Ejemplo n.º 1
0
 function display()
 {
     global $popupMeta, $mod_strings;
     if ($this->bean instanceof SugarBean && !$this->bean->ACLAccess('list')) {
         ACLController::displayNoAccess();
         sugar_cleanup(true);
     }
     if (isset($_REQUEST['metadata']) && strpos($_REQUEST['metadata'], "..") !== false) {
         ACLController::displayNoAccess();
         sugar_cleanup(true);
     }
     $popupMeta = SugarAutoLoader::loadPopupMeta($this->module, isset($_REQUEST['metadata']) ? $_REQUEST['metadata'] : null);
     $defs = $this->loadWithPopup('listviewdefs');
     if (is_array($defs)) {
         $listViewDefs[$this->module] = $defs;
     } elseif (!empty($defs)) {
         require $defs;
     }
     $defs = $this->loadWithPopup('searchdefs');
     if (is_array($defs)) {
         $searchdefs[$this->module]['layout']['advanced_search'] = $defs;
     } elseif (!empty($defs)) {
         require $defs;
     }
     if (!empty($this->bean) && isset($_REQUEST[$this->module . '2_' . strtoupper($this->bean->object_name) . '_offset'])) {
         //if you click the pagination button, it will populate the search criteria here
         if (!empty($_REQUEST['current_query_by_page'])) {
             $blockVariables = array('mass', 'uid', 'massupdate', 'delete', 'merge', 'selectCount', 'lvso', 'sortOrder', 'orderBy', 'request_data', 'current_query_by_page');
             $current_query_by_page = unserialize(base64_decode($_REQUEST['current_query_by_page']));
             foreach ($current_query_by_page as $search_key => $search_value) {
                 if ($search_key != $this->module . '2_' . strtoupper($this->bean->object_name) . '_offset' && !in_array($search_key, $blockVariables)) {
                     $_REQUEST[$search_key] = $GLOBALS['db']->quote($search_value);
                 }
             }
         }
     }
     foreach (SugarAutoLoader::existing('modules/' . $this->module . '/Popup_picker.php', 'include/Popups/Popup_picker.php') as $file) {
         require_once $file;
         break;
     }
     $popup = new Popup_Picker();
     $popup->_hide_clear_button = true;
     echo $popup->process_page();
 }
Ejemplo n.º 2
0
 /**
  * Creates a new Popup_Picker object. Controls displaying of single select and multi select popups
  *
  */
 function Popup_Picker()
 {
     global $currentModule, $popupMeta;
     // cn: bug 12269 - directory navigation attack - detect and stop.
     if (isset($_REQUEST['metadata']) && strpos($_REQUEST['metadata'], "..") !== false) {
         ACLController::displayNoAccess();
         sugar_cleanup(true);
     }
     if (empty($popupMeta)) {
         $popupMeta = SugarAutoLoader::loadPopupMeta($currentModule, isset($_REQUEST['metadata']) ? $_REQUEST['metadata'] : null);
     }
     $this->_popupMeta = $popupMeta;
     require_once 'modules/' . $currentModule . '/' . $this->_popupMeta['moduleMain'] . '.php';
     if (isset($this->_popupMeta['create']['formBase']) && isset($_REQUEST['create']) && $_REQUEST['create'] == 'true') {
         // include create form
         require_once 'modules/' . $currentModule . '/' . $this->_popupMeta['create']['formBase'];
         $this->_create = true;
     }
 }
Ejemplo n.º 3
0
 public function display()
 {
     global $popupMeta, $mod_strings;
     if ($this->bean instanceof SugarBean && !$this->bean->ACLAccess('list')) {
         ACLController::displayNoAccess();
         sugar_cleanup(true);
     }
     if (isset($_REQUEST['metadata']) && strpos($_REQUEST['metadata'], "..") !== false) {
         ACLController::displayNoAccess();
         sugar_cleanup(true);
     }
     $popupMeta = SugarAutoLoader::loadPopupMeta($this->module, isset($_REQUEST['metadata']) ? $_REQUEST['metadata'] : null);
     $defs = $this->loadWithPopup('listviewdefs');
     if (is_array($defs)) {
         $listViewDefs[$this->module] = $defs;
     } elseif (!empty($defs)) {
         require $defs;
     }
     $defs = $this->loadWithPopup('searchdefs');
     if (is_array($defs)) {
         $searchdefs[$this->module]['layout']['advanced_search'] = $defs;
     } elseif (!empty($defs)) {
         require $defs;
     }
     //if you click the pagination button, it will populate the search criteria here
     if (!empty($this->bean) && isset($_REQUEST[$this->module . '2_' . strtoupper($this->bean->object_name) . '_offset'])) {
         if (!empty($_REQUEST['current_query_by_page'])) {
             $blockVariables = array('mass', 'uid', 'massupdate', 'delete', 'merge', 'selectCount', 'sortOrder', 'orderBy', 'request_data', 'current_query_by_page');
