/**
* Constructor.
*
* @param String $url - REST url
*/
function __construct($url)
{
$GLOBALS['log']->info('Begin: SugarRestService->__construct');
$this->restURL = $url;
$responseTypeString = 'SugarRest';
if (!empty($_REQUEST['response_type'])) {
$responseTypeString = clean_string($_REQUEST['response_type'], 'ALPHANUM');
if (strcasecmp($responseTypeString, 'JSON') === 0) {
$responseTypeString = 'SugarRest' . 'JSON';
} elseif (strcasecmp($responseTypeString, 'RSS') === 0) {
$responseTypeString = 'SugarRest' . 'RSS';
} elseif (strcasecmp($responseTypeString, 'Serialize') === 0) {
$responseTypeString = 'SugarRest' . 'Serialize';
}
}
// if
$this->responseClass = $responseTypeString;
//$this->responseClass = (!empty($_REQUEST['response_type']))?'SugarRest'.clean_string($_REQUEST['response_type'], 'ALPHANUM'): 'SugarRest';
if (!file_exists('service/core/REST/' . $this->responseClass . '.php')) {
$this->responseClass = 'SugarRest';
}
$this->serverClass = !empty($_REQUEST['input_type']) ? 'SugarRest' . clean_string($_REQUEST['input_type'], 'ALPHANUM') : 'SugarRest';
$GLOBALS['log']->info('SugarRestService->__construct serverclass = ' . $this->serverClass);
if (!file_exists('service/core/REST/' . $this->serverClass . '.php')) {
$this->serverClass = 'SugarRest';
}
require_once 'service/core/REST/' . $this->serverClass . '.php';
$GLOBALS['log']->info('End: SugarRestService->__construct');
}
/**
* Loads up menu items from files located in include/contextMenus/menuDefs
* @param string $name name of the object
*/
function loadFromFile($name)
{
global $menuDef;
clean_string($name, 'FILE');
require_once 'include/contextMenus/menuDefs/' . $name . '.php';
$this->loadFromDef($name, $menuDef[$name]);
}
function construct_clean_output_for_employee($employee)
{
$a = clean_string(8, $employee['Units']);
$b = clean_string(45, $employee['Name']);
$c = " {$employee['Employee Number']}";
return "{$a}|{$b}|{$c}";
}
function sendEmail($name, $from, $to, $user_subject, $msg)
{
// check strings for cross site scripting (illegal characters).
function clean_string($string)
{
$bad = array("content-type", "bcc:", "to:", "cc:", "href");
return str_replace($bad, "", $string);
}
$subject = "{$name} send you a message via your contact form";
$message = "Name: " . clean_string($name) . "\r\n";
$message .= "Email: " . clean_string($from) . "\r\n";
if (isset($subject)) {
$message .= "Subject: " . clean_string($user_subject) . "\r\n";
}
$message .= "Message: \r\n" . clean_string($msg) . "\r\n";
$message = wordwrap($message, 72);
// create email headers From, Cc and Bcc.
$headers = "MINE-Version: 1.0\r\n";
$headers .= "Content-type: text/plain; charset=iso-8859-1\r\n";
$headers .= "From: {$name} <{$from}>\r\n";
// $headers .= "Cc: publicarray@icloud.com\r\n";
// $headers .= "Bcc: admin@publicarray.com\r\n";
'Reply-To: ' . $from . "\r\n" . 'X-Mailer: PHP/' . phpversion();
set_time_limit(0);
// actually send email & redirect
if (mail($to, $subject, $message, $headers)) {
echo '<div class="block"><div class="alert green">Message Send!</div></div>';
} else {
echo '<div class="block"><div class="alert red">Sorry, but it there was a problem sending this email. <br /> Please try again later or send it directly to: admin@publicarray.com</div></div>';
}
}
function product_link($product)
{
$name = clean_string($product->name);
$segments = array('nutrition-facts', $product->id, $product->name);
$url = generate_url($segments);
return $url;
}
private function discourse($volume, $discourse)
{
$this->Discourse =& ClassRegistry::init('Discourse');
$volume = str_pad((int) $volume, 2, "0", STR_PAD_LEFT);
$discourse = str_pad($discourse, 2, "0", STR_PAD_LEFT);
App::import('Core', array('Xml', 'HttpSocket'));
$this->Http =& new HttpSocket();
$url = "http://scriptures.byu.edu/gettalk.php?vol={$volume}&disc={$discourse}";
$html = $this->Http->get($url);
if (strpos($html, 'file_get_contents') !== false) {
return false;
}
$dom = new DOMDocument();
@$dom->loadHTML($html);
$xpath = new DOMXPath($dom);
$start_page = (int) $xpath->evaluate('//a[@name][1]')->item(0)->getAttribute('name');
$column_anchors = $xpath->evaluate('//a[@name]');
$end_page = (int) $column_anchors->item($column_anchors->length - 1)->getAttribute('name');
$title = clean_string(find_content($xpath, '//div[@class="title"]'));
$subtitle = find_content($xpath, '//div[@class="subtitle"]');
$reported_by = clean_string(find_content($xpath, '//div[@class="reportedBy"]'));
$page_header = clean_string(find_content($xpath, '//div[@class="pageHeader"]'));
$speaker = clean_string(find_content($xpath, '//div[@class="speaker"]'));
$date = prepare_date(find_content($xpath, '//div[@class="date"]'));
$content = find_content($xpath, '//div[@class="discourseBody"]');
$this->Discourse->create();
$this->Discourse->save(array('volume' => $volume, 'start_page' => $start_page, 'end_page' => $end_page, 'title' => $title, 'subtitle' => $subtitle, 'reported_by' => $reported_by, 'page_header' => $page_header, 'speaker' => $speaker, 'date' => $date, 'subtitle' => $subtitle, 'content' => $content));
return true;
}
function listViewProcess()
{
$GLOBALS['log'] = LoggerManager::getLogger('SugarCRM');
global $sugar_config;
global $current_user;
global $app_strings;
global $timedate;
$type = clean_string($_REQUEST['module']);
$db = DBManagerFactory::getInstance();
/* $query = $_REQUEST['query'];
if($query){
$ret_array = generateSearchWhere($type, $_REQUEST['current_post']);
$w = $ret_array['where'];
$where = "IN ( SELECT id from grouplists WHERE ".$w .")";
}
else{
$where = '';
} */
/*$ids = $_REQUEST['uid'];
if($ids) {
$ids = explode(',', $ids);
