function json_get_full_list()
{
global $beanFiles;
global $beanList;
require_once 'include/utils.php';
require_once $beanFiles[$beanList[$_REQUEST['module']]];
$json = getJSONobj();
$where = str_replace('\\', '', rawurldecode($_REQUEST['where']));
$order = str_replace('\\', '', rawurldecode($_REQUEST['order']));
$focus = new $beanList[$_REQUEST['module']]();
$fullList = $focus->get_full_list($order, $where, '');
$all_fields = array_merge($focus->column_fields, $focus->additional_column_fields);
$js_fields_arr = array();
$i = 1;
// js doesn't like 0 index?
foreach ($fullList as $note) {
$js_fields_arr[$i] = array();
foreach ($all_fields as $field) {
if (isset($note->{$field})) {
$note->{$field} = from_html($note->{$field});
$note->{$field} = preg_replace('/\\r\\n/', '<BR>', $note->{$field});
$note->{$field} = preg_replace('/\\n/', '<BR>', $note->{$field});
$js_fields_arr[$i][$field] = addslashes($note->{$field});
}
}
$i++;
}
$out = $json->encode($js_fields_arr, true);
print $out;
}
function buildProductOptionsArray($options, $current_id, $current_ratio)
{
global $app_strings;
global $app_list_strings;
$options_array = array();
foreach ($options as $option) {
if ($option->currency_id != $current_id) {
$optionCurrency = new Currency();
if (!empty($option->currency_id) && $option->currency_id != '-99') {
$optionCurrency->retrieve($option->currency_id);
$option_conversion_rate = $optionCurrency->conversion_rate;
} else {
$option_conversion_rate = 1;
}
$option->price = $option->price * $current_ratio / $option_conversion_rate;
}
if ($option->deleted) {
$option->name .= '<br>' . $app_strings['LBL_OQC_PRODUCT_DELETE'];
}
if (!$option->active) {
$option->name .= '<br>' . $app_strings['LBL_OQC_PRODUCT_INACTIVE'];
}
//2.2RC2 translation eroor fix
if (isset($app_list_strings["oqc_product_status_list"][$option->status])) {
$option->status = $app_list_strings["oqc_product_status_list"][$option->status];
}
$options_array[] = array('name' => from_html($option->name), 'id' => $option->id, 'status' => $option->status, 'price' => $option->price, 'is_recurring' => $option->is_recurring, 'version' => $option->version, 'date_modified' => $option->date_modified, 'modified_by_name' => $option->modified_by_name, 'option_url' => $option->deleted ? '' : option_downloadLink($option->id), 'currency_id' => $current_id, 'row_status' => $option->deleted ? 'delete' : 'saved');
}
return $options_array;
}
function loadContact($contactid, $module = 'Contacts')
{
global $app_list_strings;
$contact = BeanFactory::getBean($module, $contactid);
// Bug 21824 - Filter fields exported to a vCard by ACLField permissions.
$contact->ACLFilterFields();
// cn: bug 8504 - CF/LB break Outlook's vCard import
$bad = array("\n", "\r");
$good = array("=0A", "=0D");
$encoding = '';
if (strpos($contact->primary_address_street, "\n") || strpos($contact->primary_address_street, "\r")) {
$contact->primary_address_street = str_replace($bad, $good, $contact->primary_address_street);
$encoding = 'QUOTED-PRINTABLE';
}
$this->setName(from_html($contact->first_name), from_html($contact->last_name), $app_list_strings['salutation_dom'][from_html($contact->salutation)]);
if (isset($contact->birthdate)) {
$this->setBirthDate(from_html($contact->birthdate));
}
$this->setPhoneNumber(from_html($contact->phone_fax), 'FAX');
$this->setPhoneNumber(from_html($contact->phone_home), 'HOME');
$this->setPhoneNumber(from_html($contact->phone_mobile), 'CELL');
$this->setPhoneNumber(from_html($contact->phone_work), 'WORK');
$this->setEmail(from_html($contact->email1));
$this->setAddress(from_html($contact->primary_address_street), from_html($contact->primary_address_city), from_html($contact->primary_address_state), from_html($contact->primary_address_postalcode), from_html($contact->primary_address_country), 'WORK', $encoding);
if (isset($contact->account_name)) {
$this->setORG(from_html($contact->account_name), from_html($contact->department));
} else {
$this->setORG('', from_html($contact->department));
}
$this->setTitle($contact->title);
}
function loadContact($contactid, $module = 'Contacts')
{
global $app_list_strings;
require_once $GLOBALS['beanFiles'][$GLOBALS['beanList'][$module]];
$contact = new $GLOBALS['beanList'][$module]();
$contact->retrieve($contactid);
// cn: bug 8504 - CF/LB break Outlook's vCard import
$bad = array("\n", "\r");
$good = array("=0A", "=0D");
$encoding = '';
if (strpos($contact->primary_address_street, "\n") || strpos($contact->primary_address_street, "\r")) {
$contact->primary_address_street = str_replace($bad, $good, $contact->primary_address_street);
$encoding = 'QUOTED-PRINTABLE';
}
$this->setName(from_html($contact->first_name), from_html($contact->last_name), $app_list_strings['salutation_dom'][from_html($contact->salutation)]);
if (isset($contact->birthdate)) {
$this->setBirthDate(from_html($contact->birthdate));
}
$this->setPhoneNumber(from_html($contact->phone_fax), 'FAX');
$this->setPhoneNumber(from_html($contact->phone_home), 'HOME');
$this->setPhoneNumber(from_html($contact->phone_mobile), 'CELL');
$this->setPhoneNumber(from_html($contact->phone_work), 'WORK');
$this->setEmail(from_html($contact->email1));
$this->setAddress(from_html($contact->primary_address_street), from_html($contact->primary_address_city), from_html($contact->primary_address_state), from_html($contact->primary_address_postalcode), from_html($contact->primary_address_country), 'WORK', $encoding);
if (isset($contact->account_name)) {
