/**
* Called when a user requests to logout
*
* Override default behavior. Redirect user to special "Logged Out" page in
* order to prevent automatic logging in.
*/
public function logout()
{
session_destroy();
ob_clean();
header('Location: index.php?module=Users&action=LoggedOut');
sugar_cleanup(true);
}
public function pre_save()
{
require_once 'include/upload_file.php';
$upload_file = new UploadFile('filename_file');
if (isset($_FILES['filename_file']) && $upload_file->confirm_upload()) {
$filename = $upload_file->get_stored_file_name();
$file_ext = $upload_file->file_ext;
if (empty($this->bean->id)) {
$this->bean->id = create_guid();
$this->bean->new_with_id = true;
}
$account = null;
if (isset($_POST['xphotobucketaccount_id'])) {
$account = BeanFactory::getBean('xPhotobucketAccounts', $_POST['xphotobucketaccount_id']);
}
// $resp = $account->upload_media('image', $upload_file->temp_file_location, "{$this->bean->id}.{$file_ext}", $_POST['name']);
$resp = $account->upload_media('base64', base64_encode(file_get_contents($upload_file->temp_file_location)), "{$this->bean->id}.{$file_ext}", $_POST['name']);
$this->bean->browse_url = $resp['browseurl'];
$this->bean->image_url = $resp['url'];
$this->bean->thumb_url = $resp['thumb'];
} else {
echo "Upload file error";
sugar_cleanup(true);
}
parent::pre_save();
}
public function preDisplay()
{
if (!$this->bean->ACLAccess('edit')) {
ACLController::displayNoAccess();
sugar_cleanup(true);
}
}
function listViewProcess()
{
$GLOBALS['log'] = LoggerManager::getLogger('SugarCRM');
global $sugar_config;
global $current_user;
global $app_strings;
global $timedate;
$type = clean_string($_REQUEST['module']);
$db = DBManagerFactory::getInstance();
/* $query = $_REQUEST['query'];
if($query){
$ret_array = generateSearchWhere($type, $_REQUEST['current_post']);
$w = $ret_array['where'];
$where = "IN ( SELECT id from grouplists WHERE ".$w .")";
}
else{
$where = '';
} */
/*$ids = $_REQUEST['uid'];
if($ids) {
$ids = explode(',', $ids);
$ids = "'" . implode("','", $ids) . "'";
$where = "in ($ids)";
}
else if (isset($_REQUEST['all']) ){
$where = '';//get all
} else {
if(!empty($_REQUEST['current_post'])) {
$ret_array = generateSearchWhere($type, $_REQUEST['current_post']);
$w = $ret_array['where'];
$where = "IN ( SELECT id from grouplists WHERE ".$w .")";
} else {
$where = '';
}
}*/
$focus = new GroupLists();
// $query = $focus->create_new_list_query($order_by, $where,$filter=array(),$params=array(), $show_deleted = 0,$join_type='', $return_array = false, $parentbean=null, $singleSelect = false);
$query = $focus->{$start_date} = $_REQUEST['start_date'];
$end_date = $_REQUEST['end_date'];
$template = file_get_contents('modules/GroupLists/tpls/report.tpl');
$template = str_replace('{START}', $start_date, $template);
$template = str_replace('{END}', $end_date, $template);
$template = str_replace('{LIST_GIT}', $focus->get_GIT_to_report($where), $template);
$template = str_replace('{LIST_FIT}', $focus->get_FIT_to_report($where), $template);
$size = strlen($template);
$filename = "DS KHACH DI TOUR TU " . $start_date . " DEN " . $end_date . ".doc";
ob_end_clean();
header("Cache-Control: private");
header("Content-Type: application/force-download;");
header("Content-Disposition:attachment; filename=\"{$filename}\"");
header("Content-length:{$size}");
echo $template;
ob_flush();
// header("Location: index.php?module=GroupLists&action=index");
sugar_cleanup(true);
}
/**
* Die with status code 403 Forbidden as the request was understood but is refusing to fulfill it.