$ids = "'" . implode("','", $ids) . "'";
$where = "in ($ids)";
}
else if (isset($_REQUEST['all']) ){
$where = '';//get all
} else {
if(!empty($_REQUEST['current_post'])) {
$ret_array = generateSearchWhere($type, $_REQUEST['current_post']);
$w = $ret_array['where'];
$where = "IN ( SELECT id from grouplists WHERE ".$w .")";
} else {
$where = '';
}
}*/
$focus = new GroupLists();
// $query = $focus->create_new_list_query($order_by, $where,$filter=array(),$params=array(), $show_deleted = 0,$join_type='', $return_array = false, $parentbean=null, $singleSelect = false);
$query = $focus->{$start_date} = $_REQUEST['start_date'];
$end_date = $_REQUEST['end_date'];
$template = file_get_contents('modules/GroupLists/tpls/report.tpl');
$template = str_replace('{START}', $start_date, $template);
$template = str_replace('{END}', $end_date, $template);
$template = str_replace('{LIST_GIT}', $focus->get_GIT_to_report($where), $template);
$template = str_replace('{LIST_FIT}', $focus->get_FIT_to_report($where), $template);
$size = strlen($template);
$filename = "DS KHACH DI TOUR TU " . $start_date . " DEN " . $end_date . ".doc";
ob_end_clean();
header("Cache-Control: private");
header("Content-Type: application/force-download;");
header("Content-Disposition:attachment; filename=\"{$filename}\"");
header("Content-length:{$size}");
echo $template;
ob_flush();
// header("Location: index.php?module=GroupLists&action=index");
sugar_cleanup(true);
}
function generate_url($segments)
{
for ($i = 0; $i < count($segments); $i++) {
$segments[$i] = clean_string($segments[$i]);
}
$url = site_url($segments);
return $url;
}
/**
* @dataProvider providerCleanString
* @ticket 45877
*/
public function testCleanString($string, $filter, $resultBool)
{
if ($resultBool) {
$this->assertEquals($string, clean_string($string, $filter, false));
} else {
$this->assertFalse(clean_string($string, $filter, false));
}
}
function sendEmail()
{
if (isset($_POST['email'])) {
// EDIT THE 2 LINES BELOW AS REQUIRED
$email_to = "*****@*****.**";
$email_subject = "Website Inquiry : ";
function died($error)
{
// your error code can go here
echo "We are very sorry, but there were error(s) found with the form you submitted. ";
echo "These errors appear below.<br /><br />";
echo $error . "<br /><br />";
echo "Please go back and fix these errors.<br /><br />";
die;
}
// validation expected data exists
if (!isset($_POST['name']) || !isset($_POST['email']) || !isset($_POST['subject']) || !isset($_POST['message'])) {
died('We are sorry, but there appears to be a problem with the form you submitted.');
}
$name = $_POST['name'];
// required
$email = $_POST['email'];
// required
$subject = $_POST['subject'];
// required
$message = $_POST['message'];
// required
$error_message = "";
$email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,4}$/';
if (!preg_match($email_exp, $email)) {
$error_message .= 'The Email Address you entered does not appear to be valid.<br />';
}
$string_exp = "/^[A-Za-z .'-]+\$/";
if (!preg_match($string_exp, $name)) {
$error_message .= 'The Name you entered does not appear to be valid.<br />';
}
if (strlen($message) < 2) {
$error_message .= 'The Comments you entered do not appear to be valid.<br />';
}
if (strlen($error_message) > 0) {
died($error_message);
}
$email_message = "Form details below.\n\n";
function clean_string($string)
{
$bad = array("content-type", "bcc:", "to:", "cc:", "href");
return str_replace($bad, "", $string);
}
$email_message .= "Name: " . clean_string($name) . "\n";
$email_message .= "Email: " . clean_string($email) . "\n";
$email_message .= "Subject: " . clean_string($subject) . "\n";
$email_message .= "Message: " . clean_string($message) . "\n";
// create email headers
$headers = 'From: ' . $email . "\r\n" . 'Reply-To: ' . $email . "\r\n" . 'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
}
}
function recup_noticeunimarc_suite($notice)
{
global $tit_200a, $serie_200;
if (clean_string($serie_200[0]['i']) != "") {
$tmp_buffer = $serie_200[0]['i'];
$serie_200[0]['i'] = $tit_200a[0];
$tit_200a[0] = $tmp_buffer;
}
}
function createContingent($nameParam)
{
$password = random_password();
$name = clean_string($nameParam);
$loginID = registration_id();
$db = \Udaan\Database::connect();
$sth = $db->prepare("INSERT INTO contingent_college(name,loginid,password) VALUES('{$name}','{$loginID}','{$password}')");
$sth->execute();
header('Location: college.php');
}
/**
* Add Value Row
*
* Adds a row that is just a <label></label> Value row
*
* @param string $label What to put in the <label>
* @param string $value What to put as the value
* @param boolean $full
*
* @return void
*/
function value_row($label, $value, $full = FALSE)
{
if ($this->fieldset == 0) {
show_error('You must create a fieldset before adding fields.');
}
$CI =& get_instance();
$CI->load->helper('clean_string_helper');
$name = clean_string($label);
$this->fields[$this->fieldset][] = array('type' => 'value_row', 'label' => $label, 'value' => $value, 'full' => $full, 'name' => $name);
}
/**
* Create New Content Type
*
* Creates a new content type, including the associated table and custom field group
*
* @param string $name
* @param boolean $is_standard Include Title, URL Path, and Topic dropdown? (default: FALSE)
* @param boolean $is_privileged Include Restrict Access to Member Group(s) Dropdown? (default: FALSE)
* @param boolean $is_module Should this be treated as an automatic content type? Or is there another admin module which will manage this content type? (default: FALSE)
* @param string $template The filename of the template in the theme directory to use for output (default: content.thtml)