$this->setORG(from_html($contact->account_name), from_html($contact->department));
} else {
$this->setORG('', from_html($contact->department));
}
$this->setTitle($contact->title);
}
function handleSave($populate = true)
{
if ($populate) {
$this->_populateFromRequest();
if (isset($_REQUEST['subpanel_title']) && isset($_REQUEST['subpanel_title_key'])) {
$authenticatedUserLanguage = !empty($_SESSION['authenticated_user_language']) ? $_SESSION['authenticated_user_language'] : false;
$selected_lang = !empty($_REQUEST['selected_lang']) ? $_REQUEST['selected_lang'] : $authenticatedUserLanguage;
if (empty($selected_lang)) {
$selected_lang = $GLOBALS['sugar_config']['default_language'];
}
require_once 'modules/ModuleBuilder/parsers/parser.label.php';
$labelParser = new ParserLabel($_REQUEST['view_module'], isset($_REQUEST['view_package']) ? $_REQUEST['view_package'] : null);
$labelParser->addLabels($selected_lang, array($_REQUEST['subpanel_title_key'] => remove_xss(from_html($_REQUEST['subpanel_title']))), $_REQUEST['view_module']);
}
}
// Bug 46291 - Missing widget_class for edit_button and remove_button
foreach ($this->_viewdefs as $key => $def) {
if (isset($this->_fielddefs[$key]['widget_class'])) {
$this->_viewdefs[$key]['widget_class'] = $this->_fielddefs[$key]['widget_class'];
}
}
$defs = $this->restoreInvisibleFields($this->_invisibleFields, $this->_viewdefs);
// unlike our parent, do not force the field names back to upper case
$defs = $this->makeRelateFieldsAsLink($defs);
$this->implementation->deploy($defs);
}
/**
* Performs character set and HTML character translations on the string.
*
* @access public
* @param string $string required The string that is to be translated.
* @param Localization $locale required The locale object for doing the character set translation.
* @param string $toCharset required Translate to this character set.
* @param string $fromCharset Translate from this character set.
* @return string The translated string.
*/
public function translateCharacters($string, Localization $locale, $toCharset, $fromCharset = "UTF-8")
{
// perform character set translations on the string
$string = $locale->translateCharset($string, $fromCharset, $toCharset);
// perform HTML character translations on the string
$string = from_html($string);
return $string;
}
function buildFooterModel()
{
$footerModel = new Vtiger_PDF_Model();
$termsconditionLabel = getTranslatedString('Description', $this->moduleName);
$footerModel->set('title', $termsconditionLabel);
$footerModel->set('content', from_html($this->focusColumnValue("description")));
return $footerModel;
}
function vtWorkflowSave($adb, $request)
{
$util = new VTWorkflowUtils();
$module = new VTWorkflowApplication("saveworkflow");
$mod = return_module_language($current_language, $module->name);
$request = vtlib_purify($request);
// this cleans all values of the array
if (!$util->checkAdminAccess()) {
$errorUrl = $module->errorPageUrl($mod['LBL_ERROR_NOT_ADMIN']);
$util->redirectTo($errorUrl, $mod['LBL_ERROR_NOT_ADMIN']);
return;
}
$description = from_html($request["description"]);
$moduleName = $request["module_name"];
$conditions = $request["conditions"];
$taskId = $request["task_id"];
$saveType = $request["save_type"];
$executionCondition = $request['execution_condition'];
$wm = new VTWorkflowManager($adb);
if ($saveType == 'new') {
$wf = $wm->newWorkflow($moduleName);
$wf->description = $description;
$wf->test = $conditions;
$wf->taskId = $taskId;
$wf->executionConditionAsLabel($executionCondition);
$wm->save($wf);
} else {
if ($saveType == 'edit') {
$wf = $wm->retrieve($request["workflow_id"]);
$wf->description = $description;
$wf->test = $conditions;
$wf->taskId = $taskId;
$wf->executionConditionAsLabel($executionCondition);
$wm->save($wf);
} else {
throw new Exception();
}
}
if (isset($request["return_url"])) {
$returnUrl = $request["return_url"];
} else {
$returnUrl = $module->editWorkflowUrl($wf->id);
}
?>
<script type="text/javascript" charset="utf-8">
window.location="<?php
echo $returnUrl;
?>
";
</script>
<a href="<?php
echo $returnUrl;
?>
">Return</a>
<?php
}
public function testfrom_html()
{
$string = '';
$expected = '';
$actual = from_html($string);
$this->assertSame($expected, $actual);
$string = ''test'&trial<">';
$expected = "'test'&trial<\">";
$actual = from_html($string);
$this->assertSame($expected, $actual);
}
public function test_get_tracker_substring2()
{
global $sugar_config;
$test_string = '"Hello There How Are You? " This has quotes too';
$default_length = 15;
$sugar_config['tracker_max_display_length'] = $default_length;
$display_string = getTrackerSubstring($test_string);
$this->assertEquals(strlen(from_html($display_string)), $default_length, 'Assert that the string length is equal to ' . $default_length . ' characters (default)');
$test_string = '早前於美國完成民族音樂學博士學位回港後在大專院校的音樂系任教123456789';
$display_string = getTrackerSubstring($test_string);
$this->assertEquals(mb_strlen(from_html($display_string), 'UTF-8'), $default_length, 'Assert that the string length is equal to ' . $default_length . ' characters (default)');
}
function getVardefValue($vardef)
{
if (empty($vardef['value'])) {
if (!empty($vardef['default'])) {
return from_html($vardef['default']);
} elseif (!empty($vardef['default_value'])) {
return from_html($vardef['default_value']);
}
} else {
return from_html($vardef['value']);
}
}
/**
* Takes in the request params from a save request and processes
* them for the save.
