/**
* @param $key
* @param $value
* @param $context \Workflow\VTEntity
* @return array|void
*/
public function generateAttachments($key, $value, $context)
{
global $current_user;
$adb = \PearDatabase::getInstance();
$url = $value[2]['val'];
$url = \Workflow\VTTemplate::parse($url, $context);
$filename = \Workflow\VTTemplate::parse($value[2]['name'], $context);
if (empty($filename)) {
$filename = basename($url);
}
$filecontent = \Workflow\VtUtils::getContentFromUrl($url);
if (empty($filecontent)) {
return array();
}
$filename = preg_replace('/[^A-Za-z0-9-_.]/', '_', $filename);
if ($this->_mode === self::MODE_NOT_ADD_NEW_ATTACHMENTS) {
$tmpfile = tempnam(sys_get_temp_dir(), 'Url');
@unlink($tmpfile);
file_put_contents($tmpfile, $filecontent);
$this->addAttachmentRecord('PATH', $tmpfile, $filename);
return;
}
$upload_file_path = decideFilePath();
$next_id = $adb->getUniqueID("vtiger_crmentity");
file_put_contents($upload_file_path . $next_id . "_" . $filename, $filecontent);
$filesize = filesize($upload_file_path . $next_id . "_" . $filename);
$filetype = "application/octet-stream";
$sql1 = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,createdtime,modifiedtime) values(?, ?, ?, ?, ?, ?, ?)";
$params1 = array($next_id, $current_user->id, $current_user->id, "Documents Attachment", 'Documents Attachment', date("Y-m-d H:i:s"), date("Y-m-d H:i:s"));
$adb->pquery($sql1, $params1);
$sql2 = "insert into vtiger_attachments(attachmentsid, name, description, type, path) values(?, ?, ?, ?, ?)";
$params2 = array($next_id, $filename, '', $filetype, $upload_file_path);
$adb->pquery($sql2, $params2);
$this->addAttachmentRecord('ID', $next_id);
}
/**
* @param $key
* @param $value
* @param $context \Workflow\VTEntity
* @return array|void
*/
public function doAction($configuration, $filepath, $filename, $context, $targetRecordIds = array())
{
$adb = \PearDatabase::getInstance();
require_once 'modules/Documents/Documents.php';
$focus = new \Documents();
$focus->parentid = $context->getId();
$docTitle = $configuration["title"];
$docDescr = nl2br($configuration["description"]);
$docTitle = \Workflow\VTTemplate::parse($docTitle, $context);
$docDescr = \Workflow\VTTemplate::parse($docDescr, $context);
$focus->column_fields['notes_title'] = $docTitle;
$focus->column_fields['assigned_user_id'] = $context->get('assigned_user_id');
$focus->column_fields['filename'] = $filename;
$focus->column_fields['notecontent'] = $docDescr;
$focus->column_fields['filetype'] = 'application/pdf';
$focus->column_fields['filesize'] = filesize($filepath);
$focus->column_fields['filelocationtype'] = 'I';
$focus->column_fields['fileversion'] = '';
$focus->column_fields['filestatus'] = 'on';
$focus->column_fields['folderid'] = $configuration["folderid"];
$focus->save('Documents');
$upload_file_path = decideFilePath();
$date_var = date("Y-m-d H:i:s");
$next_id = $adb->getUniqueID("vtiger_crmentity");
copy($filepath, $upload_file_path . $next_id . "_" . $filename);
$sql1 = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,createdtime,modifiedtime) values(?, ?, ?, ?, ?, ?, ?)";
$params1 = array($next_id, $context->get('assigned_user_id'), $context->get('assigned_user_id'), "Documents Attachment", 'Documents Attachment', date("Y-m-d H:i:s"), date("Y-m-d H:i:s"));
$adb->pquery($sql1, $params1);
$filetype = "application/octet-stream";
$sql2 = "insert into vtiger_attachments(attachmentsid, name, description, type, path) values(?, ?, ?, ?, ?)";
$params2 = array($next_id, $filename, $docDescr, $filetype, $upload_file_path);
$adb->pquery($sql2, $params2, true);
$sql3 = 'insert into vtiger_seattachmentsrel values(?,?)';
$adb->pquery($sql3, array($focus->id, $next_id));
if ($configuration["relation"] === "1") {
foreach ($targetRecordIds as $id) {
$sql = "INSERT INTO vtiger_senotesrel SET crmid = " . $id . ", notesid = " . $focus->id;
$adb->query($sql);
}
} else {
$sql = "DELETE FROM vtiger_senotesrel WHERE crmid = " . $context->getId() . " AND notesid = " . $focus->id;
$adb->query($sql);
}
$newContext = \Workflow\VTEntity::getForId($focus->id, "Documents");
if ($configuration['workflowid'] !== "") {
$objWorkflow = new \Workflow\Main($configuration['workflowid'], false, $context->getUser());
$objWorkflow->setContext($newContext);
$objWorkflow->isSubWorkflow(true);
$objWorkflow->start();
}
}
/**
* Save the attachment to the file
*/
function SaveAttachmentFile($attachid, $filename, $filecontent)
{
global $adb;
$dirname = decideFilePath();
if (!is_dir($dirname)) {
mkdir($dirname);
}
$description = $filename;
$filename = str_replace(' ', '_', $filename);