* @param $message
*/
private function sugarDie($message)
{
@header("HTTP/1.0 403 Forbidden");
@header("Status: 403 Forbidden");
sugar_cleanup();
echo $message;
die;
}
function back()
{
ob_clean();
if (!empty($_SESSION['studio']['module'])) {
header('Location: index.php?action=wizard&module=Studio&wizard=SelectModuleAction');
sugar_cleanup(true);
}
header('Location: index.php?action=wizard&module=Studio&wizard=StudioWizard');
sugar_cleanup(true);
}
public function display()
{
if (!isset($this->view_object_map['jsonData']) || !is_array($this->view_object_map['jsonData'])) {
$GLOBALS['log']->fatal("JSON data has not been passed from Calendar controller");
sugar_cleanup(true);
}
$jsonData = $this->view_object_map['jsonData'];
ob_clean();
echo json_encode($jsonData);
}
function action_editview()
{
$this->view = 'edit';
$GLOBALS['view'] = $this->view;
if (!empty($_REQUEST['deleteAttachment'])) {
ob_clean();
echo $this->bean->deleteAttachment($_REQUEST['isDuplicate']) ? 'true' : 'false';
sugar_cleanup(true);
}
}
function preDisplay()
{
$this->sugarpdfBean = SugarpdfFactory::loadSugarpdf($this->sugarpdf, $this->module, $this->bean, $this->view_object_map);
// ACL control
if (!empty($this->bean) && !$this->bean->ACLAccess($this->sugarpdfBean->aclAction)) {
ACLController::displayNoAccess(true);
sugar_cleanup(true);
}
if (isset($this->errors)) {
$this->sugarpdfBean->errors = $this->errors;
}
}
/**
* notify
* Soap implementation to notify the soap clients of a resource management error
* @param msg String message to possibly display
*/
public function notify($msg = '')
{
header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error');
header('Content-Type: text/xml; charset="ISO-8859-1"');
$error = new SoapError();
$error->set_error('resource_management_error');
//Override the description
$error->description = $msg;
$this->soapServer->methodreturn = array('result' => $msg, 'error' => $error->get_soap_array());
$this->soapServer->serialize_return();
$this->soapServer->send_response();
sugar_cleanup(true);
}
function display()
{
$focus = BeanFactory::getBean('Notifications', empty($_REQUEST['record']) ? "" : $_REQUEST['record']);
if (!empty($focus->id)) {
//Mark as read.
$focus->is_read = true;
$focus->save(FALSE);
}
$results = array('contents' => $this->_formatNotificationForDisplay($focus));
$json = getJSONobj();
$out = $json->encode($results);
ob_clean();
print $out;
sugar_cleanup(true);
}
protected function action_delete()
{
global $current_user;
//do any pre delete processing
//if there is some custom logic for deletion.
if (!empty($_REQUEST['record'])) {
if (!is_admin($current_user) && $this->bean->assigned_user_id != $current_user->id) {
ACLController::displayNoAccess(true);
sugar_cleanup(true);
}
$this->bean->mark_deleted($_REQUEST['record']);
} else {
sugar_die("A record number must be specified to delete");
}
}
function action_import()
{
if (!empty($_REQUEST['ebay_account_name'])) {
$name = $_REQUEST['ebay_account_name'];
$bean = BeanFactory::getBean('xeBayAccounts');
$accounts = $bean->get_accounts($name);
}
$categories = new GetCategories();
foreach ($accounts as $id => $authToken) {
$count = $categories->retrieveCategories(array('AccountID' => $id, 'AuthToken' => $authToken));
}
if (isset($_REQUEST['return_module']) && isset($_REQUEST['return_action']) && isset($_REQUEST['return_id'])) {
$this->redirect_url = "index.php?module={$_REQUEST['return_module']}&action={$_REQUEST['return_action']}&record={$_REQUEST['return_id']}";
} else {
sugar_cleanup(true);
}
}
protected function action_removeAllRecurrences()
{
if (!empty($this->bean->repeat_parent_id)) {
$id = $this->bean->repeat_parent_id;
$this->bean->retrieve($id);
} else {
$id = $this->bean->id;
}
if (!$this->bean->ACLAccess('Delete')) {
ACLController::displayNoAccess(true);
sugar_cleanup(true);
}
require_once "modules/Calendar/CalendarUtils.php";
CalendarUtils::markRepeatDeleted($this->bean);
$this->bean->mark_deleted($id);