* @param REQUEST $params Labels as "label_".System label => Display label pairs
* @param string $language Language key, for example 'en_us'
*/
function handleSave($params, $language)
{
$labels = array();
foreach ($params as $key => $value) {
if (preg_match('/^label_/', $key) && strcmp($value, 'no_change') != 0) {
$labels[strtoupper(substr($key, 6))] = remove_xss(from_html($value), false);
}
}
if (!empty($this->packageName)) {
return self::addLabels($language, $labels, $this->moduleName, "custom/modulebuilder/packages/{$this->packageName}/modules/{$this->moduleName}/language");
} else {
return self::addLabels($language, $labels, $this->moduleName);
}
}
function UninstallAvailable($patch_list, $patch_to_check)
{
foreach ($patch_list as $more_recent_patch) {
if ($more_recent_patch->id == $patch_to_check->id) {
break;
}
$patch_to_check_backup_path = clean_path(remove_file_extension(from_html($patch_to_check->filename))) . '-restore';
$more_recent_patch_backup_path = clean_path(remove_file_extension(from_html($more_recent_patch->filename))) . '-restore';
if ($this->foundConflict($patch_to_check_backup_path, $more_recent_patch_backup_path) && $more_recent_patch->date_entered >= $patch_to_check->date_entered) {
return false;
}
}
return true;
}
/**
* Generating new label with HTML tags
* @group 43069
*/
public function testLabelSaving()
{
$mod_strings = return_module_language($this->_lang, $this->_test_module);
$this->_old_label = $mod_strings[$this->_test_label];
$pref = '<img alt="<script>" src="www.test.com/img.png" ="alert(7001)" width="1" height="1"/>';
$prepared_pref = to_html(strip_tags(from_html($pref)));
$new_label = $prepared_pref . ' ' . $this->_old_label;
// save the new label to the language file
ParserLabel::addLabels($this->_lang, array($this->_test_label => $new_label), $this->_test_module);
// read the language file to get the new value
include "custom/modules/{$this->_test_module}/language/{$this->_lang}.lang.php";
$this->assertEquals($new_label, $mod_strings[$this->_test_label]);
$this->assertNotEquals($pref . ' ' . $this->_old_label, $mod_strings[$this->_test_label]);
}
function populateFromPost()
{
parent::populateFromPost();
// Handle empty massupdate checkboxes
$this->massupdate = !empty($_REQUEST['massupdate']);
if (!empty($_REQUEST['defaultDate']) && !empty($_REQUEST['defaultTime'])) {
$_REQUEST['default'] = $_REQUEST['defaultDate'] . '&' . $_REQUEST['defaultTime'];
$defaultTime = $_REQUEST['defaultTime'];
$hours = substr($defaultTime, 0, 2);
$minutes = substr($defaultTime, 3, 2);
$meridiem = substr($defaultTime, 5, 2);
if (empty($meridiem)) {
if ($hours == '00') {
$hours = 12;
$meridiem = 'am';
} else {
if ($hours >= 12) {
//lets add the PM meridiem, but only subtract 12 if hours is greater than 12
if ($hours > 12) {
$hours -= 12;
}
$meridiem = 'pm';
} else {
$meridiem = 'am';
}
}
//lets format the string to make sure the leading 0's are added back in for hours and minutes
$_REQUEST['default'] = $_REQUEST['defaultDate'] . '&' . sprintf('%02d:%02d%s', $hours, $minutes, $meridiem);
}
} else {
$_REQUEST['default'] = '';
}
unset($_REQUEST['defaultDate']);
unset($_REQUEST['defaultTime']);
foreach ($this->vardef_map as $vardef => $field) {
if (isset($_REQUEST[$vardef])) {
// Bug #48826. Some fields are allowed to have special characters and must be decoded from the request
// Bug 49774, 49775: Strip html tags from 'formula' and 'dependency'.