$saveasfile = "{$dirname}{$attachid}" . "_{$filename}";
if (!file_exists($saveasfile)) {
$fh = fopen($saveasfile, 'wb');
fwrite($fh, base64_decode($filecontent));
fclose($fh);
}
$mimetype = MailAttachmentMIME::detect($saveasfile);
$adb->pquery("INSERT INTO vtiger_attachments SET attachmentsid=?, name=?, description=?, type=?, path=?", array($attachid, $filename, $description, $mimetype, $dirname));
}
/**
* @param $key
* @param $value
* @param $context \Workflow\VTEntity
* @return array|void
*/
public function generateAttachments($key, $value, $context)
{
global $current_user;
$adb = \PearDatabase::getInstance();
$file = \Workflow\InterfaceFiles::getFile($value[2]['val'], $context->getModuleName(), $context->getId());
if ($this->_mode === self::MODE_NOT_ADD_NEW_ATTACHMENTS) {
$this->addAttachmentRecord('PATH', $file['path'], $file['name']);
return;
}
$upload_file_path = decideFilePath();
$next_id = $adb->getUniqueID("vtiger_crmentity");
copy($file['path'], $upload_file_path . $next_id . "_" . $file['name']);
$filetype = "application/octet-stream";
$sql1 = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,createdtime,modifiedtime) values(?, ?, ?, ?, ?, ?, ?)";
$params1 = array($next_id, $current_user->id, $current_user->id, "Workflow Attachment", 'Workflow Attachment', date("Y-m-d H:i:s"), date("Y-m-d H:i:s"));
$adb->pquery($sql1, $params1);
$sql2 = "insert into vtiger_attachments(attachmentsid, name, description, type, path) values(?, ?, ?, ?, ?)";
$params2 = array($next_id, $file['name'], '', $filetype, $upload_file_path);
$adb->pquery($sql2, $params2);
$this->addAttachmentRecord('ID', $next_id);
}
/**
* Creates an Attachments
* @global PearDataBase $adb
* @global Array $upload_badext
* @global Users $current_user
*/
function saveAttachment()
{
global $adb, $upload_badext, $current_user;
$uploadPath = decideFilePath();
$fileName = $this->getName();
if (!empty($fileName)) {
$attachid = $adb->getUniqueId('vtiger_crmentity');
//sanitize the filename
$binFile = sanitizeUploadFileName($fileName, $upload_badext);
$fileName = ltrim(basename(" " . $binFile));
$saveAttachment = $this->save($uploadPath . $attachid . "_" . $fileName);
if ($saveAttachment) {
$description = $fileName;
$date_var = $adb->formatDate(date('YmdHis'), true);
$usetime = $adb->formatDate($date_var, true);
$adb->pquery("INSERT INTO vtiger_crmentity(crmid, smcreatorid, smownerid,\n\t\t\t\tmodifiedby, setype, description, createdtime, modifiedtime, presence, deleted)\n\t\t\t\tVALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", array($attachid, $current_user->id, $current_user->id, $current_user->id, "Documents Attachment", $description, $usetime, $usetime, 1, 0));
$mimetype = MailAttachmentMIME::detect($uploadPath . $attachid . "_" . $fileName);
$adb->pquery("INSERT INTO vtiger_attachments SET attachmentsid=?, name=?, description=?, type=?, path=?", array($attachid, $fileName, $description, $mimetype, $uploadPath));
return $attachid;
}
}
return false;
}
/**
* This function is used to upload the attachment in the server and save that attachment information in db.
* @param int $id - entity id to which the file to be uploaded
* @param string $module - the current module name
* @param array $file_details - array which contains the file information(name, type, size, tmp_name and error)
* return void
*/
function uploadAndSaveFile($id, $module, $file_details)
{
global $log;
$log->debug("Entering into uploadAndSaveFile({$id},{$module},{$file_details}) method.");
global $current_user;
global $upload_badext;
$date_var = date('Y-m-d H:i:s');
//to get the owner id
$ownerid = isset($this->column_fields['assigned_user_id']) ? $this->column_fields['assigned_user_id'] : '';
if (!isset($ownerid) || $ownerid == '') {
$ownerid = $current_user->id;
}
// Arbitrary File Upload Vulnerability fix - Philip
$binFile = $file_details['name'];
$ext_pos = strrpos($binFile, ".");
$ext = substr($binFile, $ext_pos + 1);
if (in_array($ext, $upload_badext)) {
$binFile .= ".txt";
}
// Vulnerability fix ends
$current_id = $this->db->getUniqueID("ec_crmentity");
$filename = explode_basename($binFile);
$filetype = $file_details['type'];
$filesize = $file_details['size'];
$filetmp_name = $file_details['tmp_name'];
//get the file path inwhich folder we want to upload the file
$upload_file_path = decideFilePath();
//upload the file in server
if (is_uploaded_file($filetmp_name)) {
$encode_file = base64_encode_filename($binFile);
$upload_status = move_uploaded_file($filetmp_name, $upload_file_path . $current_id . "_" . $encode_file);
