function run() { if (CRM_Utils_System::authenticateKey()) { $request_type = CRM_Utils_Request::retrieve('type', 'String'); $request_data = CRM_Utils_Request::retrieve('data', 'String'); $config = CRM_Core_Config::singleton(); if ($config->debug) { $request_data_log = print_r($request_data, TRUE); CRM_Core_Error::debug_log_message("Mailchimp Webhook Request [{$request_type}]: \n{$request_data_log}"); } $function_name = 'self::mailchimpWebhook' . ucwords($request_type); if (is_callable($function_name)) { // Set a canary to prevent CiviMailchimp hooks from firing, which // would trigger updates back to Mailchimp, resulting in an endless // loop. civimailchimp_static('mailchimp_do_not_run_hooks', TRUE); try { call_user_func($function_name, $request_data); } catch (Exception $e) { $error = array('code' => get_class($e), 'message' => $e->getMessage(), 'exception' => $e); $message = "Mailchimp Webhook Request [{$request_type}]: {$error['code']}: {$error['message']}"; CRM_CiviMailchimp_BAO_SyncLog::saveMessage('error', 'mailchimp_to_civicrm', $message, $request_data); CRM_Core_Error::debug_var('Fatal Error Details', $error); CRM_Core_Error::backtrace('backTrace', TRUE); throw $e; } } } parent::run(); }
public function execute($auth = TRUE) { $this->logEntry('Starting scheduled jobs execution'); if ($auth && !CRM_Utils_System::authenticateKey(TRUE)) { $this->logEntry('Could not authenticate the site key.'); } require_once 'api/api.php'; // it's not asynchronous at this stage foreach ($this->jobs as $job) { if ($job->is_active) { if ($job->needsRunning()) { $this->executeJob($job); } } } $this->logEntry('Finishing scheduled jobs execution.'); }
/** * @param bool $auth */ public function execute($auth = TRUE) { $this->logEntry('Starting scheduled jobs execution'); if ($auth && !CRM_Utils_System::authenticateKey(TRUE)) { $this->logEntry('Could not authenticate the site key.'); } require_once 'api/api.php'; // it's not asynchronous at this stage CRM_Utils_Hook::cron($this); foreach ($this->jobs as $job) { if ($job->is_active) { if ($job->needsRunning()) { $this->executeJob($job); } } } $this->logEntry('Finishing scheduled jobs execution.'); // Set last cron date for the status check $statusPref = array('name' => 'checkLastCron', 'check_info' => gmdate('U')); CRM_Core_BAO_StatusPreference::create($statusPref); }
/** * @return array|NULL * NULL if execution should proceed; array if the response is already known */ public function loadCMSBootstrap() { $requestParams = CRM_Utils_Request::exportValues(); $q = CRM_Utils_array::value('q', $requestParams); $args = explode('/', $q); // Proceed with bootstrap for "?entity=X&action=Y" // Proceed with bootstrap for "?q=civicrm/X/Y" but not "?q=civicrm/ping" if (!empty($q)) { if (count($args) == 2 && $args[1] == 'ping') { return NULL; // this is pretty wonky but maybe there's some reason I can't see } if (count($args) != 3) { return self::error('ERROR: Malformed REST path'); } if ($args[0] != 'civicrm') { return self::error('ERROR: Malformed REST path'); } // Therefore we have reasonably well-formed "?q=civicrm/X/Y" } if (!CRM_Utils_System::authenticateKey(FALSE)) { // FIXME: At time of writing, this doesn't actually do anything because // authenticateKey abends, but that's a bad behavior which sends a // malformed response. return self::error('Failed to authenticate key'); } $uid = NULL; if (!$uid) { $store = NULL; $api_key = CRM_Utils_Request::retrieve('api_key', 'String', $store, FALSE, NULL, 'REQUEST'); if (empty($api_key)) { return self::error("FATAL: mandatory param 'api_key' (user key) missing"); } $contact_id = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $api_key, 'id', 'api_key'); if ($contact_id) { $uid = CRM_Core_BAO_UFMatch::getUFId($contact_id); } } if ($uid) { CRM_Utils_System::loadBootStrap(array('uid' => $uid), TRUE, FALSE); return NULL; } else { return self::error('ERROR: No CMS user associated with given api-key'); } }