             $current_query_by_page = unserialize(base64_decode($_REQUEST['current_query_by_page']));
             foreach ($current_query_by_page as $search_key => $search_value) {
                 if ($search_key != $this->module . '2_' . strtoupper($this->bean->object_name) . '_offset' && !in_array($search_key, $blockVariables)) {
                     if (!is_array($search_value)) {
                         $_REQUEST[$search_key] = securexss($search_value);
                     } else {
                         foreach ($search_value as $key => &$val) {
                             $val = securexss($val);
                         }
                         $_REQUEST[$search_key] = $search_value;
                     }
                 }
             }
         }
     }
     if (!empty($listViewDefs) && !empty($searchdefs)) {
         $displayColumns = array();
         $filter_fields = array();
         $popup = $this->getPopupSmarty($this->bean, $this->module);
         $this->bean->ACLFilterFieldList($listViewDefs[$this->module], array("owner_override" => true));
         foreach ($listViewDefs[$this->module] as $col => $params) {
             $filter_fields[strtolower($col)] = true;
             if (!empty($params['related_fields'])) {
                 foreach ($params['related_fields'] as $field) {
                     //id column is added by query construction function. This addition creates duplicates
                     //and causes issues in oracle. #10165
                     if ($field != 'id') {
                         $filter_fields[$field] = true;
                     }
                 }
             }
             if (!empty($params['default']) && $params['default']) {
                 $displayColumns[$col] = $params;
             }
         }
         $popup->displayColumns = $displayColumns;
         $popup->filter_fields = $filter_fields;
         $popup->mergeDisplayColumns = true;
         //check to see if popupdefs contains searchdefs
         $popup->_popupMeta = $popupMeta;
         $popup->listviewdefs = $listViewDefs;
         $popup->searchdefs = $searchdefs;
         if (isset($_REQUEST['query'])) {
             $popup->searchForm->populateFromRequest();
         }
         $massUpdateData = '';
         if (isset($_REQUEST['mass'])) {
             foreach (array_unique($_REQUEST['mass']) as $record) {
                 $massUpdateData .= "<input style='display: none' checked type='checkbox' name='mass[]' value='{$record}'>\n";
             }
         }
         $popup->massUpdateData = $massUpdateData;
         $tpl = 'include/Popups/tpls/PopupGeneric.tpl';
         if (file_exists($this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupGeneric.tpl"))) {
             $tpl = $this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupGeneric.tpl");
         }
         if (file_exists($this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupHeader.tpl"))) {
             $popup->headerTpl = $this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupHeader.tpl");
         }
         if (file_exists($this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupFooter.tpl"))) {
             $popup->footerTpl = $this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupFooter.tpl");
         }
         $popup->setup($tpl);
         //We should at this point show the header and javascript even if to_pdf is true.
         //The insert_popup_header javascript is incomplete and shouldn't be relied on.
         if (isset($this->options['show_all']) && $this->options['show_all'] == false) {
             unset($this->options['show_all']);
             $this->options['show_javascript'] = true;
             $this->options['show_header'] = true;
             $this->_displayJavascript();
         }
         insert_popup_header(null, false);
         if (isset($this->override_popup['template_data']) && is_array($this->override_popup['template_data'])) {
             $popup->th->ss->assign($this->override_popup['template_data']);
         }
         echo $popup->display();
     } else {
         if (SugarAutoLoader::existing('modules/' . $this->module . '/Popup_picker.php')) {
             require_once 'modules/' . $this->module . '/Popup_picker.php';
         } else {
             require_once 'include/Popups/Popup_picker.php';
         }
         $popup = new Popup_Picker();
         $popup->_hide_clear_button = true;
         echo $popup->process_page();
     }
 }