* @param string $base_url If this will be managed with the standard content module, we can pre-populate the URL string with this base_url. (default: '')
*
* @return int $content_type_id
*/
function new_content_type($name, $is_standard = TRUE, $is_privileged = FALSE, $is_module = FALSE, $template = 'content.thtml', $base_url = '')
{
// prep base url
$base_url = rtrim($base_url, '/');
$base_url = !empty($base_url) ? $base_url . '/' : '';
// get system name
$this->load->helper('clean_string');
$system_name = clean_string($name);
// make sure table doesn't already exist, after we clear the cache
// we clear the cache because, when theme installs run, we don't want to run into errors about
// non-existant table conflicts
$this->db->data_cache = array();
if ($this->db->table_exists($system_name)) {
die(show_error('There is already a table in the database by the name of ' . $system_name . '. You should rename your content type to avoid a conflict.'));
}
// create custom field group
$this->load->model('custom_fields_model');
$custom_field_group_id = $this->custom_fields_model->new_group('Content: ' . $name);
$insert_fields = array('content_type_is_module' => $is_module == FALSE ? '0' : '1', 'content_type_friendly_name' => $name, 'content_type_system_name' => $system_name, 'content_type_is_standard' => $is_standard == TRUE ? '1' : '0', 'content_type_is_privileged' => $is_privileged == TRUE ? '1' : '0', 'content_type_template' => $template, 'content_type_base_url' => $base_url, 'custom_field_group_id' => $custom_field_group_id);
$this->db->insert('content_types', $insert_fields);
$content_type_id = $this->db->insert_id();
// if this content type isn't another admin module, we'll create a table for it
// otherwise, we expect the developer to create it's own table in the module install
if ($is_module == FALSE) {
/*
OLD DBFORGE METHOD
// database functions
$this->load->dbforge();
// add ID, date, edit_date, admin rows
$this->dbforge->add_field('`' . $system_name . '_id` INT(11) auto_increment PRIMARY KEY');
$this->dbforge->add_field('`content_id` INT(11) NOT NULL');
// create table
$this->dbforge->create_table($system_name);
// add the content_id index to VASTLY speed up queries
$this->db->query('ALTER TABLE `' . $system_name . '` ADD INDEX ( `content_id` )');
*/
/*
We can't use dbforge anymore as it doesn't let us specify a table-type,
which we need to be able to support FULLTEXT queries.
*/
$prefix = $this->db->dbprefix;
$sql = "CREATE TABLE `{$prefix}{$system_name}` (\n\t\t\t\t`{$system_name}_id` INT(11) AUTO_INCREMENT PRIMARY KEY,\n\t\t\t\t`content_id` INT(11) NOT NULL,\n\t\t\t\tINDEX ( `content_id` )\n\t\t\t) ENGINE = MYISAM";
$this->db->query($sql);
}
// clear cache
if (isset($this->CI->cache)) {
$this->CI->cache->file->clean();
}
return $content_type_id;
}
function send_mail($email_to, $email_subject, $first_name, $last_name, $email_from, $telephone, $comments)
{
$email_message = "Form details below.\n\n";
$email_message .= "First Name: " . clean_string($first_name) . "\n";
$email_message .= "Last Name: " . clean_string($last_name) . "\n";
$email_message .= "Email: " . clean_string($email_from) . "\n";
$email_message .= "Telephone: " . clean_string($telephone) . "\n";
$email_message .= "Comments: " . clean_string($comments) . "\n";
// create email headers
$headers = 'From: ' . $email_from . "\r\n" . 'Reply-To: ' . $email_from . "\r\n" . 'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
}
public function get_notice_id()
{
global $pmb_keyword_sep;
$notice_id = 0;
$this->data = array();
$this->data['tit1'] = $this->data['tit4'] = $this->data['authors'] = $this->data['co_authors'] = $this->data['code'] = $this->data['npages'] = $this->data['year'] = $this->data['index_l'] = $this->data['url'] = $this->data['thumbnail_content'] = $this->data['publisher'] = $this->data['n_resume'] = "";
if ($this->mimetype == "application/epub+zip") {
//pour les ebook, on gère ca directement ici !
$this->data['tit1'] = $this->metas['title'][0];
$this->data['authors'] = $this->metas['creator'];
$this->data['co_authors'] = $this->metas['contributor'];
if ($this->metas['identifier']['isbn']) {
$this->data['code'] = \formatISBN($this->metas['identifier']['isbn'], 13);
} else {
if ($this->metas['identifier']['ean']) {
$this->data['code'] = \EANtoISBN($this->metas['identifier']['ean']);
$this->data['code'] = \formatISBN($code, 13);
}
}
if ($this->metas['identifier']['uri']) {
$this->data['url'] = \clean_string($this->metas['identifier']['uri']);
}
$this->data['publisher'] = $this->metas['publisher'][0];
$this->data['year'] = $this->metas['date'][0]['value'];
if (strlen($this->data['year']) && strlen($this->data['year']) != 4) {
$this->data['year'] = \formatdate(detectFormatDate($this->data['year']));
}
$this->data['lang'] = $this->metas['language'];
$this->data['n_resume'] = implode("\n", $this->metas['description']);
$this->data['keywords'] = implode($pmb_keyword_sep, $this->metas['subject']);
$this->data['thumbnail_content'] = $this->metas['thumbnail_content'];
} else {
foreach ($this->map['meta'] as $map_field => $map) {
foreach ($this->metas as $meta_field => $meta_value) {
if ($map_field == $meta_field) {
if (method_exists($this, $map['function'])) {
$this->data[$map['field']] = $this->{$map}['function']($this->data[$map['field']], $meta_value, $map['params']);
} else {
$this->data[$map['field']] = $meta_value;
}
break;
}
}
}
}
if (!$this->data['tit1']) {
$this->data['tit1'] = $this->name;
}
$notice_id = $this->create_notice();
$notice_id = $this->dedoublonne($notice_id);
return $notice_id;
}
/**
* Constructor.