}
$save_file = 'true';
//only images are allowed for these modules
if ($module == 'Contacts' || $module == 'Products') {
echo "222";
$save_file = validateImageFile($file_details);
}
if ($save_file == 'true' && $upload_status == 'true') {
//This is only to update the attached filename in the ec_notes ec_table for the Notes module
if ($module == 'Notes') {
$sql = "update ec_notes set filename='" . $filename . "' where notesid = " . $id;
$this->db->query($sql);
} else {
if ($module == 'Documents') {
$sql = "update ec_documents set filename='" . $filename . "' where documentsid = " . $id;
$this->db->query($sql);
}
}
$description = "";
if (isset($this->column_fields['description'])) {
$description = $this->column_fields['description'];
}
$sql1 = "insert into ec_crmentity (crmid,setype) values(" . $current_id . ",'" . $module . " Attachment')";
$this->db->query($sql1);
$sql = "insert into ec_attachments(attachmentsid,name,description,type,setype,path,smcreatorid,createdtime) values(";
$sql .= $current_id . ",'" . $filename . "','" . $description . "','" . $filetype . "','" . $module . "','" . $upload_file_path . "','" . $ownerid . "','" . $date_var . "')";
$result = $this->db->query($sql);
if (isset($_REQUEST['mode']) && $_REQUEST['mode'] == 'edit') {
if ($id != '' && isset($_REQUEST['fileid']) && $_REQUEST['fileid'] != '') {
$delquery = 'delete from ec_seattachmentsrel where crmid = ' . $id . ' and attachmentsid = ' . $_REQUEST['fileid'];
$this->db->query($delquery);
}
}
if ($module == 'Notes' || $module == 'Documents') {
$query = "delete from ec_seattachmentsrel where crmid = " . $id;
$this->db->query($query);
}
$sql3 = 'insert into ec_seattachmentsrel values(' . $id . ',' . $current_id . ')';
$this->db->query($sql3);
return true;
} else {
$log->debug("Skip the save attachment process.");
return false;
}
}
/**
* Save the Mail Attachments to DB
* @global PearDataBase Instance $db
* @global Users Instance $currentUserModel
* @global Array $upload_badext
* @param String $filename - name of the file
* @param Text $filecontent
* @return Array with attachment information
*/
public function __SaveAttachmentFile($filename, $filecontent)
{
require_once 'modules/Settings/MailConverter/handlers/MailAttachmentMIME.php';
$db = PearDatabase::getInstance();
$currentUserModel = Users_Record_Model::getCurrentUserModel();
$filename = imap_utf8($filename);
$dirname = decideFilePath();
$usetime = $db->formatDate(date('ymdHis'), true);
$binFile = sanitizeUploadFileName($filename, vglobal('upload_badext'));
$attachid = $db->getUniqueId('vtiger_crmentity');
$saveasfile = "{$dirname}/{$attachid}" . "_" . $binFile;
$fh = fopen($saveasfile, 'wb');
fwrite($fh, $filecontent);
fclose($fh);
$mimetype = MailAttachmentMIME::detect($saveasfile);
$db->pquery("INSERT INTO vtiger_crmentity(crmid, smcreatorid, smownerid,\n\t\t\t\tmodifiedby, setype, description, createdtime, modifiedtime, presence, deleted)\n\t\t\t\tVALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", array($attachid, $currentUserModel->getId(), $currentUserModel->getId(), $currentUserModel->getId(), "MailManager Attachment", $binFile, $usetime, $usetime, 1, 0));
$db->pquery("INSERT INTO vtiger_attachments SET attachmentsid=?, name=?, description=?, type=?, path=?", array($attachid, $binFile, $binFile, $mimetype, $dirname));
$attachInfo = array('attachid' => $attachid, 'path' => $dirname, 'name' => $binFile, 'type' => $mimetype, 'size' => filesize($saveasfile));
return $attachInfo;
}
function saveForwardAttachments($id, $module, $file_details)
{
global $log;
$log->debug("Entering into saveForwardAttachments({$id},{$module},{$file_details}) method.");
global $adb, $current_user;
global $upload_badext;
require_once 'modules/Webmails/MailBox.php';
$mailbox = $_REQUEST["mailbox"];
$MailBox = new MailBox($mailbox);
$mail = $MailBox->mbox;
$binFile = sanitizeUploadFileName($file_details['name'], $upload_badext);
$filename = ltrim(basename(" " . $binFile));
//allowed filename like UTF-8 characters
$filetype = $file_details['type'];
$filesize = $file_details['size'];
$filepart = $file_details['part'];
$transfer = $file_details['transfer'];
$file = imap_fetchbody($mail, $_REQUEST['mailid'], $filepart);
if ($transfer == 'BASE64') {
$file = imap_base64($file);
} elseif ($transfer == 'QUOTED-PRINTABLE') {
$file = imap_qprint($file);
}
$current_id = $adb->getUniqueID("vtiger_crmentity");
$date_var = date('Y-m-d H:i:s');
//to get the owner id
$ownerid = $this->column_fields['assigned_user_id'];
if (!isset($ownerid) || $ownerid == '') {