header("Location: index.php?module=Meetings");
}
function action_photobucketlogin()
{
$module = !empty($this->return_module) ? $this->return_module : $this->module;
$action = !empty($this->return_action) ? $this->return_action : 'DetailView';
$url = "index.php?module=" . $module . "&action=" . $action;
if (!empty($_REQUEST['record'])) {
$url .= "&record=" . $_REQUEST['record'];
}
$request_token = $this->bean->get_request_token();
if ($request_token === false) {
sugar_cleanup(true);
}
if (!empty($_REQUEST['name'])) {
$url .= "&name=" . $_REQUEST['name'];
}
$url .= "&{$request_token}";
$this->set_redirect($url);
}
function process($option)
{
switch ($option) {
case 'SelectModuleWizard':
require_once 'modules/Studio/wizards/' . $option . '.php';
$newWiz = new $option();
$newWiz->display();
break;
case 'EditDropDownWizard':
require_once 'modules/Studio/wizards/' . $option . '.php';
$newWiz = new $option();
$newWiz->display();
break;
case 'ConfigureTabs':
header('Location: index.php?module=Administration&action=ConfigureTabs');
sugar_cleanup(true);
case 'RenameTabs':
$_REQUEST['dropdown_name'] = 'moduleList';
require_once 'modules/Studio/wizards/EditDropDownWizard.php';
$newWiz = new EditDropDownWizard();
$newWiz->process('EditDropdown');
break;
case 'ConfigureGroupTabs':
require_once 'modules/Studio/TabGroups.php';
break;
case 'Workflow':
header('Location: index.php?module=WorkFlow&action=ListView');
sugar_cleanup(true);
case 'Portal':
header('Location: index.php?module=iFrames&action=index');
sugar_cleanup(true);
case 'RepairCustomFields':
header('Location: index.php?module=Administration&action=UpgradeFields');
sugar_cleanup(true);
case 'MigrateCustomFields':
header('LOCATION: index.php?module=Administration&action=Development');
sugar_cleanup(true);
case 'Classic':
header('Location: index.php?module=DynamicLayout&action=index');
sugar_cleanup(true);
default:
$this->display();
}
}
function display()
{
global $popupMeta, $mod_strings;
if ($this->bean instanceof SugarBean && !$this->bean->ACLAccess('list')) {
ACLController::displayNoAccess();
sugar_cleanup(true);
}
if (isset($_REQUEST['metadata']) && strpos($_REQUEST['metadata'], "..") !== false) {
ACLController::displayNoAccess();
sugar_cleanup(true);
}
$popupMeta = SugarAutoLoader::loadPopupMeta($this->module, isset($_REQUEST['metadata']) ? $_REQUEST['metadata'] : null);
$defs = $this->loadWithPopup('listviewdefs');
if (is_array($defs)) {
$listViewDefs[$this->module] = $defs;
} elseif (!empty($defs)) {
require $defs;
}
$defs = $this->loadWithPopup('searchdefs');
if (is_array($defs)) {
$searchdefs[$this->module]['layout']['advanced_search'] = $defs;
} elseif (!empty($defs)) {
require $defs;
}
if (!empty($this->bean) && isset($_REQUEST[$this->module . '2_' . strtoupper($this->bean->object_name) . '_offset'])) {
//if you click the pagination button, it will populate the search criteria here
if (!empty($_REQUEST['current_query_by_page'])) {
$blockVariables = array('mass', 'uid', 'massupdate', 'delete', 'merge', 'selectCount', 'lvso', 'sortOrder', 'orderBy', 'request_data', 'current_query_by_page');
$current_query_by_page = unserialize(base64_decode($_REQUEST['current_query_by_page']));
foreach ($current_query_by_page as $search_key => $search_value) {
if ($search_key != $this->module . '2_' . strtoupper($this->bean->object_name) . '_offset' && !in_array($search_key, $blockVariables)) {
$_REQUEST[$search_key] = $GLOBALS['db']->quote($search_value);
}
}
}
}
foreach (SugarAutoLoader::existing('modules/' . $this->module . '/Popup_picker.php', 'include/Popups/Popup_picker.php') as $file) {
require_once $file;
break;
}
$popup = new Popup_Picker();
$popup->_hide_clear_button = true;
echo $popup->process_page();
}
/**
* Creates a new Popup_Picker object. Controls displaying of single select and multi select popups
*
*/
function Popup_Picker()
{
global $currentModule, $popupMeta;
// cn: bug 12269 - directory navigation attack - detect and stop.