if (is_string($_REQUEST[$vardef]) && in_array($vardef, $this->decode_from_request_fields_map)) {
$this->{$vardef} = html_entity_decode(strip_tags(from_html($_REQUEST[$vardef])));
} else {
$this->{$vardef} = $_REQUEST[$vardef];
}
if ($vardef != $field) {
$this->{$field} = $this->{$vardef};
}
}
}
$GLOBALS['log']->debug('populate: ' . print_r($this, true));
}
function buildAttachmentsArray($attachments)
{
$attachment_array = array();
foreach ($attachments as $attachment) {
if ($attachment->category_id == 'ContractAttachment') {
$is_default = 1;
} else {
$is_default = 0;
}
$rev_number = $attachment->revision ? '_rev.' . $attachment->revision : '';
$rev_id = $attachment->doc_rev_id ? $attachment->doc_rev_id : $attachment->document_revision_id;
$attachment_array[] = array('document_name' => from_html($attachment->document_name) . $rev_number, 'document_revision_id' => $rev_id, 'file_url' => downloadLink($rev_id), 'id' => $attachment->id, 'is_default' => $is_default);
}
return $attachment_array;
}
/** Function to insert values in vtiger_faqcomments table for the specified module,
* @param $table_name -- table name:: Type varchar
* @param $module -- module:: Type varchar
*/
function insertIntoFAQCommentTable($table_name, $module)
{
global $log, $adb;
$log->info("in insertIntoFAQCommentTable " . $table_name . " module is " . $module);
$current_time = $adb->formatDate(date('Y-m-d H:i:s'), true);
if ($this->column_fields['comments'] != '') {
$comment = $this->column_fields['comments'];
} else {
$comment = $_REQUEST['comments'];
}
if ($comment != '') {
$params = array('', $this->id, from_html($comment), $current_time);
$sql = "insert into vtiger_faqcomments values(?, ?, ?, ?)";
$adb->pquery($sql, $params);
}
}
function getQuotesRelatedData($bean)
{
$return = array();
$emailId = $_REQUEST['recordId'];
require_once "modules/Emails/EmailUI.php";
$email = new Email();
$email->retrieve($emailId);
$return['subject'] = $email->name;
$return['body'] = from_html($email->description_html);
$return['toAddress'] = $email->to_addrs;
$ret = array();
$ret['uid'] = $emailId;
$ret = EmailUI::getDraftAttachments($ret);
$return['attachments'] = $ret['attachments'];
$return['email_id'] = $emailId;
return $return;
}
/**
* This method calls functions on the implementation class and returns the output or Fault object in case of error to client
*
* @return unknown
*/
function serve()
{
$GLOBALS['log']->info('Begin: SugarRestSerialize->serve');
$data = !empty($_REQUEST['rest_data']) ? $_REQUEST['rest_data'] : '';
if (empty($_REQUEST['method']) || !method_exists($this->implementation, $_REQUEST['method'])) {
$er = new SoapError();
$er->set_error('invalid_call');
$this->fault($er);
} else {
$method = $_REQUEST['method'];
$data = unserialize(from_html($data));
if (!is_array($data)) {
$data = array($data);
}
$GLOBALS['log']->info('End: SugarRestSerialize->serve');
return call_user_func_array(array($this->implementation, $method), $data);
}
// else
}
function template_handle_export(&$reporter)
{
ini_set('zlib.output_compression', 'Off');
$reporter->plain_text_output = true;
//disable paging so we get all results in one pass
$reporter->enable_paging = false;
$reporter->run_query();
$reporter->_load_currency();
$header_arr = array();
$header_row = $reporter->get_header_row();
$content = '';
foreach ($header_row as $cell) {
array_push($header_arr, $cell);
}
$header = implode("\"" . getDelimiter() . "\"", array_values($header_arr));
$header = "\"" . $header;
$header .= "\"\r\n";
$content .= $header;
while (($row = $reporter->get_next_row('result', 'display_columns', false, true)) != 0) {
$new_arr = array();
for ($i = 0; $i < count($row['cells']); $i++) {
array_push($new_arr, preg_replace("/\"/", "\"\"", from_html($row['cells'][$i])));
}
$line = implode("\"" . getDelimiter() . "\"", $new_arr);
$line = "\"" . $line;
$line .= "\"\r\n";
$content .= $line;
}
global $locale;
$transContent = $GLOBALS['locale']->translateCharset($content, 'UTF-8', $GLOBALS['locale']->getExportCharset());
ob_clean();
header("Pragma: cache");
header("Content-type: application/octet-stream; charset=" . $locale->getExportCharset());
header("Content-Disposition: attachment; filename={$_REQUEST['module']}.csv");
header("Content-transfer-encoding: binary");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . TimeDate::httpTime());
header("Cache-Control: post-check=0, pre-check=0", false);
header("Content-Length: " . mb_strlen($transContent, '8bit'));
$BOM = "";
print $BOM . $transContent;
}
function action_save()
{
if (empty($this->bean->id)) {
parent::action_save();
}
$this->removeCategories();
// NOTE: call from_html _before_ calling $json->decode... WTF!