function handle( $config ) { // Get the function name being called from the q parameter in the query string $q = CRM_Utils_array::value( 'q', $_REQUEST ); $args = explode( '/', $q ); // If the function isn't in the civicrm namespace, reject the request. if ( $args[0] != 'civicrm' ) { return self::error( 'Unknown function invocation.' ); } // If the query string is malformed, reject the request. if ( ( count( $args ) != 3 ) && ( $args[1] != 'login' ) && ( $args[1] != 'ping') ) { return self::error( 'Unknown function invocation.' ); } // Everyone should be required to provide the server key, so the whole // interface can be disabled in more change to the configuration file. // This used to be done in the authenticate function, but that was bad...trust me // first check for civicrm site key if ( ! CRM_Utils_System::authenticateKey( false ) ) { $docLink = CRM_Utils_System::docURL2( "Command-line Script Configuration", true ); return self::error( 'Could not authenticate user, invalid site key. More info at: ' . $docLink ); } require_once 'CRM/Utils/Request.php'; $store = null; if ( $args[1] == 'login' ) { $name = CRM_Utils_Request::retrieve( 'name', 'String', $store, false, null, 'REQUEST' ); $pass = CRM_Utils_Request::retrieve( 'pass', 'String', $store, false, null, 'REQUEST' ); if ( empty( $name ) || empty( $pass ) ) { return self::error( 'Invalid name / password.' ); } return self::authenticate( $name, $pass ); } else if ($args[1] == 'ping' ) { return self::ping(); } // At this point we know we are not calling either login or ping (neither of which // require authentication prior to being called. Therefore, at this point we need // to make sure we're working with a trusted user. // There are two ways to check for a trusted user: // First: they can be someone that has a valid session currently // Second: they can be someone that has provided an API_Key $valid_user = false; // Check for valid session. Session ID's only appear here if you have // run the rest_api login function. That might be a problem for the // AJAX methods. $session = CRM_Core_Session::singleton(); if ($session->get('PHPSESSID') ) { $valid_user = true; } // If the user does not have a valid session (most likely to be used by people using // an ajax interface), we need to check to see if they are carring a valid user's // secret key. if ( !$valid_user ) { require_once 'CRM/Core/DAO.php'; $api_key = CRM_Utils_Request::retrieve( 'api_key', 'String', $store, false, null, 'REQUEST' ); $valid_user = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $api_key, 'id', 'api_key'); } // If we didn't find a valid user either way, then die. if ( empty($valid_user) ) { return self::error("Valid session, or user api_key required"); } return self::process( $args ); }
function loadCMSBootstrap() { $q = CRM_Utils_array::value('q', $_REQUEST); $args = explode('/', $q); // If the function isn't in the civicrm namespace or request // is for login or ping if (empty($args) || $args[0] != 'civicrm' || count($args) != 3 && $args[1] != 'login' && $args[1] != 'ping' || $args[1] == 'login' || $args[1] == 'ping') { return; } $uid = null; $session = CRM_Core_Session::singleton(); if (!CRM_Utils_System::authenticateKey(false)) { return; } if ($session->get('PHPSESSID') && $session->get('cms_user_id')) { $uid = $session->get('cms_user_id'); } if (!$uid) { require_once 'CRM/Core/DAO.php'; require_once 'CRM/Utils/Request.php'; $store = null; $api_key = CRM_Utils_Request::retrieve('api_key', 'String', $store, false, null, 'REQUEST'); $contact_id = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $api_key, 'id', 'api_key'); if ($contact_id) { require_once 'CRM/Core/BAO/UFMatch.php'; $uid = CRM_Core_BAO_UFMatch::getUFId($contact_id); } } if ($uid) { CRM_Utils_System::loadBootStrap(null, null, $uid); } }