if (isset($_REQUEST['metadata']) && strpos($_REQUEST['metadata'], "..") !== false) {
ACLController::displayNoAccess();
sugar_cleanup(true);
}
if (empty($popupMeta)) {
$popupMeta = SugarAutoLoader::loadPopupMeta($currentModule, isset($_REQUEST['metadata']) ? $_REQUEST['metadata'] : null);
}
$this->_popupMeta = $popupMeta;
require_once 'modules/' . $currentModule . '/' . $this->_popupMeta['moduleMain'] . '.php';
if (isset($this->_popupMeta['create']['formBase']) && isset($_REQUEST['create']) && $_REQUEST['create'] == 'true') {
// include create form
require_once 'modules/' . $currentModule . '/' . $this->_popupMeta['create']['formBase'];
$this->_create = true;
}
}
function action_connectnow()
{
$module = !empty($this->return_module) ? $this->return_module : $this->module;
$action = !empty($this->return_action) ? $this->return_action : 'DetailView';
$url = "index.php?module=" . $module . "&action=" . $action;
if (!empty($_REQUEST['record'])) {
$url .= "&record=" . $_REQUEST['record'];
}
$x = new GetSessionID();
$session_id = $x->dispatchCall(array());
if ($session_id === false) {
sugar_cleanup(true);
}
if (!empty($_REQUEST['name'])) {
$url .= "&name=" . $_REQUEST['name'];
}
$url .= "&session_id=" . $session_id;
$this->set_redirect($url);
}
/**
* Action SaveActivity
*/
protected function action_saveactivity()
{
$this->view = 'json';
if (!$this->retrieveCurrentBean('Save')) {
return;
}
$module = $this->currentBean->module_dir;
$bean = $this->currentBean;
$path = "modules/{$bean->module_dir}/{$bean->object_name}FormBase.php";
if (!SugarAutoLoader::fileExists($path)) {
$GLOBALS['log']->fatal("File {$bean->object_name}FormBase.php doesn't exist");
sugar_cleanup(true);
}
require_once $path;
$FBObjectName = "{$bean->object_name}FormBase";
if (!class_exists($FBObjectName)) {
$GLOBALS['log']->fatal("Class {$bean->object_name}FormBase doesn't exist");
sugar_cleanup(true);
}
$formBase = new $FBObjectName();
$isRecurring = false;
if ($formBase->prepareRecurring()) {
if ($limit = $formBase->checkRecurringLimitExceeded()) {
$this->view_object_map['jsonData'] = $jsonData = array('access' => 'yes', 'limit_error' => 'true', 'limit' => $limit);
return;
}
$isRecurring = true;
}
$bean = $formBase->handleSave('', false, false);
if ($record = $bean->id) {
$bean->retrieve($record);
$jsonData = CalendarUtils::getBeanDataArray($bean);
if ($isRecurring) {
$jsonData = array_merge($jsonData, array('repeat' => $formBase->getRecurringCreated()));
}
if (!empty($_REQUEST['edit_all_recurrences'])) {
$jsonData['edit_all_recurrences'] = 'true';
}
} else {
$jsonData = array('access' => 'no');
}
$this->view_object_map['jsonData'] = $jsonData;
}
function display()
{
global $beanList;
$module = $GLOBALS['module'];
$json = getJSONobj();
$bean = $this->bean;
$all_fields = array_merge($bean->column_fields, $bean->additional_column_fields);
$js_fields_arr = array();
foreach ($all_fields as $field) {
if (isset($bean->{$field})) {
$bean->{$field} = from_html($bean->{$field});
$bean->{$field} = preg_replace('/\\r\\n/', '<BR>', $bean->{$field});
$bean->{$field} = preg_replace('/\\n/', '<BR>', $bean->{$field});
$js_fields_arr[$field] = addslashes($bean->{$field});
}
}
$out = $json->encode($js_fields_arr, true);
ob_clean();
print $out;
sugar_cleanup(true);
}
function process($option)
{
switch ($option) {
case 'ViewCustomFields':
parent::process($option);
require_once 'modules/Studio/EditCustomFields/ListView.php';
break;
case 'CreateCustomFields':
if (empty($_REQUEST['to_pdf'])) {
parent::process($option);
}
require_once 'modules/Studio/EditCustomFields/EditView.php';
break;
case 'SaveCustomField':
require_once 'modules/Studio/EditCustomFields/Save.php';
break;
case 'DeleteCustomField':
require_once 'modules/Studio/EditCustomFields/Delete.php';
break;
case 'EditCustomField':
parent::process($option);
require_once 'modules/Studio/EditCustomFields/EditView.php';
break;
case 'ClearCache':
require_once 'modules/DynamicFields/DynamicField.php';
DynamicField::deleteCache();
echo '<script>YAHOO.util.Event.addListener(window, "load", function(){ajaxStatus.showStatus("cache cleared");window.setTimeout(\'ajaxStatus.hideStatus();\', 2000);});</script>';
parent::process($option);
break;
case 'RepairCustomFields':
header('Location: index.php?module=Administration&action=UpgradeFields');
sugar_cleanup(true);
default:
parent::process($option);
}
}
function handleSave($prefix, $redirect = true, $useRequired = false)
{
require_once 'modules/Paper/Paper.php';
require_once 'log4php/LoggerManager.php';