$ownerid = $current_user->id;
}
$upload_file_path = decideFilePath();
file_put_contents($upload_file_path . $current_id . "_" . $filename, $file);
$sql1 = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,createdtime,modifiedtime) values(?,?,?,?,?,?,?)";
$params1 = array($current_id, $current_user->id, $ownerid, $module . " Attachment", $this->column_fields['description'], $adb->formatDate($date_var, true), $adb->formatDate($date_var, true));
$adb->pquery($sql1, $params1);
$sql2 = "insert into vtiger_attachments(attachmentsid, name, description, type, path) values(?,?,?,?,?)";
$params2 = array($current_id, $filename, $this->column_fields['description'], $filetype, $upload_file_path);
$result = $adb->pquery($sql2, $params2);
if ($_REQUEST['mode'] == 'edit') {
if ($id != '' && $_REQUEST['fileid'] != '') {
$delquery = 'delete from vtiger_seattachmentsrel where crmid = ? and attachmentsid = ?';
$adb->pquery($delquery, array($id, $_REQUEST['fileid']));
}
}
$sql3 = 'insert into vtiger_seattachmentsrel values(?,?)';
$adb->pquery($sql3, array($id, $current_id));
return true;
$log->debug("exiting from saveforwardattachment function.");
}
/** Function to upload the file to the server and add the file details in the attachments table
* @param $id -- user id:: Type varchar
* @param $module -- module name:: Type varchar
* @param $file_details -- file details array:: Type array
*/
function uploadAndSaveFile($id, $module, $file_details)
{
$log = vglobal('log');
$log->debug("Entering into uploadAndSaveFile({$id},{$module},{$file_details}) method.");
$current_user = vglobal('current_user');
global $upload_badext;
$date_var = date('Y-m-d H:i:s');
//to get the owner id
$ownerid = $this->column_fields['assigned_user_id'];
if (!isset($ownerid) || $ownerid == '') {
$ownerid = $current_user->id;
}
$saveFile = 'true';
//only images are allowed for these modules
if ($module == 'Users') {
$saveFile = validateImageFile($file_details);
}
if ($saveFile == 'false') {
return;
}
$file = $file_details['name'];
$binFile = sanitizeUploadFileName($file, $upload_badext);
$filename = ltrim(basename(" " . $binFile));
//allowed filename like UTF-8 characters
$filetype = $file_details['type'];
$filesize = $file_details['size'];
$filetmp_name = $file_details['tmp_name'];
$current_id = $this->db->getUniqueID("vtiger_crmentity");
//get the file path inwhich folder we want to upload the file
$upload_file_path = decideFilePath($module);
//upload the file in server
$upload_status = move_uploaded_file($filetmp_name, $upload_file_path . $current_id . "_" . $binFile);
if ($saveFile == 'true') {
$sql1 = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,createdtime,modifiedtime) values(?,?,?,?,?,?,?)";
$params1 = array($current_id, $current_user->id, $ownerid, $module . " Attachment", $this->column_fields['description'], $this->db->formatDate($date_var, true), $this->db->formatDate($date_var, true));
$this->db->pquery($sql1, $params1);
$sql2 = "insert into vtiger_attachments(attachmentsid, name, description, type, path) values(?,?,?,?,?)";
$params2 = array($current_id, $filename, $this->column_fields['description'], $filetype, $upload_file_path);
$result = $this->db->pquery($sql2, $params2);
if ($id != '') {
$delquery = 'delete from vtiger_salesmanattachmentsrel where smid = ?';
$this->db->pquery($delquery, array($id));
}
$sql3 = 'insert into vtiger_salesmanattachmentsrel values(?,?)';
$this->db->pquery($sql3, array($id, $current_id));
//we should update the imagename in the users table
$this->db->pquery("update vtiger_users set imagename=? where id=?", array($filename, $id));
} else {
$log->debug("Skip the save attachment process.");
}
$log->debug("Exiting from uploadAndSaveFile({$id},{$module},{$file_details}) method.");
return;
}
$ownerid = $current_user->id;
// Arbitrary File Upload Vulnerability fix - Philip
$binFile = $file_details['name'];
$ext_pos = strrpos($binFile, ".");
$ext = substr($binFile, $ext_pos + 1);
if (in_array($ext, $upload_badext)) {
$binFile .= ".txt";
}
// Vulnerability fix ends
$current_id = $adb->getUniqueID("ec_crmentity");
$filename = explode_basename($binFile);
$filetype = $file_details['type'];
$filesize = $file_details['size'];
$filetmp_name = $file_details['tmp_name'];
//get the file path inwhich folder we want to upload the file
$upload_file_path = decideFilePath();
//upload the file in server
$upload_status = false;
if (is_uploaded_file($filetmp_name)) {
$encode_file = base64_encode_filename($binFile);
$upload_status = move_uploaded_file($filetmp_name, $upload_file_path . $current_id . "_" . $encode_file);