*
* @param String $url - REST url
*/
function __construct($url)
{
$GLOBALS['log']->info('Begin: SugarRestService->__construct');
$this->restURL = $url;
$this->responseClass = !empty($_REQUEST['response_type']) ? 'SugarRest' . clean_string($_REQUEST['response_type'], 'ALPHANUM') : 'SugarRest';
if (!file_exists('service/core/REST/' . $this->responseClass . '.php')) {
$this->responseClass = 'SugarRest';
}
$this->serverClass = !empty($_REQUEST['input_type']) ? 'SugarRest' . clean_string($_REQUEST['input_type'], 'ALPHANUM') : 'SugarRest';
if (!file_exists('service/core/REST/' . $this->serverClass . '.php')) {
$this->serverClass = 'SugarRest';
}
require_once 'service/core/REST/' . $this->serverClass . '.php';
$GLOBALS['log']->info('Begin: SugarRestService->__construct');
}
function find_citation($citation, &$result, $threshold = 0.8)
{
global $config;
global $couch;
$q = clean_string($citation);
$rows_per_page = 5;
$url = '/_design/citation/_search/all?q=' . urlencode($q) . '&limit=' . $rows_per_page;
$resp = $couch->send("GET", "/" . $config['couchdb_options']['database'] . "/" . $url);
$obj = json_decode($resp);
if (isset($obj->error)) {
} else {
$result->query_ok = true;
if ($obj->total_rows > 0) {
$best_hit = 0;
$q = strtolower($q);
foreach ($obj->rows as $row) {
$hit = $row->fields->default;
$hit_original = $hit;
$hit = clean_string($hit);
$hit = strtolower($hit);
$query_length = strlen($q);
$hit_length = strlen($hit);
$C = LCSLength($hit, $q);
// length of subsequence as percentage of query string
$subsequence_length = round(100.0 * $C[$hit_length][$query_length] / $query_length);
$symdiff = 1.0 - ($query_length + $hit_length - 2 * $C[$hit_length][$query_length]) / ($query_length + $hit_length);
if ($symdiff > $threshold) {
if ($symdiff >= $best_hit) {
$best_hit = $symdiff;
$match = new stdclass();
$match->text = $citation;
$match->hit = $hit_original;
$match->match = true;
$match->id = $row->id;
$match->score = $row->order[0];
$match->symdiff = $symdiff;
if ($symdiff > $best_hit) {
$result->results = array();
}
$result->results[] = $match;
}
}
}
}
}
return count($result->results) > 1;
}
/**
* Create New Menu
*
* @param string $name
*
* @return int $menu_id
*/
function new_menu($name)
{
$this->load->helper('clean_string');
$name = clean_string($name);
// make sure it's unique
$duplicates = $this->get_menus(array('name' => $name));
if (!empty($duplicates)) {
die(show_error('A menu with that name (' . $name . ') already exists.'));
}
$insert_fields = array('menu_name' => $name);
$this->db->insert('menus', $insert_fields);
$link_id = $this->db->insert_id();
if (isset($this->CI->cache)) {
$this->CI->cache->file->clean();
}
return $link_id;
}
/**
* Update Blog
*
* @param int $blog_id
* @param int $content_type_id Each blog displays content of only one type, specified here
* @param string $title Blog title
* @param string $url_path
* @param string $description Blog description
* @param array $filter_author The user ID(s) to filter by (default: array())
* @param array $filter_topic The topic ID(s) to filter by (default: array())
* @param string $summary_field The column name to use for the summary (default: FALSE)
* @param string $sort_field The column name to sort by (default: FALSE)
* @param string $sort_dir Sort direction (default: FALSE)
* @param boolean $auto_trim Should we auto trim the summary field in listings? (default: FALSE)
* @param string $template The filename of the template in the theme directory to use for output (default: blog.html)
* @param int $per_page How many items to show per page? (default: 25)
* @param array $privileges array of member group ID's (default: array())
*
* @return boolean
*/
function update_blog($blog_id, $content_type_id, $title, $url_path, $description, $filter_author = array(), $filter_topic = array(), $summary_field = FALSE, $sort_field = FALSE, $sort_dir = FALSE, $auto_trim = TRUE, $template = 'blog.thtml', $per_page = 25, $privileges = array())
{
$blog = $this->get_blog($blog_id);
$this->load->model('link_model');
if (empty($url_path)) {
$this->load->helper('url_string');
$url_path = clean_string($title);
}
if ($url_path != $blog['url_path']) {
$url_path = $this->link_model->prep_url_path($url_path);
$url_path = $this->link_model->get_unique_url_path($url_path);
$this->link_model->update_url($blog['link_id'], $url_path);
}
$this->link_model->update_title($blog['link_id'], $title);
$update_fields = array('content_type_id' => $content_type_id, 'blog_title' => $title, 'blog_description' => $description, 'blog_filter_author' => (is_array($filter_author) and !empty($filter_author)) ? serialize($filter_author) : '', 'blog_filter_topic' => (is_array($filter_topic) and !empty($filter_topic)) ? serialize($filter_topic) : '', 'blog_summary_field' => !empty($summary_field) ? $summary_field : '', 'blog_sort_field' => !empty($sort_field) ? $sort_field : '', 'blog_sort_dir' => !empty($sort_dir) ? $sort_dir : '', 'blog_auto_trim' => $auto_trim == TRUE ? '1' : '0', 'blog_privileges' => (is_array($privileges) and !in_array(0, $privileges)) ? serialize($privileges) : '', 'blog_template' => $template, 'blog_per_page' => $per_page);
$this->db->update('blogs', $update_fields, array('blog_id' => $blog_id));
return TRUE;
}
/**
* Update RSS Feed
*
* @param int $feed_id
* @param int $content_type_id
* @param string $title Feed title
* @param string $url_path
* @param string $description Feed description