require_once 'include/formbase.php';
require_once 'include/TimeDate.php';
require_once 'include/upload_file.php';
require_once 'config.php';
global $sugar_config;
$timedate = new TimeDate();
$focus = new Paper();
/*if($useRequired && !checkRequired($prefix, array_keys($focus->required_fields))){
return null;
}*/
$focus = populateFromPost($prefix, $focus);
if (!ACLController::checkAccess($focus->module_dir, 'edit', $focus->isOwner($current_user->id))) {
ACLController::displayNoAccess(true);
}
$upload_file = new UploadFile('uploadfile');
if (isset($_FILES['uploadfile']) && $upload_file->confirm_upload()) {
$focus->stored_file_name = $upload_file->get_stored_file_name();
$focus->imagename = $upload_file->get_stored_file_name();
$focus->imagepath = $sugar_config['upload_dir'] . $return_id . $upload_file->get_stored_file_name();
$do_final_move = 1;
}
if (!isset($_REQUEST['active'])) {
$focus->active = 'off';
}
if (!$focus->ACLAccess('Save')) {
ACLController::displayNoAccess(true);
sugar_cleanup(true);
}
//Goodwill
if (empty($_POST['record']) && empty($_POST['dup_checked'])) {
$duplicatePaper = $this->checkForDuplicates($prefix);
if (isset($duplicatePaper)) {
//$GLOBALS['log']->info("Duplicate Product:".$duplicateProducts['id']);
$this->handleRedirect($return_id, "Paper");
return null;
}
}
//End Goodwill
$return_id = $focus->save();
if ($do_final_move) {
$upload_file->final_move($return_id);
$focus->stored_file_name = $sugar_config['upload_dir'] . $return_id . $upload_file->get_stored_file_name();
$focus->imagename = $upload_file->get_stored_file_name();
$focus->imagepath = $sugar_config['upload_dir'] . $return_id . $upload_file->get_stored_file_name();
$focus->save();
//echo "dir:".$sugar_config['upload_dir']."<br/>";
//echo $focus->imagepath."<br/>";
}
$paper_id = $return_id;
$pref_supplier_id = $focus->pref_supplier_id;
$result = $focus->db->query("SELECT count(*) AS the_count FROM papers_relation WHERE material_id = '{$paper_id}' AND relation_id = '{$pref_supplier_id}'");
$row = $focus->db->fetchByAssoc($result, -1, true);
$row_count = $row['the_count'];
if ($row_count == 0) {
$id = create_guid();
$result = $focus->db->query("INSERT INTO papers_relation (id, paper_id, relation_id, relation_type, deleted) VALUES ('{$id}','{$paper_id}','{$pref_supplier_id}','Suppliers', '0')");
}
//echo "Saved record with id of ".$return_id;
$GLOBALS['log']->debug("Saved record with id of " . $return_id);
if ($redirect) {
handleRedirect($return_id, "Paper");
} else {
return $focus;
}
}
* Portions created by SugarCRM are Copyright (C) SugarCRM, Inc.
* All Rights Reserved.
* Contributor(s): ______________________________________..
********************************************************************************/
require_once 'include/entryPoint.php';
// logic will be added here at a later date to track campaigns
// this script; currently forwards to site_URL variable of $sugar_config
// redirect URL will also be added so specified redirect URL can be used
// additionally, another script using fopen will be used to call this
// script externally
require_once 'modules/Campaigns/utils.php';
if (!empty($_REQUEST['identifier'])) {
$keys = log_campaign_activity($_REQUEST['identifier'], 'link');
}
if (empty($_REQUEST['track'])) {
$track = "";
} else {
$track = $_REQUEST['track'];
}
$track = $db->quote($track);
if (preg_match('/^[0-9A-Za-z\\-]*$/', $track)) {
$query = "SELECT refer_url FROM campaigns WHERE tracker_key='{$track}'";
$res = $db->query($query);
$row = $db->fetchByAssoc($res);
$redirect_URL = $row['refer_url'];
sugar_cleanup();
header("Location: {$redirect_URL}");
} else {
sugar_cleanup();
}
exit;
<?php
if (!defined('sugarEntry') || !sugarEntry) {
die('Not A Valid Entry Point');
}
require_once 'modules/Destinations/Destination.php';
require_once 'include/formbase.php';
require_once 'include/upload_file.php';
$focus = new Destination();
$focus->retrieve($_POST['record']);
if (!$focus->ACLAccess('Save')) {
ACLController::displayNoAccess(true);
sugar_cleanup(true);
}
if (!empty($_POST['assigned_user_id']) && $focus->assigned_user_id != $_POST['assigned_user_id'] && $_POST['assigned_user_id'] != $current_user->id) {
$check_notify = TRUE;
} else {
$check_notify = FALSE;
}
foreach ($focus->column_fields as $field) {
if (isset($_POST[$field])) {
$value = $_POST[$field];
$focus->{$field} = $value;
}
}
foreach ($focus->additional_column_fields as $field) {
if (isset($_POST[$field])) {
$value = $_POST[$field];
$focus->{$field} = $value;
}
}
/**
* Call this method instead of die().