}
if ($upload_status) {
$description = "";
$adb->query("insert into ec_crmentity (crmid,setype) values('" . $current_id . "','Maillists Attachment')");
$sql = "insert into ec_attachments(attachmentsid,name,description,type,setype,path,smcreatorid,createdtime) values(";
$sql .= $current_id . ",'" . $filename . "','" . $description . "','" . $filetype . "','Maillists','" . $upload_file_path . "','" . $current_user->id . "'," . $date_var . ")";
$adb->query($sql);
$query_attachment = "delete from ec_seattachmentsrel where crmid = " . $sjid;
$adb->query($query_attachment);
$query_attachment = 'insert into ec_seattachmentsrel values(' . $sjid . ',' . $current_id . ')';
function handleUpload()
{
global $upload_maxsize;
$allowedFileExtension = array();
$uploadLimit = ConfigPrefs::get('MAXUPLOADLIMIT', $upload_maxsize);
$filePath = decideFilePath();
$upload = new MailManager_Uploader($allowedFileExtension, $uploadLimit);
return $upload->handleUpload($filePath, false);
}
public function handleUpload()
{
$allowedFileExtension = array();
$uploadLimit = MailManager_Config_Model::get('MAXUPLOADLIMIT', vglobal('upload_maxsize'));
$filePath = decideFilePath();
$upload = new MailManager_Upload_Action($allowedFileExtension, $uploadLimit);
return $upload->handleUpload($filePath, false);
}
function createPDFAndSaveFile($templates, $focus, $modFocus, $file_name, $moduleName, $language)
{
global $x0b, $x0c, $x0d, $x0e, $x0f, $x10, $x11, $x12, $x13, $x14, $x15, $x16, $x17, $x18, $x19, $x1a, $x1b, $x1c, $x1d, $x1e, $x1f, $x20, $x21, $x22, $x23, $x24, $x25, $x26;
$db = "adb";
$cu = "current_user";
$dl = "default_language";
global ${$db}, ${$cu}, ${$dl};
$date_var = $x10("Y-m-d H:i:s");
$ownerid = $focus->column_fields["assigned_user_id"];
if (!isset($ownerid) || $ownerid == "") {
$ownerid = ${$cu}->id;
}
$current_id = ${$db}->getUniqueID("vtiger_crmentity");
$templates = $x1d($templates, ";");
$Templateids = $x11(";", $templates);
$x17("memory_limit", "128M");
$name = "";
if (!$language || $language == "") {
$language = ${$dl};
}
foreach ($Templateids as $templateid) {
$PDFContent = new PDFContent($templateid, $moduleName, $modFocus, $language);
$pdf_content = $PDFContent->getContent();
$Settings = $PDFContent->getSettings();
if ($name == "") {
$name = $PDFContent->getFilename();
}
$header_html = $x14($pdf_content["header"], ENT_COMPAT, "utf-8");
$body_html = $x14($pdf_content["body"], ENT_COMPAT, "utf-8");
$footer_html = $x14($pdf_content["footer"], ENT_COMPAT, "utf-8");
$encoding = $Settings["encoding"];
if ($Settings["orientation"] == "landscape") {
$format = $Settings["format"] . "-L";
} else {
$format = $Settings["format"];
}
if (!isset($mpdf)) {
$mpdf = new mPDF('', $format, '', 'Arial', $Settings["margin_left"], $Settings["margin_right"], 0, 0, $Settings["margin_top"], $Settings["margin_bottom"]);
$mpdf->SetAutoFont();
@$mpdf->SetHTMLHeader($header_html);
} else {
@$mpdf->SetHTMLHeader($header_html);
@$mpdf->WriteHTML('<pagebreak sheet-size="' . $format . '" margin-left="' . $Settings["margin_left"] . 'mm" margin-right="' . $Settings["margin_right"] . 'mm" margin-top="0mm" margin-bottom="0mm" margin-header="' . $Settings["margin_top"] . 'mm" margin-footer="' . $Settings["margin_bottom"] . 'mm" />');
}
@$mpdf->SetHTMLFooter($footer_html);
@$mpdf->WriteHTML($body_html);
}
$upload_file_path = decideFilePath();
if ($name != "") {
$file_name = $name . ".pdf";
}
$mpdf->Output($upload_file_path . $current_id . "_" . $file_name);
$filesize = $x13($upload_file_path . $current_id . "_" . $file_name);
$filetype = "application/pdf";
$sql1 = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,createdtime,modifiedtime) values(?, ?, ?, ?, ?, ?, ?)";
$params1 = array($current_id, ${$cu}->id, $ownerid, "Documents Attachment", $focus->column_fields["description"], ${$db}->formatDate($date_var, true), ${$db}->formatDate($date_var, true));
${$db}->pquery($sql1, $params1);
$sql2 = "insert into vtiger_attachments(attachmentsid, name, description, type, path) values(?, ?, ?, ?, ?)";
$params2 = array($current_id, $file_name, $focus->column_fields["description"], $filetype, $upload_file_path);
$result = ${$db}->pquery($sql2, $params2);
$sql3 = 'insert into vtiger_seattachmentsrel values(?,?)';
${$db}->pquery($sql3, array($focus->id, $current_id));
$sql4 = "UPDATE vtiger_notes SET filesize=?, filename=? WHERE notesid=?";
${$db}->pquery($sql4, array($filesize, $file_name, $focus->id));
return true;
}
/**
* This function is used to upload the attachment in the server and save that attachment information in db.