$json = getJSONobj();
// workaround for #276
$hiddenFieldContent = $_POST['categoryHiddenField'];
if (!empty($hiddenFieldContent)) {
$categoryHiddenField = $json->decode(from_html($hiddenFieldContent));
//$GLOBALS['log']->error("product catalog tree structure: ". var_export($categoryHiddenField,true));
// for each category store its subcategories in the subcategories attribute (saveCategories()) and store the ids of the root categories in the category_ids fields of the product catalog
$this->bean->category_ids = implode(' ', $this->saveCategories($categoryHiddenField));
} else {
$GLOBALS['log']->warn("field 'item' which is neccessary for creating category structure does not exist");
}
parent::action_save();
}
function SendEmail($emailsTo, $emailSubject, $emailBody)
{
$emailObj = new Email();
$defaults = $emailObj->getSystemDefaultEmail();
$mail = new SugarPHPMailer();
$mail->setMailerForSystem();
$mail->From = $defaults['email'];
$mail->FromName = $defaults['name'];
$mail->ClearAllRecipients();
$mail->ClearReplyTos();
$mail->Subject = from_html($emailSubject);
$mail->Body = $emailBody;
$mail->AltBody = from_html($emailBody);
$mail->prepForOutbound();
foreach ($emailsTo as &$value) {
$mail->AddAddress($value);
}
if (@$mail->Send()) {
}
}
function display()
{
global $beanList;
$module = $GLOBALS['module'];
$json = getJSONobj();
$bean = $this->bean;
$all_fields = array_merge($bean->column_fields, $bean->additional_column_fields);
$js_fields_arr = array();
foreach ($all_fields as $field) {
if (isset($bean->{$field})) {
$bean->{$field} = from_html($bean->{$field});
$bean->{$field} = preg_replace('/\\r\\n/', '<BR>', $bean->{$field});
$bean->{$field} = preg_replace('/\\n/', '<BR>', $bean->{$field});
$js_fields_arr[$field] = addslashes($bean->{$field});
}
}
$out = $json->encode($js_fields_arr, true);
ob_clean();
print $out;
sugar_cleanup(true);
}
function sendEmail($emailTo, $emailSubject, $emailBody, $altemailBody, SugarBean $relatedBean = null)
{
require_once 'modules/Emails/Email.php';
require_once 'include/SugarPHPMailer.php';
$emailObj = new Email();
$emailSettings = getPortalEmailSettings();
$mail = new SugarPHPMailer();
$mail->setMailerForSystem();
$mail->From = $emailSettings['from_address'];
$mail->FromName = $emailSettings['from_name'];
$mail->ClearAllRecipients();
$mail->ClearReplyTos();
$mail->Subject = from_html($emailSubject);
$mail->Body = $emailBody;
$mail->AltBody = $altemailBody;
$mail->prepForOutbound();
$mail->AddAddress($emailTo);
//now create email
if (@$mail->Send()) {
$emailObj->to_addrs = '';
$emailObj->type = 'archived';
$emailObj->deleted = '0';
$emailObj->name = $mail->Subject;
$emailObj->description = $mail->AltBody;
$emailObj->description_html = $mail->Body;
$emailObj->from_addr = $mail->From;
if ($relatedBean instanceof SugarBean && !empty($relatedBean->id)) {
$emailObj->parent_type = $relatedBean->module_dir;
$emailObj->parent_id = $relatedBean->id;
}
$emailObj->date_sent = TimeDate::getInstance()->nowDb();
$emailObj->modified_user_id = '1';
$emailObj->created_by = '1';
$emailObj->status = 'sent';
$emailObj->save();
}
}
function handle_save_swaps()
{
$final_array = array();
$view = $this->contents;
$counter = 0;
$return_view = '';
for ($i = 0; $i < sizeof($this->slots); $i++) {
$slot = $this->slots[$i];
$explode = explode($slot[0], $view, 2);
$explode[0] .= '<slot>';
$explode[1] = '</slot>' . $explode[1];
if (!empty($_REQUEST['add_slot_' . $i])) {
$return_view .= $explode[0] . from_html($_REQUEST['add_slot_' . $i]);
} else {
if ($_REQUEST['form_slot_' . $i] == '-33' || $_REQUEST['form_slot_' . $i] == '-1') {
//this is a delete row
$return_view .= $explode[0] . ' ';
$logger->swap_fields($i, $_REQUEST['form_slot_' . $i]);
$df->delete_field($this->slots[$i][1]);
} else {
if ($_REQUEST['form_slot_' . $i] < 0) {
$_REQUEST['form_slot_' . $i] = $i;
}
$logger->swap_fields($i, $_REQUEST['form_slot_' . $i]);
$return_view .= $explode[0] . $this->slots[$_REQUEST['form_slot_' . $i]][1];
}
}
$view = $explode[1];
$counter++;
}
$logger->close();
$df->save_deleted_fields();
if (empty($return_view)) {
return $this->contents;
}
return $return_view . $view;
}
function save_packaged_products()
{
require_once 'include/utils.php';
$json = getJSONobj();
$services = $json->decode(from_html($_POST['uniqueJsonString']));
$packaged_product_ids = "";
foreach ($services as $service) {
$id = '';
$count = '';
$isUnique = '';
if (array_key_exists('ProductId', $service['_oData'])) {
$id = $service['_oData']['ProductId'];
}
if (array_key_exists('Quantity', $service['_oData'])) {
$count = $service['_oData']['Quantity'];
}
if (array_key_exists('IsUnique', $service['_oData'])) {
$isUnique = $service['_oData']['IsUnique'] ? "1" : "0";
}
// do some validity checking to prevent that invalid lines (like the sum line) are saved in the database
if (!empty($id) && !empty($count)) {
// syntax: ID:COUNT:UNIQUE where UNIQUE is "1" for true or "0" for false
$packaged_product_ids .= $count . ':' . $id . ':' . $isUnique . ' ';
// TODO do auditing
/* $oldService = new oqc_Service();
$oldServiceText = ($oldService->retrieve($s['Id'])) ? ($oldService->as_plain_text()) : ('<n/a>');
if ($oldServiceText != $newService->as_plain_text()) {
$changes = array('field_name' => $name, 'data_type' => 'varchar', 'before' => $oldServiceText, 'after' => $newService->as_plain_text());
$this->bean->db->save_audit_records($this->bean, $changes);
}
*/
}
}
$this->bean->packaged_product_ids = trim($packaged_product_ids);
}
function loadContact($contactid, $module = 'Contact')
{
require_once "modules/" . $module . "s/{$module}.php";
$contact = new $module();
$contact->retrieve($contactid);
// cn: bug 8504 - CF/LB break Outlook's vCard import
$bad = array("\n", "\r");
$good = array("=0A", "=0D");
$encoding = '';
if (strpos($contact->primary_address_street, "\n") || strpos($contact->primary_address_street, "\r")) {
$contact->primary_address_street = str_replace($bad, $good, $contact->primary_address_street);
$encoding = 'QUOTED-PRINTABLE';
}
$this->setName(from_html($contact->first_name), from_html($contact->last_name), from_html($contact->salutation));
$this->setBirthDate(from_html($contact->birthdate));
$this->setPhoneNumber(from_html($contact->phone_fax), 'FAX');
$this->setPhoneNumber(from_html($contact->phone_home), 'HOME');
$this->setPhoneNumber(from_html($contact->phone_mobile), 'CELL');
$this->setPhoneNumber(from_html($contact->phone_work), 'WORK');
$this->setEmail(from_html($contact->email1));
$this->setAddress(from_html($contact->primary_address_street), from_html($contact->primary_address_city), from_html($contact->primary_address_state), from_html($contact->primary_address_postalcode), from_html($contact->primary_address_country), 'WORK', $encoding);
$this->setORG(from_html($contact->account_name), from_html($contact->department));
$this->setTitle(from_html($contact->title));
}
function create_fts_search_list_query($db, $spec_SearchVars, $searchVars, $fullQuery = false)
{
/**
$searchVars should be an array of bean variables to search. Key name should be name of variables and should map directly to the kbdocument table itself.