* Then we call the die method with the error message that is passed in.
*/
function sugar_die($error_message)
{
global $focus;
sugar_cleanup();
die($error_message);
}
/**
* This should be called when the bean is saved. The bean itself will be passed by reference
* @param SugarBean bean - the bean performing the save
* @param array params - an array of paramester relevant to the save, most likely will be $_REQUEST
*/
public function save(&$bean, $params, $field, $properties, $prefix = '')
{
if (isset($_POST["primary_" . $field . "_collection"])) {
$save = false;
$value_name = $field . "_values";
$link_field = array();
// populate $link_field from POST
foreach ($_POST as $name => $value) {
if (strpos($name, $field . "_collection_") !== false) {
$num = substr($name, -1);
if (is_numeric($num)) {
settype($num, 'int');
if (strpos($name, $field . "_collection_extra_") !== false) {
$extra_field = substr($name, $field . "_collection_extra_" . $num);
$link_field[$num]['extra_field'][$extra_field] = $value;
} else {
if ($name == $field . "_collection_" . $num) {
$link_field[$num]['name'] = $value;
} else {
if ($name == "id_" . $field . "_collection_" . $num) {
$link_field[$num]['id'] = $value;
}
}
}
}
}
}
// Set Primary
if (isset($_POST["primary_" . $field . "_collection"])) {
$primary = $_POST["primary_" . $field . "_collection"];
settype($primary, 'int');
$link_field[$primary]['primary'] = true;
}
// Create or update record and take care of the extra_field
require_once 'data/Link.php';
$class = load_link_class($bean->field_defs[$field]);
$link_obj = new $class($bean->field_defs[$field]['relationship'], $bean, $bean->field_defs[$field]);
$module = $link_obj->getRelatedModuleName();
foreach ($link_field as $k => $v) {
$save = false;
$update_fields = array();
$obj = BeanFactory::getBean($module);
if (!isset($link_field[$k]['name']) || empty($link_field[$k]['name'])) {
// There is no name so it is an empty record -> ignore it!
unset($link_field[$k]);
break;
}
if (!isset($link_field[$k]['id']) || empty($link_field[$k]['id']) || isset($_POST[$field . "_new_on_update"]) && $_POST[$field . "_new_on_update"] === 'true') {
// Create a new record
if (isset($_POST[$field . "_allow_new"]) && ($_POST[$field . "_allow_new"] === 'false' || $_POST[$field . "_allow_new"] === false)) {
// Not allow to create a new record so remove from $link_field
unset($link_field[$k]);
break;
}
if (!isset($link_field[$k]['id']) || empty($link_field[$k]['id'])) {
// There is no ID so it is a new record
$save = true;
$obj->name = $link_field[$k]['name'];
} else {
// We duplicate an existing record because new_on_update is set
$obj->retrieve($link_field[$k]['id']);
$obj->id = '';
$obj->name = $obj->name . '_DUP';
}
} else {
// id exist so retrieve the data
$obj->retrieve($link_field[$k]['id']);
}
// Update the extra field for the new or the existing record
if (isset($v['extra_field']) && is_array($v['extra_field'])) {
// Retrieve the changed fields
if (isset($_POST["update_fields_{$field}_collection"]) && !empty($_POST["update_fields_{$field}_collection"])) {
$JSON = getJSONobj();
$update_fields = $JSON->decode(html_entity_decode($_POST["update_fields_{$field}_collection"]));
}
// Update the changed fields
foreach ($update_fields as $kk => $vv) {
if (!isset($_POST[$field . "_allow_update"]) || $_POST[$field . "_allow_update"] !== 'false' && $_POST[$field . "_allow_update"] !== false) {
//allow to update the extra_field in the record
if (isset($v['extra_field'][$kk]) && $vv == true) {
$extra_field_name = str_replace("_" . $field . "_collection_extra_" . $k, "", $kk);
if ($obj->{$extra_field_name} != $v['extra_field'][$kk]) {
$save = true;
$obj->{$extra_field_name} = $v['extra_field'][$kk];
}
}
}
}
}
// Save the new or updated record
if ($save) {
if (!$obj->ACLAccess('save')) {
ACLController::displayNoAccess(true);
sugar_cleanup(true);
}
$obj->save();
$link_field[$k]['id'] = $obj->id;
}
}
// Save new relationship or delete deleted relationship