* @param array $filter_author The user ID(s) to filter by (default: array())
* @param array $filter_topic The topic ID(s) to filter by (default: array())
* @param string $summary_field The column name to use for the summary (default: FALSE)
* @param string $sort_field The column name to sort by (default: '')
* @param string $sort_dir Sort direction (default: '')
* @param string $template The template file to use for output (default: rss_feed.txml)
*
* @return void
*/
function update_feed($feed_id, $content_type_id, $title, $url_path, $description, $filter_author = array(), $filter_topic = array(), $summary_field = FALSE, $sort_field = '', $sort_dir = '', $template = 'rss_feed.txml')
{
$feed = $this->get_feed($feed_id);
$this->load->model('link_model');
if (empty($url_path)) {
$this->load->helper('clean_string');
$url_path = clean_string($title);
}
if ($url_path != $feed['url_path']) {
$this->load->helper('clean_string');
$url_path = clean_string($url_path);
$url_path = $this->link_model->prep_url_path($url_path);
$url_path = $this->link_model->get_unique_url_path($url_path);
$this->link_model->update_url($feed['link_id'], $url_path);
}
$this->link_model->update_title($feed['link_id'], $title);
$update_fields = array('content_type_id' => $content_type_id, 'rss_title' => $title, 'rss_description' => $description, 'rss_filter_author' => (is_array($filter_author) and !empty($filter_author)) ? serialize($filter_author) : '', 'rss_filter_topic' => (is_array($filter_topic) and !empty($filter_topic)) ? serialize($filter_topic) : '', 'rss_summary_field' => !empty($summary_field) ? $summary_field : '', 'rss_sort_field' => !empty($sort_field) ? $sort_field : '', 'rss_sort_dir' => !empty($sort_dir) ? $sort_dir : '', 'rss_template' => $template);
$this->db->update('rss_feeds', $update_fields, array('rss_id' => $feed_id));
return;
}
function cre_login($nom, $prenom, $dbh)
{
$empr_login = substr($prenom, 0, 1) . $nom;
$empr_login = strtolower($empr_login);
$empr_login = clean_string($empr_login);
$empr_login = convert_diacrit(strtolower($empr_login));
$empr_login = preg_replace('/[^a-z0-9\\.]/', '', $empr_login);
$pb = 1;
$num_login = 1;
while ($pb == 1) {
$requete = "SELECT empr_login FROM empr WHERE empr_login='******' AND empr_nom <> '{$nom}' AND empr_prenom <> '{$prenom}' LIMIT 1 ";
$res = mysql_query($requete, $dbh);
$nbr_lignes = mysql_num_rows($res);
if ($nbr_lignes) {
$empr_login .= $num_login;
$num_login++;
} else {
$pb = 0;
}
}
return $empr_login;
}
/**
* Build out the chart for the sales rep view in the forecast module
*
* @param ServiceBase $api The Api Class
* @param array $args Service Call Arguments
* @return mixed
*/
public function chart($api, $args)
{
$args['timeperiod_id'] = clean_string($args['timeperiod_id']);
$args['user_id'] = clean_string($args['user_id']);
$args['group_by'] = !isset($args['group_by']) ? "forecast" : $args['group_by'];
// default to the Individual Code
$file = 'include/SugarForecasting/Chart/Individual.php';
$klass = 'SugarForecasting_Chart_Individual';
// test to see if we need to display the manager
if ((bool) $args['display_manager'] && User::isManager($api->user->id)) {
// we have a manager view, pull in the manager classes
$file = 'include/SugarForecasting/Chart/Manager.php';
$klass = 'SugarForecasting_Chart_Manager';
}
// check for a custom file exists
SugarAutoLoader::requireWithCustom($file);
$klass = SugarAutoLoader::customClass($klass);
// create the class
/* @var $obj SugarForecasting_Chart_AbstractChart */
$obj = new $klass($args);
return $obj->process();
}
/**
* Get Sugar REST class name for input/return type
*
* @param string $name
* @return string
*/
protected function _getTypeName($name)
{
if (empty($name)) {
return 'SugarRest';
}
$name = clean_string($name, 'ALPHANUM');
$type = '';
switch (strtolower($name)) {
case 'json':
$type = 'JSON';
break;
case 'rss':
$type = 'RSS';
break;
case 'serialize':
$type = 'Serialize';
break;
}
$classname = "SugarRest{$type}";
if (!file_exists('service/core/REST/' . $classname . '.php')) {
return 'SugarRest';
}
return $classname;
}
/**
* Export API
*
* @param $api ServiceBase The API class of the request, used in cases where the API changes how the fields are pulled from the args array.
* @param $args array The arguments array passed in from the API
* @return String
*/
public function export(ServiceBase $api, array $args)
{
$seed = BeanFactory::newBean($args['module']);
if (!$seed->ACLAccess('export')) {
throw new SugarApiExceptionNotAuthorized($GLOBALS['app_strings']['ERR_EXPORT_DISABLED']);
}
ob_start();
global $sugar_config;
global $current_user;
global $app_list_strings;
$theModule = clean_string($args['module']);
if ($sugar_config['disable_export'] || !empty($sugar_config['admin_export_only']) && !(is_admin($current_user) || ACLController::moduleSupportsACL($theModule) && ACLAction::getUserAccessLevel($current_user->id, $theModule, 'access') == ACL_ALLOW_ENABLED && (ACLAction::getUserAccessLevel($current_user->id, $theModule, 'admin') == ACL_ALLOW_ADMIN || ACLAction::getUserAccessLevel($current_user->id, $theModule, 'admin') == ACL_ALLOW_ADMIN_DEV))) {
throw new SugarApiExceptionNotAuthorized($GLOBALS['app_strings']['ERR_EXPORT_DISABLED']);
}
//check to see if this is a request for a sample or for a regular export
if (!empty($args['sample'])) {
//call special method that will create dummy data for bean as well as insert standard help message.