* @param int $id - entity id to which the file to be uploaded
* @param string $module - the current module name
* @param array $file_details - array which contains the file information(name, type, size, tmp_name and error)
* return void
*/
function uploadAndSaveFile($id, $module, $file_details, $attachmentType = 'Attachment')
{
$log = LoggerManager::getInstance();
$log->debug("Entering into uploadAndSaveFile({$id},{$module},{$file_details}) method.");
$adb = PearDatabase::getInstance();
$current_user = vglobal('current_user');
$date_var = date("Y-m-d H:i:s");
//to get the owner id
$ownerid = $this->column_fields['assigned_user_id'];
if (!isset($ownerid) || $ownerid == '') {
$ownerid = $current_user->id;
}
if (isset($file_details['original_name']) && $file_details['original_name'] != null) {
$file_name = $file_details['original_name'];
} else {
$file_name = $file_details['name'];
}
$saveFile = 'true';
//only images are allowed for Image Attachmenttype
$mimeType = Vtiger_Functions::getMimeContentType($file_details['tmp_name']);
$mimeTypeContents = explode('/', $mimeType);
// For contacts and products we are sending attachmentType as value
if ($attachmentType == 'Image' || $file_details['size'] && $mimeTypeContents[0] == 'image') {
$saveFile = validateImageFile($file_details);
}
if ($saveFile == 'false') {
return false;
}
$binFile = sanitizeUploadFileName($file_name, AppConfig::main('upload_badext'));
$current_id = $adb->getUniqueID('vtiger_crmentity');
$filename = ltrim(basename(' ' . $binFile));
//allowed filename like UTF-8 characters
$filetype = $file_details['type'];
$filesize = $file_details['size'];
$filetmp_name = $file_details['tmp_name'];
//get the file path inwhich folder we want to upload the file
$upload_file_path = decideFilePath($module);
//upload the file in server
$upload_status = move_uploaded_file($filetmp_name, $upload_file_path . $current_id . '_' . $binFile);
$save_file = 'true';
//only images are allowed for these modules
if ($module == 'Contacts' || $module == 'Products') {
$save_file = validateImageFile($file_details);
}
if ($save_file == 'true' && $upload_status == 'true') {
//This is only to update the attached filename in the vtiger_notes vtiger_table for the Notes module
$params = ['crmid' => $current_id, 'smcreatorid' => $current_user->id, 'smownerid' => $ownerid, 'setype' => $module . " Image", 'description' => $this->column_fields['description'], 'createdtime' => $adb->formatDate($date_var, true), 'modifiedtime' => $adb->formatDate($date_var, true)];
if ($module == 'Contacts' || $module == 'Products') {
$params['setype'] = $module . " Image";
} else {
$params['setype'] = $module . " Attachment";
}
$adb->insert('vtiger_crmentity', $params);
$params = ['attachmentsid' => $current_id, 'name' => $filename, 'description' => $this->column_fields['description'], 'type' => $filetype, 'path' => $upload_file_path];
$adb->insert('vtiger_attachments', $params);
if ($_REQUEST['mode'] == 'edit') {
if ($id != '' && vtlib_purify($_REQUEST['fileid']) != '') {
$delparams = [$id, vtlib_purify($_REQUEST['fileid'])];
$adb->delete('vtiger_seattachmentsrel', 'crmid = ? AND attachmentsid = ?', $delparams);
}
}
if ($module == 'Documents') {
$adb->delete('vtiger_seattachmentsrel', 'crmid = ?', [$id]);
}
if ($module == 'Contacts') {
$att_sql = "select vtiger_seattachmentsrel.attachmentsid from vtiger_seattachmentsrel inner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_seattachmentsrel.attachmentsid where vtiger_crmentity.setype='Contacts Image' and vtiger_seattachmentsrel.crmid=?";
$res = $adb->pquery($att_sql, array($id));
$attachmentsid = $adb->query_result($res, 0, 'attachmentsid');
if ($attachmentsid != '') {
$adb->delete('vtiger_seattachmentsrel', 'crmid = ? AND attachmentsid = ?', [$id, $attachmentsid]);
$adb->delete('vtiger_crmentity', 'crmid = ?', [$attachmentsid]);
$adb->insert('vtiger_seattachmentsrel', ['crmid' => $id, 'attachmentsid' => $current_id]);
} else {
$adb->insert('vtiger_seattachmentsrel', ['crmid' => $id, 'attachmentsid' => $current_id]);
}
} else {
$adb->insert('vtiger_seattachmentsrel', ['crmid' => $id, 'attachmentsid' => $current_id]);
}
return true;
} else {
$log->debug("Skip the save attachment process.");
return false;
}
}
${"GLOBALS"}["dwueotishfr"] = "result";
${${"GLOBALS"}["cnpunorkudj"]} = $adb->query(${${"GLOBALS"}["qmkfkak"]}, true);
if ($adb->num_rows(${${"GLOBALS"}["dwueotishfr"]}) == 0) {
${${"GLOBALS"}["qultpew"]}["context"]->unlinkTempFiles();
}
}
if (time() < ${${"GLOBALS"}["bmukduyjbf"]} + ${${"GLOBALS"}["wkyilpg"]} * 60) {
${${"GLOBALS"}["keuetfu"]} = \Workflow\Queue::getQueueEntry();
} else {
${${"GLOBALS"}["keuetfu"]} = false;
}
} while (${${"GLOBALS"}["keuetfu"]} !== false);
}
echo "Workflow2 Scheduler Started\n";
\Workflow\Scheduler::execute();
echo "Workflow2 Scheduler Finished\n";
echo "Workflow2 Cronjob Start Cleaning\n";
${${"GLOBALS"}["gvudxdr"]} = decideFilePath();
@chmod(dirname(dirname(${${"GLOBALS"}["gvudxdr"]})), 0777);