if (!empty($link_field)) {
if ($bean->load_relationship($field)) {
$oldvalues = $bean->{$field}->get(true);
$role_field = $bean->{$field}->_get_link_table_role_field($bean->{$field}->_relationship_name);
foreach ($link_field as $new_v) {
if (!empty($new_v['id'])) {
if (!empty($role_field)) {
if (isset($new_v['primary']) && $new_v['primary']) {
$bean->{$field}->add($new_v['id'], array($role_field => 'primary'));
} else {
$bean->{$field}->add($new_v['id'], array($role_field => 'NULL'));
}
} else {
$bean->{$field}->add($new_v['id'], array());
}
}
}
foreach ($oldvalues as $old_v) {
$match = false;
foreach ($link_field as $new_v) {
if ($new_v['id'] == $old_v['id']) {
$match = true;
}
}
if (!$match) {
$bean->{$field}->delete($bean->id, $old_v['id']);
}
}
}
}
}
}
/**
* pre_login
*
* This function allows the SugarAuthenticate subclasses to perform some pre login initialization as needed
*/
function pre_login()
{
if (isset($_SESSION['authenticated_user_id'])) {
ob_clean();
// fixing bug #46837: Previosly links/URLs to records in Sugar from MSO Excel/Word were referred to the home screen and not the record
// It used to appear when default browser was not MS IE
header("Location: " . $GLOBALS['app']->getLoginRedirect());
sugar_cleanup(true);
}
}
function display()
{
global $popupMeta, $mod_strings;
if ($this->bean instanceof SugarBean && !$this->bean->ACLAccess('list')) {
ACLController::displayNoAccess();
sugar_cleanup(true);
}
if (isset($_REQUEST['metadata']) && strpos($_REQUEST['metadata'], "..") !== false) {
die("Directory navigation attack denied.");
}
if (!empty($_REQUEST['metadata']) && $_REQUEST['metadata'] != 'undefined' && file_exists('custom/modules/' . $this->module . '/metadata/' . $_REQUEST['metadata'] . '.php')) {
require 'custom/modules/' . $this->module . '/metadata/' . $_REQUEST['metadata'] . '.php';
} elseif (!empty($_REQUEST['metadata']) && $_REQUEST['metadata'] != 'undefined' && file_exists('modules/' . $this->module . '/metadata/' . $_REQUEST['metadata'] . '.php')) {
require 'modules/' . $this->module . '/metadata/' . $_REQUEST['metadata'] . '.php';
} elseif (file_exists('custom/modules/' . $this->module . '/metadata/popupdefs.php')) {
require 'custom/modules/' . $this->module . '/metadata/popupdefs.php';
} elseif (file_exists('modules/' . $this->module . '/metadata/popupdefs.php')) {
require 'modules/' . $this->module . '/metadata/popupdefs.php';
}
if (!empty($popupMeta) && !empty($popupMeta['listviewdefs'])) {
if (is_array($popupMeta['listviewdefs'])) {
//if we have an array, then we are not going to include a file, but rather the
//listviewdefs will be defined directly in the popupdefs file
$listViewDefs[$this->module] = $popupMeta['listviewdefs'];
} else {
//otherwise include the file
require_once $popupMeta['listviewdefs'];
}
} elseif (file_exists('custom/modules/' . $this->module . '/metadata/listviewdefs.php')) {
require_once 'custom/modules/' . $this->module . '/metadata/listviewdefs.php';
} elseif (file_exists('modules/' . $this->module . '/metadata/listviewdefs.php')) {
require_once 'modules/' . $this->module . '/metadata/listviewdefs.php';
}
//check for searchdefs as well
if (!empty($popupMeta) && !empty($popupMeta['searchdefs'])) {
if (is_array($popupMeta['searchdefs'])) {
//if we have an array, then we are not going to include a file, but rather the
//searchdefs will be defined directly in the popupdefs file
$searchdefs[$this->module]['layout']['advanced_search'] = $popupMeta['searchdefs'];
} else {
//otherwise include the file
require_once $popupMeta['searchdefs'];
}
} else {
if (empty($searchdefs) && file_exists('custom/modules/' . $this->module . '/metadata/searchdefs.php')) {
require_once 'custom/modules/' . $this->module . '/metadata/searchdefs.php';
} else {
if (empty($searchdefs) && file_exists('modules/' . $this->module . '/metadata/searchdefs.php')) {
require_once 'modules/' . $this->module . '/metadata/searchdefs.php';
}
}
}
//if you click the pagination button, it will populate the search criteria here