$content = exportSampleFromApi($args);
} else {
$content = exportFromApi($args);
}
$filename = $args['module'];
//use label if one is defined
if (!empty($app_list_strings['moduleList'][$args['module']])) {
$filename = $app_list_strings['moduleList'][$args['module']];
}
//strip away any blank spaces
$filename = str_replace(' ', '', $filename);
if (isset($args['members']) && $args['members'] == true) {
$filename .= '_' . 'members';
}
///////////////////////////////////////////////////////////////////////////////
//// BUILD THE EXPORT FILE
ob_end_clean();
return $this->doExport($api, $filename, $content);
}
$error_message .= 'The Last Name you entered does not appear to be valid.<br />';
}
if (strlen($comments) < 2) {
$error_message .= 'The Comments you entered do not appear to be valid.<br />';
}
if (strlen($error_message) > 0) {
died($error_message);
}
$email_message = "Form details below.\n\n";
function clean_string($string)
{
$bad = array("content-type", "bcc:", "to:", "cc:", "href");
return str_replace($bad, "", $string);
}
$email_message .= "First Name: " . clean_string($first_name) . "\n";
$email_message .= "Last Name: " . clean_string($last_name) . "\n";
$email_message .= "Email: " . clean_string($email_from) . "\n";
$email_message .= "Telephone: " . clean_string($telephone) . "\n";
$email_message .= "Comments: " . clean_string($comments) . "\n";
// create email headers
$headers = 'From: ' . $email_from . "\r\n" . 'Reply-To: ' . $email_from . "\r\n" . 'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
?>
<!-- place your own success html below -->
Thank you for contacting us. We will be in touch with you very soon.
<?php
}
die;
function clean_incoming_data()
{
global $sugar_config;
if (get_magic_quotes_gpc() == 1) {
$req = array_map("preprocess_param", $_REQUEST);
$post = array_map("preprocess_param", $_POST);
$get = array_map("preprocess_param", $_GET);
} else {
$req = array_map("securexss", $_REQUEST);
$post = array_map("securexss", $_POST);
$get = array_map("securexss", $_GET);
}
// PHP cannot stomp out superglobals reliably
foreach ($post as $k => $v) {
$_POST[$k] = $v;
}
foreach ($get as $k => $v) {
$_GET[$k] = $v;
}
foreach ($req as $k => $v) {
$_REQUEST[$k] = $v;
//ensure the keys are safe as well
securexsskey($k);
}
// Any additional variables that need to be cleaned should be added here
if (isset($_REQUEST['login_theme'])) {
clean_string($_REQUEST['login_theme']);
}
if (isset($_REQUEST['login_module'])) {
clean_string($_REQUEST['login_module']);
}
if (isset($_REQUEST['login_action'])) {
clean_string($_REQUEST['login_action']);
}
if (isset($_REQUEST['login_language'])) {
clean_string($_REQUEST['login_language']);
}
if (isset($_REQUEST['action'])) {
clean_string($_REQUEST['action']);
}
if (isset($_REQUEST['module'])) {
clean_string($_REQUEST['module']);
}
if (isset($_REQUEST['record'])) {
clean_string($_REQUEST['record'], 'STANDARDSPACE');
}
if (isset($_SESSION['authenticated_user_theme'])) {
clean_string($_SESSION['authenticated_user_theme']);
}
if (isset($_SESSION['authenticated_user_language'])) {
clean_string($_SESSION['authenticated_user_language']);
}
if (isset($_REQUEST['language'])) {
clean_string($_REQUEST['language']);
}
if (isset($sugar_config['default_theme'])) {
clean_string($sugar_config['default_theme']);
}
if (isset($_REQUEST['offset'])) {
clean_string($_REQUEST['offset']);
}
if (isset($_REQUEST['stamp'])) {
clean_string($_REQUEST['stamp']);
}
if (isset($_REQUEST['lvso'])) {
set_superglobals('lvso', strtolower($_REQUEST['lvso']) === 'desc' ? 'desc' : 'asc');
}
// Clean "offset" and "order_by" parameters in URL
foreach ($_REQUEST as $key => $val) {
if (str_end($key, "_offset")) {
clean_string($_REQUEST[$key], "ALPHANUM");
// keep this ALPHANUM for disable_count_query
set_superglobals($key, $_REQUEST[$key]);
} elseif (str_end($key, "_ORDER_BY")) {
clean_string($_REQUEST[$key], "SQL_COLUMN_LIST");
set_superglobals($key, $_REQUEST[$key]);
}
}
return 0;
}
/**
* Given a list of modules to search and a search string, return the id, module_name, along with the fields
* We will support Accounts, Bug Tracker, Cases, Contacts, Leads, Opportunities, Project, ProjectTask, Quotes
*
* @param string $session - Session ID returned by a previous call to login.
* @param string $search_string - string to search
* @param string[] $modules - array of modules to query
* @param int $offset - a specified offset in the query
* @param int $max_results - max number of records to return
* @param string $assigned_user_id - a user id to filter all records by, leave empty to exclude the filter
* @param string[] $select_fields - An array of fields to return. If empty the default return fields will be from the active list view defs.
* @param bool $unified_search_only - A boolean indicating if we should only search against those modules participating in the unified search.
* @param bool $favorites - A boolean indicating if we should only search against records marked as favorites.
* @return Array return_search_result - Array('Accounts' => array(array('name' => 'first_name', 'value' => 'John', 'name' => 'last_name', 'value' => 'Do')))
* @exception 'SoapFault' -- The SOAP error, if any
*/
function search_by_module($session, $search_string, $modules, $offset, $max_results, $assigned_user_id = '', $select_fields = array(), $unified_search_only = TRUE, $favorites = FALSE)
{
$GLOBALS['log']->info('Begin: SugarWebServiceImpl->search_by_module');
global $beanList, $beanFiles;
global $sugar_config, $current_language;
$error = new SoapError();
$output_list = array();
if (!self::$helperObject->checkSessionAndModuleAccess($session, 'invalid_session', '', '', '', $error)) {
$error->set_error('invalid_login');
$GLOBALS['log']->error('End: SugarWebServiceImpl->search_by_module - FAILED on checkSessionAndModuleAccess');
return;
}
global $current_user;
if ($max_results > 0) {
$sugar_config['list_max_entries_per_page'] = $max_results;
}
require_once 'modules/Home/UnifiedSearchAdvanced.php';
require_once 'include/utils.php';
$usa = new UnifiedSearchAdvanced();
if (!file_exists($cachefile = sugar_cached('modules/unified_search_modules.php'))) {
$usa->buildCache();
}
include $cachefile;
$modules_to_search = array();
$unified_search_modules['Users'] = array('fields' => array());
$unified_search_modules['ProjectTask'] = array('fields' => array());
//If we are ignoring the unified search flag within the vardef we need to re-create the search fields. This allows us to search
//against a specific module even though it is not enabled for the unified search within the application.