example of some acceptable searchVars are:
$searchVars['kbdocument_name']
$searchVars['description']
$searchVars['status_id']
** $spec_SearchVars array is meant to handle special search enhancements. These enhancements and acceptable params are as follow:
** Full Text Search Params.
$spec_SearchVars['searchText_include']
$spec_SearchVars['searchText_exclude']
'searchText_include' are the keywords that will be used to perform the full text search. Articles returned will contain values from this param.
'searchText_exclude' are the keywords that will be used to perform the full text search. Articles returned will contain values from the include param, but exclude values from this param.
** Active_Date Filters
$spec_SearchVars['active_date'] //date used for before/after/on/between_dates filters
$spec_SearchVars['active_date2'] //used for 'between_dates' filter
$spec_SearchVars['active_date_filter'] //define filter according to 'kbdocument_date_filter_options' dom object
These parameters will be used to apply date filters to knowledge document regarding active date field
** Exp_Date Date Filters
$spec_SearchVars['exp_date'] //date used for before/after/on/between_dates filters
$spec_SearchVars['exp_date2'] //used for 'between_dates' filter
$spec_SearchVars['exp_date_filter'] //define filter according to 'kbdocument_date_filter_options' dom object
These parameters will be used to apply date filters to knowledge document regarding exp_date field
** Tag Name Filters
$spec_SearchVars['tag_name']
This parameter will be used to extract tag names to constrain the search to. Expects tag name to be formatted as [tagname]
** Viewed Frequency Rate Filters
$spec_SearchVars['frequency']
This parameter will be used to add on 'viewed frequency' filters, according to the 'kbdocument_viewing_frequency_dom' dom object
** Canned Search Filters
$spec_SearchVars['canned_search']
This parameter will be used to add on 'canned query' filters, according to the 'kbdocument_canned_search' dom object
** Attachment Filters
$spec_SearchVars['attachments'] //holds dropdown value of desired search filter
$spec_SearchVars['filename'] //holds filename to search for if desired
$spec_SearchVars['file_mime_type'] //holds mimetype to search for if desired
These parameters will be used to apply filters to knowledge document regarding attachments
*end of $spec_SearchVars array params
*/
$qry_arr['where'] = '';
$qry_arr['custom_from'] = '';
//create the fts 'include' search string
$query_include = $query_exclude = $query_must = array();
if (!empty($spec_SearchVars['searchText_include'])) {
$query = $db->parseFulltextQuery($spec_SearchVars['searchText_include']);
if (empty($query)) {
return '';
}
$query_include = $query[0];
$query_must = $query[1];
$query_exclude = $query[2];
}
if (!empty($spec_SearchVars['searchText_exclude'])) {
$query_ex = $db->parseFulltextQuery($spec_SearchVars['searchText_exclude']);
if (empty($query_ex)) {
return '';
}
$query_include = array_merge($query_include, $query_ex[2]);
$query_exclude = array_merge($query_exclude, $query_ex[0]);
$query_exclude = array_merge($query_exclude, $query_ex[1]);
}
//create portion of query that holds the fts search
$qry_arr['custom_from'] = "INNER JOIN(\n SELECT kbdocument_id as id FROM kbdocument_revisions WHERE deleted = 0 and latest = 1 ";
// do not do full text search if $query_include[0] is '*' or not defined -bug 47789
// Bug 52409 - Also check if $query_must and $query_exclude aren't empty
if (!empty($query_include) && $query_include[0] != '*' || !empty($query_must)) {
// If we are doing a full text search, remove from $query_include the '*' value if it exists
if (!empty($query_include)) {
$query_include = array_values(array_diff($query_include, array("*")));
}
$qry_arr['custom_from'] = $qry_arr['custom_from'] . "and kbcontent_id in (\n select id from kbcontents where deleted = 0 and " . $db->getFulltextQuery('kbdocument_body', $query_include, $query_must, $query_exclude) . ")";
}
$qry_arr['custom_from'] .= ") derived_table ON kbdocuments.id = derived_table.id ";
$search_str = ' ';
$tag_display = ' ';
$tag_name_string = '';
$is_first_tag = true;
//process tags if specified
if (isset($spec_SearchVars['tag_name']) && !empty($spec_SearchVars['tag_name'])) {
//if tag name exists, and so does id, use id
if (isset($spec_SearchVars['tag_id']) && !empty($spec_SearchVars['tag_id'])) {
$tag_id_arr = explode(' ', $spec_SearchVars['tag_id']);
//process each id specified
foreach ($tag_id_arr as $id) {
$id = trim($id);
if (!empty($id)) {
if ($is_first_tag) {
$tag_name_string .= "'{$id}'";
$is_first_tag = false;
} else {
$tag_name_string .= ", '{$id}'";
}
}
}
//create filter for tags
$search_str .= "\n and kbdocuments.id in (\n select kbdocument_id from kbdocuments_kbtags where kbtag_id in\n (\n {$tag_name_string}\n )\n )";
} else {
//if only tag names are specified and not tag ids, then explode
//string on open bracket (properly formatted tag names are enclosed in '[]'
$tag_name_arr = explode('[', $spec_SearchVars['tag_name']);
//extract string from each formatted tag name
foreach ($tag_name_arr as $name) {
$name = trim($name);
if (!empty($name)) {
if ($is_first_tag) {
$tag_name_string .= "'{$name}'";
$is_first_tag = false;
} else {
$tag_name_string .= ", '{$name}'";
}
}
}
//remove remaining brackets from string for querying
$tag_name_string = str_replace('[', '', $tag_name_string);
$tag_name_string = str_replace(']', '', $tag_name_string);
//create tag filter, based on names
$search_str .= "\n and kbdocuments.id in (\n select kbdocument_id from kbdocuments_kbtags where kbtag_id in\n (\n select id from kbtags where tag_name in({$tag_name_string})\n )\n )";
}
}
//now add the rest of fields to query on, based on search vars array
$search_str .= "";
if (isset($searchVars)) {
foreach ($searchVars as $key => $val) {
$op = ' like ';
$constraint = $val;
// check to see if array is being passed in.
