function display()
{
global $popupMeta, $mod_strings;
if ($this->bean instanceof SugarBean && !$this->bean->ACLAccess('list')) {
ACLController::displayNoAccess();
sugar_cleanup(true);
}
if (isset($_REQUEST['metadata']) && strpos($_REQUEST['metadata'], "..") !== false) {
ACLController::displayNoAccess();
sugar_cleanup(true);
}
$popupMeta = SugarAutoLoader::loadPopupMeta($this->module, isset($_REQUEST['metadata']) ? $_REQUEST['metadata'] : null);
$defs = $this->loadWithPopup('listviewdefs');
if (is_array($defs)) {
$listViewDefs[$this->module] = $defs;
} elseif (!empty($defs)) {
require $defs;
}
$defs = $this->loadWithPopup('searchdefs');
if (is_array($defs)) {
$searchdefs[$this->module]['layout']['advanced_search'] = $defs;
} elseif (!empty($defs)) {
require $defs;
}
if (!empty($this->bean) && isset($_REQUEST[$this->module . '2_' . strtoupper($this->bean->object_name) . '_offset'])) {
//if you click the pagination button, it will populate the search criteria here
if (!empty($_REQUEST['current_query_by_page'])) {
$blockVariables = array('mass', 'uid', 'massupdate', 'delete', 'merge', 'selectCount', 'lvso', 'sortOrder', 'orderBy', 'request_data', 'current_query_by_page');
$current_query_by_page = unserialize(base64_decode($_REQUEST['current_query_by_page']));
foreach ($current_query_by_page as $search_key => $search_value) {
if ($search_key != $this->module . '2_' . strtoupper($this->bean->object_name) . '_offset' && !in_array($search_key, $blockVariables)) {
$_REQUEST[$search_key] = $GLOBALS['db']->quote($search_value);
}
}
}
}
foreach (SugarAutoLoader::existing('modules/' . $this->module . '/Popup_picker.php', 'include/Popups/Popup_picker.php') as $file) {
require_once $file;
break;
}
$popup = new Popup_Picker();
$popup->_hide_clear_button = true;
echo $popup->process_page();
}
/**
* Creates a new Popup_Picker object. Controls displaying of single select and multi select popups
*
*/
function Popup_Picker()
{
global $currentModule, $popupMeta;
// cn: bug 12269 - directory navigation attack - detect and stop.
if (isset($_REQUEST['metadata']) && strpos($_REQUEST['metadata'], "..") !== false) {
ACLController::displayNoAccess();
sugar_cleanup(true);
}
if (empty($popupMeta)) {
$popupMeta = SugarAutoLoader::loadPopupMeta($currentModule, isset($_REQUEST['metadata']) ? $_REQUEST['metadata'] : null);
}
$this->_popupMeta = $popupMeta;
require_once 'modules/' . $currentModule . '/' . $this->_popupMeta['moduleMain'] . '.php';
if (isset($this->_popupMeta['create']['formBase']) && isset($_REQUEST['create']) && $_REQUEST['create'] == 'true') {
// include create form
require_once 'modules/' . $currentModule . '/' . $this->_popupMeta['create']['formBase'];
$this->_create = true;
}
}
public function display()
{
global $popupMeta, $mod_strings;
if ($this->bean instanceof SugarBean && !$this->bean->ACLAccess('list')) {
ACLController::displayNoAccess();
sugar_cleanup(true);
}
if (isset($_REQUEST['metadata']) && strpos($_REQUEST['metadata'], "..") !== false) {
ACLController::displayNoAccess();
sugar_cleanup(true);
}
$popupMeta = SugarAutoLoader::loadPopupMeta($this->module, isset($_REQUEST['metadata']) ? $_REQUEST['metadata'] : null);
$defs = $this->loadWithPopup('listviewdefs');
if (is_array($defs)) {
$listViewDefs[$this->module] = $defs;
} elseif (!empty($defs)) {
require $defs;
}
$defs = $this->loadWithPopup('searchdefs');
if (is_array($defs)) {
$searchdefs[$this->module]['layout']['advanced_search'] = $defs;
} elseif (!empty($defs)) {
require $defs;
}
//if you click the pagination button, it will populate the search criteria here
if (!empty($this->bean) && isset($_REQUEST[$this->module . '2_' . strtoupper($this->bean->object_name) . '_offset'])) {