@chmod(dirname(${$cfcoklxwq}), 0777);
@chmod(${${"GLOBALS"}["gvudxdr"]}, 0777);
if (mt_rand(1, 100) > 90) {
\Workflow2::purgeLogs();
\Workflow2::purgeQueue();
}
\Workflow2::cleanQueue();
${${"GLOBALS"}["jvrworyisrg"]} = new \Workflow2();
$obj->repoUpdateCheck();
\Workflow2::${${"GLOBALS"}["nimkcgvrvs"]} = false;
unlink(sys_get_temp_dir() . "/workflow2_lock");
echo "Workflow2 Cronjob Finished\n";
/**
* Function Sends/Saves mass emails
* @param <Vtiger_Request> $request
*/
public function massSave(Vtiger_Request $request)
{
global $upload_badext;
$adb = PearDatabase::getInstance();
$moduleName = $request->getModule();
$currentUserModel = Users_Record_Model::getCurrentUserModel();
$recordIds = $this->getRecordsListFromRequest($request);
$documentIds = $request->get('documentids');
// This is either SENT or SAVED
$flag = $request->get('flag');
$result = Vtiger_Util_Helper::transformUploadedFiles($_FILES, true);
$_FILES = $result['file'];
$recordId = $request->get('record');
if (!empty($recordId)) {
$recordModel = Vtiger_Record_Model::getInstanceById($recordId, $moduleName);
$recordModel->set('mode', 'edit');
} else {
$recordModel = Vtiger_Record_Model::getCleanInstance($moduleName);
$recordModel->set('mode', '');
}
$parentEmailId = $request->get('parent_id', null);
$attachmentsWithParentEmail = array();
if (!empty($parentEmailId) && !empty($recordId)) {
$parentEmailModel = Vtiger_Record_Model::getInstanceById($parentEmailId);
$attachmentsWithParentEmail = $parentEmailModel->getAttachmentDetails();
}
$existingAttachments = $request->get('attachments', array());
if (empty($recordId)) {
if (is_array($existingAttachments)) {
foreach ($existingAttachments as $index => $existingAttachInfo) {
$existingAttachInfo['tmp_name'] = $existingAttachInfo['name'];
$existingAttachments[$index] = $existingAttachInfo;
if (array_key_exists('docid', $existingAttachInfo)) {
$documentIds[] = $existingAttachInfo['docid'];
unset($existingAttachments[$index]);
}
}
}
} else {
//If it is edit view unset the exising attachments
//remove the exising attachments if it is in edit view
$attachmentsToUnlink = array();
$documentsToUnlink = array();
foreach ($attachmentsWithParentEmail as $i => $attachInfo) {
$found = false;
foreach ($existingAttachments as $index => $existingAttachInfo) {
if ($attachInfo['fileid'] == $existingAttachInfo['fileid']) {
$found = true;
break;
}
}
//Means attachment is deleted
if (!$found) {
if (array_key_exists('docid', $attachInfo)) {
$documentsToUnlink[] = $attachInfo['docid'];
} else {
$attachmentsToUnlink[] = $attachInfo;
}
}
unset($attachmentsWithParentEmail[$i]);
}
//Make the attachments as empty for edit view since all the attachments will already be there
$existingAttachments = array();
if (!empty($documentsToUnlink)) {
$recordModel->deleteDocumentLink($documentsToUnlink);
}
if (!empty($attachmentsToUnlink)) {
$recordModel->deleteAttachment($attachmentsToUnlink);
}
}
// This will be used for sending mails to each individual
$toMailInfo = $request->get('toemailinfo');
$to = $request->get('to');
if (is_array($to)) {
$to = implode(',', $to);
}
$recordModel->set('description', $request->get('description'));
$recordModel->set('subject', $request->get('subject'));
$recordModel->set('toMailNamesList', $request->get('toMailNamesList'));
$recordModel->set('saved_toid', $to);
$recordModel->set('ccmail', $request->get('cc'));
$recordModel->set('bccmail', $request->get('bcc'));
$recordModel->set('assigned_user_id', $currentUserModel->getId());
$recordModel->set('email_flag', $flag);
$recordModel->set('documentids', $documentIds);
$recordModel->set('toemailinfo', $toMailInfo);
foreach ($toMailInfo as $recordId => $emailValueList) {
if ($recordModel->getEntityType($recordId) == 'Users') {
$parentIds .= $recordId . '@-1|';
} else {
$parentIds .= $recordId . '@1|';
}
}
$recordModel->set('parent_id', $parentIds);
//save_module still depends on the $_REQUEST, need to clean it up
$_REQUEST['parent_id'] = $parentIds;
$success = false;
$viewer = $this->getViewer($request);
if ($recordModel->checkUploadSize($documentIds)) {
$recordModel->save();
//To Handle existing attachments
$current_user = Users_Record_Model::getCurrentUserModel();
$ownerId = $recordModel->get('assigned_user_id');
$date_var = date("Y-m-d H:i:s");
if (is_array($existingAttachments)) {
foreach ($existingAttachments as $index => $existingAttachInfo) {
$file_name = $existingAttachInfo['attachment'];
$path = $existingAttachInfo['path'];
$fileId = $existingAttachInfo['fileid'];
$oldFileName = $file_name;
//SEND PDF mail will not be having file id
if (!empty($fileId)) {
$oldFileName = $existingAttachInfo['fileid'] . '_' . $file_name;
}
$oldFilePath = $path . '/' . $oldFileName;
$binFile = sanitizeUploadFileName($file_name, $upload_badext);
$current_id = $adb->getUniqueID("vtiger_crmentity");
$filename = ltrim(basename(" " . $binFile));
//allowed filename like UTF-8 characters
$filetype = $existingAttachInfo['type'];