if (is_array($val)) {
if ($search_str != ' ') {
$search_str .= " and ";
//and is needed only if $search_str already has something bug 47789
}
//if array is being passed in, then retrieve operator to use
//otherwise, operator will default to 'like'
if (isset($val['operator']) && !empty($val['operator'])) {
$op = ' ' . $val['operator'] . ' ';
$constraint = $val['filter'];
//set searchstring with passed in operator
$search_str .= " kbdocuments.{$key} {$op} '" . $constraint . "' ";
} else {
//set search string with like statement if operator is empty
$search_str .= " kbdocuments.{$key} {$op} '" . $constraint . "%' ";
}
} else {
if ($search_str != ' ') {
$search_str .= " and ";
//and is needed only if $search_str already has something bug 47789
}
//set search string with like statement if no operator specified
$search_str .= " kbdocuments.{$key} {$op} '" . $constraint . "%' ";
}
}
//foreach
}
//if
//add the date range filters
if (isset($spec_SearchVars['active_date_filter']) && !empty($spec_SearchVars['active_date_filter'])) {
$ac = return_date_filter($db, 'active_date', $spec_SearchVars['active_date_filter'], $spec_SearchVars['active_date'], $spec_SearchVars['active_date2']);
if (!empty($ac)) {
$search_str .= " and {$ac}";
}
}
if (isset($spec_SearchVars['exp_date_filter']) && !empty($spec_SearchVars['exp_date_filter'])) {
$xd = return_date_filter($db, 'exp_date', $spec_SearchVars['exp_date_filter'], $spec_SearchVars['exp_date'], $spec_SearchVars['exp_date2']);
if (!empty($xd)) {
$search_str .= ' and ' . $xd;
}
}
//add the Frequency filter
if (isset($spec_SearchVars['frequency']) && !empty($spec_SearchVars['frequency'])) {
$frequencyFilter = return_view_frequency_filter($db, $spec_SearchVars['frequency']);
if (!empty($frequencyFilter)) {
$search_str .= $frequencyFilter;
}
}
//add attachment Search
if (isset($spec_SearchVars['attachments']) && !empty($spec_SearchVars['attachments'])) {
$attachmentFilter = return_attachment_filter($db, $spec_SearchVars);
if (!empty($attachmentFilter)) {
$search_str .= $attachmentFilter;
}
}
//finally, add the canned query constraints
if (isset($spec_SearchVars['canned_search']) && !empty($spec_SearchVars['canned_search'])) {
$return_can = return_canned_query($db, $spec_SearchVars['canned_search']);
if (!empty($return_can)) {
$search_str .= $return_can;
}
}
//assign where string to query
$qry_arr['where'] = from_html($search_str);
//if full query is expected, then prepend with select statement, Default is to pass back query
//ready for use as a where clause in ListView Object Setup method
if ($fullQuery) {
$search_str_full = 'Select kbdocuments.*, kbdocuments_views_ratings.views_number';
$search_str_full .= ' FROM kbdocuments left join kbdocuments_views_ratings ON kbdocuments.id = kbdocuments_views_ratings.kbdocument_id ';
$search_str_full .= $qry_arr['custom_from'];
$search_str_full .= ' where ' . $qry_arr['where'];
return $search_str_full;
}
return $qry_arr;
}
$num_row = $adb->num_rows($res);
for ($s = 0; $s < $num_row; $s++) {
$valid = $adb->query_result($res, $s, 'picklistvalueid');
$sql = "delete from vtiger_role2picklist where roleid=? and picklistvalueid=?";
$adb->pquery($sql, array($roleid, $valid));
}
$pickArray = explode("\n", $fldPickList);
$count = count($pickArray);
$tabname = explode('cf_', $tableName);
if ($tabname[1] != '') {
$custom = true;
}
/* ticket2369 fixed */
$columnName = $tableName;
for ($i = 0; $i < $count; $i++) {
$pickArray[$i] = trim(from_html($pickArray[$i]));
//if UTF-8 character input given, when configuration is latin1, then avoid the entry which will cause mysql empty object exception in line 101
$stringConvert = function_exists(iconv) ? @iconv("UTF-8", $default_charset, $pickArray[$i]) : $pickArray[$i];
$pickArray[$i] = trim($stringConvert);
if ($pickArray[$i] != '') {
$picklistcount = 0;
//This uitype is for non-editable picklist
$sql = "select {$tableName} from vtiger_{$tableName}";
$res = $adb->pquery($sql, array());
$numrow = $adb->num_rows($res);
for ($x = 0; $x < $numrow; $x++) {
$picklistvalues = decode_html($adb->query_result($res, $x, $tableName));
// Fix For: http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/5129
global $current_language;
if ($current_language != 'en_us') {
// Translate the value in database and compare with input.
