filter.process." . strtolower($module . '.' . $componentName . "." . $componentType) . ".after", "vtiger.filter.process." . strtolower($componentName . "." . $componentType) . ".after"), array($handler, $request));
/** EventHandler ENDE */
$this->triggerPostProcess($handler, $request);
} else {
throw new AppException(vtranslate('LBL_HANDLER_NOT_FOUND'));
}
} catch (Exception $e) {
if ($view) {
// Log for developement.
error_log($e->getTraceAsString(), E_NOTICE);
$viewer = new Vtiger_Viewer();
$viewer->assign('MESSAGE', $e->getMessage());
$viewer->view('OperationNotPermitted.tpl', 'Vtiger');
} else {
$response = new Vtiger_Response();
$response->setEmitType(Vtiger_Response::$EMIT_JSON);
$response->setError($e->getMessage());
}
}
/** EventHandler START */
EventHandler_Module_Model::do_action("vtiger.process.finish", array($module, $componentName, $componentType));
EventHandler_Module_Model::do_action("vtiger.process." . strtolower($module . '.' . $componentName . "." . $componentType) . ".finish", array($module, $componentName, $componentType));
/** EventHandler ENDE */
if ($response) {
$response->emit();
}
}