if (!$unified_search_only) {
foreach ($modules as $singleModule) {
if (!isset($unified_search_modules[$singleModule])) {
$newSearchFields = array('fields' => self::$helperObject->generateUnifiedSearchFields($singleModule));
$unified_search_modules[$singleModule] = $newSearchFields;
}
}
}
foreach ($unified_search_modules as $module => $data) {
if (in_array($module, $modules)) {
$modules_to_search[$module] = $beanList[$module];
}
// if
}
// foreach
$GLOBALS['log']->info('SugarWebServiceImpl->search_by_module - search string = ' . $search_string);
if (!empty($search_string) && isset($search_string)) {
$search_string = trim($GLOBALS['db']->quote(securexss(from_html(clean_string($search_string, 'UNIFIED_SEARCH')))));
foreach ($modules_to_search as $name => $beanName) {
$where_clauses_array = array();
$unifiedSearchFields = array();
foreach ($unified_search_modules[$name]['fields'] as $field => $def) {
$unifiedSearchFields[$name][$field] = $def;
$unifiedSearchFields[$name][$field]['value'] = $search_string;
}
require_once $beanFiles[$beanName];
$seed = new $beanName();
require_once 'include/SearchForm/SearchForm2.php';
if ($beanName == "User" || $beanName == "ProjectTask") {
if (!self::$helperObject->check_modules_access($current_user, $seed->module_dir, 'read')) {
continue;
}
// if
if (!$seed->ACLAccess('ListView')) {
continue;
}
// if
}
if ($beanName != "User" && $beanName != "ProjectTask") {
$searchForm = new SearchForm($seed, $name);
$searchForm->setup(array($name => array()), $unifiedSearchFields, '', 'saved_views');
$where_clauses = $searchForm->generateSearchWhere();
require_once 'include/SearchForm/SearchForm2.php';
$searchForm = new SearchForm($seed, $name);
$searchForm->setup(array($name => array()), $unifiedSearchFields, '', 'saved_views');
$where_clauses = $searchForm->generateSearchWhere();
$emailQuery = false;
$where = '';
if (count($where_clauses) > 0) {
$where = '(' . implode(' ) OR ( ', $where_clauses) . ')';
}
$mod_strings = return_module_language($current_language, $seed->module_dir);
if (count($select_fields) > 0) {
$filterFields = $select_fields;
} else {
if (file_exists('custom/modules/' . $seed->module_dir . '/metadata/listviewdefs.php')) {
require_once 'custom/modules/' . $seed->module_dir . '/metadata/listviewdefs.php';
} else {
require_once 'modules/' . $seed->module_dir . '/metadata/listviewdefs.php';
}
$filterFields = array();
foreach ($listViewDefs[$seed->module_dir] as $colName => $param) {
if (!empty($param['default']) && $param['default'] == true) {
$filterFields[] = strtolower($colName);
}
}
if (!in_array('id', $filterFields)) {
$filterFields[] = 'id';
}
}
//Pull in any db fields used for the unified search query so the correct joins will be added
$selectOnlyQueryFields = array();
foreach ($unifiedSearchFields[$name] as $field => $def) {
if (isset($def['db_field']) && !in_array($field, $filterFields)) {
$filterFields[] = $field;
$selectOnlyQueryFields[] = $field;
}
}
//Add the assigned user filter if applicable
if (!empty($assigned_user_id) && isset($seed->field_defs['assigned_user_id'])) {
$ownerWhere = $seed->getOwnerWhere($assigned_user_id);
$where = "({$where}) AND {$ownerWhere}";
}
if ($beanName == "Employee") {
$where = "({$where}) AND users.deleted = 0 AND users.is_group = 0 AND users.employee_status = 'Active'";
}
$list_params = array();
$ret_array = $seed->create_new_list_query('', $where, $filterFields, $list_params, 0, '', true, $seed, true);
if (empty($params) or !is_array($params)) {
$params = array();
}
if (!isset($params['custom_select'])) {
$params['custom_select'] = '';
}
if (!isset($params['custom_from'])) {
$params['custom_from'] = '';
}
if (!isset($params['custom_where'])) {
$params['custom_where'] = '';
}
if (!isset($params['custom_order_by'])) {
$params['custom_order_by'] = '';
}
$main_query = $ret_array['select'] . $params['custom_select'] . $ret_array['from'] . $params['custom_from'] . $ret_array['where'] . $params['custom_where'] . $ret_array['order_by'] . $params['custom_order_by'];
} else {
if ($beanName == "User") {
$filterFields = array('id', 'user_name', 'first_name', 'last_name', 'email_address');
$main_query = "select users.id, ea.email_address, users.user_name, first_name, last_name from users ";
$main_query = $main_query . " LEFT JOIN email_addr_bean_rel eabl ON eabl.bean_module = '{$seed->module_dir}'\n LEFT JOIN email_addresses ea ON (ea.id = eabl.email_address_id) ";
$main_query = $main_query . "where ((users.first_name like '{$search_string}') or (users.last_name like '{$search_string}') or (users.user_name like '{$search_string}') or (ea.email_address like '{$search_string}')) and users.deleted = 0 and users.is_group = 0 and users.employee_status = 'Active'";
}
// if
if ($beanName == "ProjectTask") {
$filterFields = array('id', 'name', 'project_id', 'project_name');
$main_query = "select {$seed->table_name}.project_task_id id,{$seed->table_name}.project_id, {$seed->table_name}.name, project.name project_name from {$seed->table_name} ";
$seed->add_team_security_where_clause($main_query);
$main_query .= "LEFT JOIN teams ON {$seed->table_name}.team_id=teams.id AND (teams.deleted=0) ";