/**
* Send new password or link to user
*
* @param string $templateId Id of email template
* @param array $additionalData additional params: link, url, password
* @return array status: true|false, message: error message, if status = false and message = '' it means that send method has returned false
*/
public function sendEmailForPassword($templateId, array $additionalData = array())
{
global $sugar_config, $current_user;
$mod_strings = return_module_language('', 'Users');
$result = array('status' => false, 'message' => '');
$emailTemp = new EmailTemplate();
$emailTemp->disable_row_level_security = true;
if ($emailTemp->retrieve($templateId) == '') {
$result['message'] = $mod_strings['LBL_EMAIL_TEMPLATE_MISSING'];
return $result;
}
//replace instance variables in email templates
$htmlBody = $emailTemp->body_html;
$body = $emailTemp->body;
if (isset($additionalData['link']) && $additionalData['link'] == true) {
$htmlBody = str_replace('$contact_user_link_guid', $additionalData['url'], $htmlBody);
$body = str_replace('$contact_user_link_guid', $additionalData['url'], $body);
} else {
$htmlBody = str_replace('$contact_user_user_hash', $additionalData['password'], $htmlBody);
$body = str_replace('$contact_user_user_hash', $additionalData['password'], $body);
}
// Bug 36833 - Add replacing of special value $instance_url
$htmlBody = str_replace('$config_site_url', $sugar_config['site_url'], $htmlBody);
$body = str_replace('$config_site_url', $sugar_config['site_url'], $body);
$htmlBody = str_replace('$contact_user_user_name', $this->user_name, $htmlBody);
$htmlBody = str_replace('$contact_user_pwd_last_changed', TimeDate::getInstance()->nowDb(), $htmlBody);
$body = str_replace('$contact_user_user_name', $this->user_name, $body);
$body = str_replace('$contact_user_pwd_last_changed', TimeDate::getInstance()->nowDb(), $body);
$emailTemp->body_html = $htmlBody;
$emailTemp->body = $body;
$itemail = $this->emailAddress->getPrimaryAddress($this);
//retrieve IT Admin Email
//_ppd( $emailTemp->body_html);
//retrieve email defaults
$emailObj = new Email();
$defaults = $emailObj->getSystemDefaultEmail();
require_once 'include/SugarPHPMailer.php';
$mail = new SugarPHPMailer();
$mail->setMailerForSystem();
//$mail->IsHTML(true);
$mail->From = $defaults['email'];
$mail->FromName = $defaults['name'];
$mail->ClearAllRecipients();
$mail->ClearReplyTos();
$mail->Subject = from_html($emailTemp->subject);
if ($emailTemp->text_only != 1) {
$mail->IsHTML(true);
$mail->Body = from_html($emailTemp->body_html);
$mail->AltBody = from_html($emailTemp->body);
} else {
$mail->Body_html = from_html($emailTemp->body_html);
$mail->Body = from_html($emailTemp->body);
}
if ($mail->Body == '' && $current_user->is_admin) {
global $app_strings;
$result['message'] = $app_strings['LBL_EMAIL_TEMPLATE_EDIT_PLAIN_TEXT'];
return $result;
}
if ($mail->Mailer == 'smtp' && $mail->Host == '' && $current_user->is_admin) {
$result['message'] = $mod_strings['ERR_SERVER_SMTP_EMPTY'];
return $result;
}
$mail->prepForOutbound();
$hasRecipients = false;
if (!empty($itemail)) {
if ($hasRecipients) {
$mail->AddBCC($itemail);
} else {
$mail->AddAddress($itemail);
}
$hasRecipients = true;
}
if ($hasRecipients) {
$result['status'] = @$mail->Send();
}
if ($result['status'] == true) {
$emailObj->team_id = 1;
$emailObj->to_addrs = '';
$emailObj->type = 'archived';
$emailObj->deleted = '0';
$emailObj->name = $mail->Subject;
$emailObj->description = $mail->Body;
$emailObj->description_html = null;
$emailObj->from_addr = $mail->From;
$emailObj->parent_type = 'User';
$emailObj->date_sent = TimeDate::getInstance()->nowDb();
$emailObj->modified_user_id = '1';
$emailObj->created_by = '1';
$emailObj->status = 'sent';
$emailObj->save();
if (!isset($additionalData['link']) || $additionalData['link'] == false) {
$user_hash = strtolower(md5($additionalData['password']));
$this->setPreference('loginexpiration', '0');
$this->setPreference('lockout', '');
$this->setPreference('loginfailed', '0');
$this->savePreferencesToDB();
//set new password
$now = TimeDate::getInstance()->nowDb();
$query = "UPDATE {$this->table_name} SET user_hash='{$user_hash}', system_generated_password='******', pwd_last_changed='{$now}' where id='{$this->id}'";
$this->db->query($query, true, "Error setting new password for {$this->user_name}: ");
}
}
return $result;
}