if (!empty($_REQUEST['current_query_by_page'])) {
$blockVariables = array('mass', 'uid', 'massupdate', 'delete', 'merge', 'selectCount', 'sortOrder', 'orderBy', 'request_data', 'current_query_by_page');
$current_query_by_page = unserialize(base64_decode($_REQUEST['current_query_by_page']));
foreach ($current_query_by_page as $search_key => $search_value) {
if ($search_key != $this->module . '2_' . strtoupper($this->bean->object_name) . '_offset' && !in_array($search_key, $blockVariables)) {
if (!is_array($search_value)) {
$_REQUEST[$search_key] = securexss($search_value);
} else {
foreach ($search_value as $key => &$val) {
$val = securexss($val);
}
$_REQUEST[$search_key] = $search_value;
}
}
}
}
}
if (!empty($listViewDefs) && !empty($searchdefs)) {
$displayColumns = array();
$filter_fields = array();
$popup = $this->getPopupSmarty($this->bean, $this->module);
$this->bean->ACLFilterFieldList($listViewDefs[$this->module], array("owner_override" => true));
foreach ($listViewDefs[$this->module] as $col => $params) {
$filter_fields[strtolower($col)] = true;
if (!empty($params['related_fields'])) {
foreach ($params['related_fields'] as $field) {
//id column is added by query construction function. This addition creates duplicates
//and causes issues in oracle. #10165
if ($field != 'id') {
$filter_fields[$field] = true;
}
}
}
if (!empty($params['default']) && $params['default']) {
$displayColumns[$col] = $params;
}
}
$popup->displayColumns = $displayColumns;
$popup->filter_fields = $filter_fields;
$popup->mergeDisplayColumns = true;
//check to see if popupdefs contains searchdefs
$popup->_popupMeta = $popupMeta;
$popup->listviewdefs = $listViewDefs;
$popup->searchdefs = $searchdefs;
if (isset($_REQUEST['query'])) {
$popup->searchForm->populateFromRequest();
}
$massUpdateData = '';
if (isset($_REQUEST['mass'])) {
foreach (array_unique($_REQUEST['mass']) as $record) {
$massUpdateData .= "<input style='display: none' checked type='checkbox' name='mass[]' value='{$record}'>\n";
}
}
$popup->massUpdateData = $massUpdateData;
$tpl = 'include/Popups/tpls/PopupGeneric.tpl';
if (file_exists($this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupGeneric.tpl"))) {
$tpl = $this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupGeneric.tpl");
}
if (file_exists($this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupHeader.tpl"))) {
$popup->headerTpl = $this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupHeader.tpl");
}
if (file_exists($this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupFooter.tpl"))) {
$popup->footerTpl = $this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupFooter.tpl");
}
$popup->setup($tpl);
//We should at this point show the header and javascript even if to_pdf is true.
//The insert_popup_header javascript is incomplete and shouldn't be relied on.
if (isset($this->options['show_all']) && $this->options['show_all'] == false) {
unset($this->options['show_all']);
$this->options['show_javascript'] = true;
$this->options['show_header'] = true;
$this->_displayJavascript();
}
insert_popup_header(null, false);
if (isset($this->override_popup['template_data']) && is_array($this->override_popup['template_data'])) {
$popup->th->ss->assign($this->override_popup['template_data']);
}
echo $popup->display();
} else {
if (SugarAutoLoader::existing('modules/' . $this->module . '/Popup_picker.php')) {
require_once 'modules/' . $this->module . '/Popup_picker.php';
} else {
require_once 'include/Popups/Popup_picker.php';
}
$popup = new Popup_Picker();
$popup->_hide_clear_button = true;
echo $popup->process_page();
}
}
