<?php /************************************************************************************************* * Copyright 2016 JPL TSolucio, S.L. -- This file is a part of TSOLUCIO coreBOS Customizations. * Licensed under the vtiger CRM Public License Version 1.1 (the "License"); you may not use this * file except in compliance with the License. You can redistribute it and/or modify it * under the terms of the License. JPL TSolucio, S.L. reserves all rights not expressly * granted by the License. coreBOS distributed by JPL TSolucio S.L. is distributed in * the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Unless required by * applicable law or agreed to in writing, software distributed under the License is * distributed on an "AS IS" BASIS, WITHOUT ANY WARRANTIES OR CONDITIONS OF ANY KIND, * either express or implied. See the License for the specific language governing * permissions and limitations under the License. You may obtain a copy of the License * at <http://corebos.org/documentation/doku.php?id=en:devel:vpl11> ************************************************************************************************* * This file is included within "DetailView.tpl" to provide SESSION value to smarty template *************************************************************************************************/ require_once 'include/utils/Session.php'; coreBOS_Session::init(); $aAllBlockStatus = $_SESSION['BLOCKINITIALSTATUS']; $this->assign("BLOCKINITIALSTATUS", $aAllBlockStatus);
require_once 'modules/CustomView/CustomView.php'; require_once 'modules/PickList/PickListUtils.php'; require_once 'modules/Invoice/Invoice.php'; require_once 'modules/Quotes/Quotes.php'; require_once 'modules/PurchaseOrder/PurchaseOrder.php'; require_once 'modules/SalesOrder/SalesOrder.php'; require_once 'include/utils/Session.php'; coreBOS_Session::init(); // Set the current language and the language strings, if not already set. setCurrentLanguage(); global $allow_exports, $app_strings; $current_user = new Users(); if (isset($_SESSION['authenticated_user_id'])) { $result = $current_user->retrieveCurrentUserInfoFromFile($_SESSION['authenticated_user_id'], "Users"); if ($result == null) { coreBOS_Session::destroy(); header("Location: index.php?action=Login&module=Users"); exit; } } //Security Check if (isPermitted($_REQUEST['module'], "Export") == "no") { $allow_exports = "none"; } if ($allow_exports == 'none' || $allow_exports == 'admin' && !is_admin($current_user)) { ?> <script type='text/javascript'> alert("<?php echo $app_strings['NOT_PERMITTED_TO_EXPORT']; ?> ");
} $log->info("current page is {$currentModuleFile} current module is {$currentModule} "); $module = isset($_REQUEST['module']) ? vtlib_purify($_REQUEST['module']) : ""; $action = isset($_REQUEST['action']) ? vtlib_purify($_REQUEST['action']) : ""; $record = isset($_REQUEST['record']) ? vtlib_purify($_REQUEST['record']) : ""; $lang_crm = isset($_SESSION['authenticated_user_language']) ? $_SESSION['authenticated_user_language'] : ""; $current_user = new Users(); if ($use_current_login) { //$result = $current_user->retrieve($_SESSION['authenticated_user_id']); //getting the current user info from flat file $result = $current_user->retrieveCurrentUserInfoFromFile($_SESSION['authenticated_user_id']); if ($result == null) { coreBOS_Session::destroy(); header("Location: index.php?action=Login&module=Users"); } coreBOS_Session::setUserGlobalSessionVariables(); $moduleList = getPermittedModuleNames(); //auditing require_once 'user_privileges/audit_trail.php'; /* Skip audit trail log for special request types */ $skip_auditing = false; if ($action == 'chat') { $skip_auditing = true; } else { if (($action == 'ActivityReminderCallbackAjax' || isset($_REQUEST['file']) && $_REQUEST['file'] == 'ActivityReminderCallbackAjax') && $module == 'Calendar') { $skip_auditing = true; } else { if (($action == 'TraceIncomingCall' || isset($_REQUEST['file']) && $_REQUEST['file'] == 'TraceIncomingCall') && $module == 'PBXManager') { $skip_auditing = true; } }
$operationManager = new OperationManager($adb, $operation, $format, $sessionManager); } catch (WebServiceException $e) { echo $e->message; die; } try { if (!$sessionId || strcasecmp($sessionId, "null") === 0) { $sessionId = null; } $input = $operationManager->getOperationInput(); $adoptSession = false; $sessionName = null; if (strcasecmp($operation, "extendsession") === 0) { if (isset($input['operation'])) { // Workaround fix for PHP 5.3.x: $_REQUEST doesn't have PHPSESSID $sessionName = coreBOS_Session::getSessionName(); if (isset($_REQUEST[$sessionName])) { $sessionId = vtws_getParameter($_REQUEST, $sessionName); } elseif (isset($_COOKIE[$sessionName])) { $sessionId = vtws_getParameter($_COOKIE, $sessionName); } elseif (isset($_REQUEST['PHPSESSID'])) { $sessionId = vtws_getParameter($_REQUEST, "PHPSESSID"); } else { // NOTE: Need to evaluate for possible security issues $sessionId = vtws_getParameter($_COOKIE, 'PHPSESSID'); } // END $adoptSession = true; } else { writeErrorOutput($operationManager, new WebServiceException(WebServiceErrorCode::$AUTHREQUIRED, "Authentication required")); return;
$usip = $_SERVER['REMOTE_ADDR']; $intime = date("Y/m/d H:i:s"); require_once 'modules/Users/LoginHistory.php'; $loghistory = new LoginHistory(); $Signin = $loghistory->user_login($focus->column_fields["user_name"], $usip, $intime); //Security related entries start require_once 'include/utils/UserInfoUtil.php'; createUserPrivilegesfile($focus->id); //Security related entries end unset($_SESSION['login_password']); unset($_SESSION['login_error']); unset($_SESSION['login_user_name']); $_SESSION['authenticated_user_id'] = $focus->id; $_SESSION['app_unique_key'] = $application_unique_key; //Enabled session variable for KCFINDER coreBOS_Session::setKCFinderVariables(); // store the user's theme in the session if (!empty($focus->column_fields["theme"])) { $authenticated_user_theme = $focus->column_fields["theme"]; } else { $authenticated_user_theme = $default_theme; } // store the user's language in the session if (!empty($focus->column_fields["language"])) { $authenticated_user_language = $focus->column_fields["language"]; } else { $authenticated_user_language = $default_language; } $_SESSION['vtiger_authenticated_user_theme'] = $authenticated_user_theme; $_SESSION['authenticated_user_language'] = $authenticated_user_language; $log->debug("authenticated_user_theme is {$authenticated_user_theme}");