$main_query .= "LEFT JOIN project ON {$seed->table_name}.project_id = project.id ";
$main_query .= "where {$seed->table_name}.name like '{$search_string}%'";
}
// if
}
// else
$GLOBALS['log']->info('SugarWebServiceImpl->search_by_module - query = ' . $main_query);
if ($max_results < -1) {
$result = $seed->db->query($main_query);
} else {
if ($max_results == -1) {
$limit = $sugar_config['list_max_entries_per_page'];
} else {
$limit = $max_results;
}
$result = $seed->db->limitQuery($main_query, $offset, $limit + 1);
}
$rowArray = array();
while ($row = $seed->db->fetchByAssoc($result)) {
$nameValueArray = array();
foreach ($filterFields as $field) {
if (in_array($field, $selectOnlyQueryFields)) {
continue;
}
$nameValue = array();
if (isset($row[$field])) {
$nameValueArray[$field] = self::$helperObject->get_name_value($field, $row[$field]);
}
// if
}
// foreach
$rowArray[] = $nameValueArray;
}
// while
$output_list[] = array('name' => $name, 'records' => $rowArray);
}
// foreach
$GLOBALS['log']->info('End: SugarWebServiceImpl->search_by_module');
return array('entry_list' => $output_list);
}
// if
return array('entry_list' => $output_list);
}
function update($nom, $comment, $id_pclass = 0)
{
global $dbh;
global $msg;
global $include_path;
global $thesaurus_classement_mode_pmb, $thesaurus_classement_defaut;
global $thesaurus_concepts_active;
if (!$nom) {
return false;
}
// nettoyage de la chaîne en entrée
$nom = clean_string($nom);
if ($thesaurus_classement_mode_pmb == 0 || $id_pclass == 0) {
$id_pclass = $thesaurus_classement_defaut;
}
$requete = "SET indexint_name='{$nom}', ";
$requete .= "indexint_comment='{$comment}', ";
$requete .= "num_pclass='{$id_pclass}', ";
$requete .= "index_indexint=' " . strip_empty_words($nom . " " . $comment) . " '";
if ($this->indexint_id) {
// update
$requete = 'UPDATE indexint ' . $requete;
$requete .= ' WHERE indexint_id=' . $this->indexint_id . ' LIMIT 1;';
if (pmb_mysql_query($requete, $dbh)) {
$aut_link = new aut_link(AUT_TABLE_INDEXINT, $this->indexint_id);
$aut_link->save_form();
$aut_pperso = new aut_pperso("indexint", $this->indexint_id);
$aut_pperso->save_form();
indexint::update_index($this->indexint_id);
audit::insert_modif(AUDIT_INDEXINT, $this->indexint_id);
} else {
require_once "{$include_path}/user_error.inc.php";
warning($msg[indexint_update], $msg[indexint_unable]);
return FALSE;
}
} else {
// création : s'assurer que le nom n'existe pas déjà
$dummy = "SELECT * FROM indexint WHERE indexint_name = '" . $nom . "' and num_pclass='" . $id_pclass . "' LIMIT 1 ";
$check = pmb_mysql_query($dummy, $dbh);
if (pmb_mysql_num_rows($check)) {
require_once "{$include_path}/user_error.inc.php";
warning($msg[indexint_create], $msg[indexint_exists]);
return FALSE;
}
$requete = 'INSERT INTO indexint ' . $requete . ';';
if (pmb_mysql_query($requete, $dbh)) {
$this->indexint_id = pmb_mysql_insert_id();
$aut_link = new aut_link(AUT_TABLE_INDEXINT, $this->indexint_id);
$aut_link->save_form();
$aut_pperso = new aut_pperso("indexint", $this->indexint_id);
$aut_pperso->save_form();
audit::insert_creation(AUDIT_INDEXINT, $this->indexint_id);
} else {
require_once "{$include_path}/user_error.inc.php";
warning($msg[indexint_create], $msg[indexint_unable_create]);
return FALSE;
}
}
// Indexation concepts
if ($thesaurus_concepts_active == 1) {
$index_concept = new index_concept($this->indexint_id, TYPE_INDEXINT);
$index_concept->save();
}
// Mise à jour des vedettes composées contenant cette autorité
vedette_composee::update_vedettes_built_with_element($this->indexint_id, "indexint");
return TRUE;
}
}
//If there were any errors, call the function to display errors
if (strlen($error_message) > 0) {
displayError($error_message);
}
//Construct the email message
$email_to = "rie1211@gmail.com,josh.d.henry@gmail.com";
$email_subject = "A wedding guest has made a reservation!";
$email_message = "Form details below.\n\n";
$email_message .= "Name: " . clean_string($name) . "\n";
$email_message .= "Email: " . clean_string($email_from) . "\n";
$email_message .= "Will attend: " . clean_string($willAttend) . "\n";
$email_message .= "Total attending: " . clean_string($totalAttending) . "\n";
$email_message .= "How many over age 21?: " . clean_string($over21) . "\n";
$email_message .= "How many under age 12?: " . clean_string($under12) . "\n";
$email_message .= "Questions, comments, or dietary restrictions: " . clean_string($comments) . "\n";
//Create email headers
$headers = 'From: ' . $email_from . "\r\n" . 'Reply-To: ' . $email_from . "\r\n" . 'X-Mailer: PHP/' . phpversion();
//Send email
mail($email_to, $email_subject, $email_message);
?>
<!-- success html below -->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=us-ascii" />
<meta name="description" content= "Enter your description here so that you can take advantage of search engine optimization." />
<meta name="keywords" content= "keywords, are, always, good, to have, and use, so that, you are, seen in the, search engines, and people, will come, to your, web site, then buy, what you, are selling, or saying" />
<meta name="author" content="Josh Henry" />
<link rel="stylesheet" type="text/css" href="style.css" media="all" />
<title>