if (!empty($this->bean) && isset($_REQUEST[$this->module . '2_' . strtoupper($this->bean->object_name) . '_offset'])) {
if (!empty($_REQUEST['current_query_by_page'])) {
$blockVariables = array('mass', 'uid', 'massupdate', 'delete', 'merge', 'selectCount', 'sortOrder', 'orderBy', 'request_data', 'current_query_by_page');
$current_query_by_page = unserialize(base64_decode($_REQUEST['current_query_by_page']));
foreach ($current_query_by_page as $search_key => $search_value) {
if ($search_key != $this->module . '2_' . strtoupper($this->bean->object_name) . '_offset' && !in_array($search_key, $blockVariables)) {
if (!is_array($search_value)) {
$_REQUEST[$search_key] = securexss($search_value);
} else {
foreach ($search_value as $key => &$val) {
$val = securexss($val);
}
$_REQUEST[$search_key] = $search_value;
}
}
}
}
}
if (!empty($listViewDefs) && !empty($searchdefs)) {
require_once 'include/Popups/PopupSmarty.php';
$displayColumns = array();
$filter_fields = array();
$popup = new PopupSmarty($this->bean, $this->module);
foreach ($listViewDefs[$this->module] as $col => $params) {
$filter_fields[strtolower($col)] = true;
if (!empty($params['related_fields'])) {
foreach ($params['related_fields'] as $field) {
//id column is added by query construction function. This addition creates duplicates
//and causes issues in oracle. #10165
if ($field != 'id') {
$filter_fields[$field] = true;
}
}
}
if (!empty($params['default']) && $params['default']) {
$displayColumns[$col] = $params;
}
}
$popup->displayColumns = $displayColumns;
$popup->filter_fields = $filter_fields;
$popup->mergeDisplayColumns = true;
//check to see if popupdefs contains searchdefs
$popup->_popupMeta = $popupMeta;
$popup->listviewdefs = $listViewDefs;
$popup->searchdefs = $searchdefs;
if (isset($_REQUEST['query'])) {
$popup->searchForm->populateFromRequest();
}
$massUpdateData = '';
if (isset($_REQUEST['mass'])) {
foreach (array_unique($_REQUEST['mass']) as $record) {
$massUpdateData .= "<input style='display: none' checked type='checkbox' name='mass[]' value='{$record}'>\n";
}
}
$popup->massUpdateData = $massUpdateData;
$tpl = 'include/Popups/tpls/PopupGeneric.tpl';
if (file_exists($this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupGeneric.tpl"))) {
$tpl = $this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupGeneric.tpl");
}
if (file_exists($this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupHeader.tpl"))) {
$popup->headerTpl = $this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupHeader.tpl");
}
if (file_exists($this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupFooter.tpl"))) {
$popup->footerTpl = $this->getCustomFilePathIfExists("modules/{$this->module}/tpls/popupFooter.tpl");
}
$popup->setup($tpl);
//We should at this point show the header and javascript even if to_pdf is true.
//The insert_popup_header javascript is incomplete and shouldn't be relied on.
if (isset($this->options['show_all']) && $this->options['show_all'] == false) {
unset($this->options['show_all']);
$this->options['show_javascript'] = true;
$this->options['show_header'] = true;
$this->_displayJavascript();
}
insert_popup_header(null, false);
if (isset($this->override_popup['template_data']) && is_array($this->override_popup['template_data'])) {
$popup->th->ss->assign($this->override_popup['template_data']);
}
echo $popup->display();
} else {
if (file_exists('modules/' . $this->module . '/Popup_picker.php')) {
require_once 'modules/' . $this->module . '/Popup_picker.php';
} else {
require_once 'include/Popups/Popup_picker.php';
}
$popup = new Popup_Picker();
$popup->_hide_clear_button = true;
echo $popup->process_page();
}
}
function action_delete()
{
if (!empty($_REQUEST['record'])) {
if (!$this->bean->ACLAccess('Delete')) {
ACLController::displayNoAccess(true);
sugar_cleanup(true);
}
$this->bean->mark_deleted($_REQUEST['record']);
} else {
sugar_die("A record number must be specified to delete");
}
}