$filesize = $existingAttachInfo['size'];
//get the file path inwhich folder we want to upload the file
$upload_file_path = decideFilePath();
$newFilePath = $upload_file_path . $current_id . "_" . $binFile;
copy($oldFilePath, $newFilePath);
$sql1 = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,createdtime,modifiedtime) values(?, ?, ?, ?, ?, ?, ?)";
$params1 = array($current_id, $current_user->getId(), $ownerId, $moduleName . " Attachment", $recordModel->get('description'), $adb->formatDate($date_var, true), $adb->formatDate($date_var, true));
$adb->pquery($sql1, $params1);
$sql2 = "insert into vtiger_attachments(attachmentsid, name, description, type, path) values(?, ?, ?, ?, ?)";
$params2 = array($current_id, $filename, $recordModel->get('description'), $filetype, $upload_file_path);
$result = $adb->pquery($sql2, $params2);
$sql3 = 'insert into vtiger_seattachmentsrel values(?,?)';
$adb->pquery($sql3, array($recordModel->getId(), $current_id));
}
}
$success = true;
if ($flag == 'SENT') {
$status = $recordModel->send();
if ($status === true) {
// This is needed to set vtiger_email_track table as it is used in email reporting
$recordModel->setAccessCountValue();
} else {
$success = false;
$message = $status;
}
}
} else {
$message = vtranslate('LBL_MAX_UPLOAD_SIZE', $moduleName) . ' ' . vtranslate('LBL_EXCEEDED', $moduleName);
}
$viewer->assign('SUCCESS', $success);
$viewer->assign('MESSAGE', $message);
$loadRelatedList = $request->get('related_load');
if (!empty($loadRelatedList)) {
$viewer->assign('RELATED_LOAD', true);
}
$viewer->view('SendEmailResult.tpl', $moduleName);
}
function AddEmailAttachment($emailid, $filedata, $filename, $filesize, $filetype, $username, $session)
{
if (!validateSession($username, $session)) {
return null;
}
global $adb;
require_once 'modules/Users/Users.php';
require_once 'include/utils/utils.php';
$filename = preg_replace('/\\s+/', '_', $filename);
//replace space with _ in filename
$date_var = date('Y-m-d H:i:s');
$seed_user = new Users();
$user_id = $seed_user->retrieve_user_id($username);
$crmid = $adb->getUniqueID("vtiger_crmentity");
$upload_file_path = decideFilePath();
$handle = fopen($upload_file_path . $crmid . "_" . $filename, "wb");
fwrite($handle, base64_decode($filedata), $filesize);
fclose($handle);
$sql1 = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,createdtime,modifiedtime) values (?,?,?,?,?,?,?)";
$params1 = array($crmid, $user_id, $user_id, 'Emails Attachment', ' ', $adb->formatDate($date_var, true), $adb->formatDate($date_var, true));
$entityresult = $adb->pquery($sql1, $params1);
$filetype = "application/octet-stream";
if ($entityresult != false) {
$sql2 = "insert into vtiger_attachments(attachmentsid, name, description, type, path) values (?,?,?,?,?)";
$params2 = array($crmid, $filename, ' ', $filetype, $upload_file_path);
$result = $adb->pquery($sql2, $params2);
$sql3 = 'insert into vtiger_seattachmentsrel values(?,?)';
$adb->pquery($sql3, array($emailid, $crmid));
return $crmid;
} else {
//$server->setError("Invalid username and/or password");
return "";
}
}
function Soap_generatePDF($userid)
{
$adb = PearDatabase::getInstance();
$current_user = vglobal('current_user');
$_SESSION['type'] = "single";
$user = new Users();
$current_user = $user->retrieveCurrentUserInfoFromFile($userid);
require_once "modules/OSSPdf/Print.php";
require_once 'modules/OSSPdf/ModulesQueries.php';
$module = $_REQUEST['usingmodule'];
$id = $_REQUEST['recordid'];
if (isset($_REQUEST['fromdetailview']) && $_REQUEST['fromdetailview'] == 'yes') {
$document_list = array();
if ($_REQUEST['return_name'] == "yes" || isset($_REQUEST['pdfajax'])) {
$_REQUEST['template'] = explode(';', trim($_REQUEST['template'], ';'));
}
/* ----------------------------- */
##############
### PRZETWANIA ZMIENNYCH POCZATKOWYCH
foreach ($_REQUEST['template'] as $templateid) {
$_SESSION['template_to_perfom'] = $_REQUEST['template_to_perfom'] = $templateid;
$pobierzdane = $adb->query("select osspdf_pdf_format,osspdf_pdf_orientation, filename, left_margin, right_margin, top_margin, bottom_margin from vtiger_osspdf where osspdfid = '{$templateid}'", true);
$_REQUEST['pdf_format'] = $adb->query_result($pobierzdane, 0, "osspdf_pdf_format");
$pdf_orientation_result = $adb->query_result($pobierzdane, 0, "osspdf_pdf_orientation");
$_REQUEST['file_name'] = $adb->query_result($pobierzdane, 0, "filename");
$_REQUEST['left'] = $adb->query_result($pobierzdane, 0, "left_margin");
$_REQUEST['right'] = $adb->query_result($pobierzdane, 0, "right_margin");
$_REQUEST['top'] = $adb->query_result($pobierzdane, 0, "top_margin");
$_REQUEST['bottom'] = $adb->query_result($pobierzdane, 0, "bottom_margin");
$_SESSION['top'] = $_REQUEST['top'];
if ($pdf_orientation_result == 'Portrait') {
$pdf_orientation = "P";
} elseif ($pdf_orientation_result == 'Landscape') {
$pdf_orientation = "L";
}
/* ----------------------------- */
##############
### INICJOWANIE PDFA, POBIERANIE DANYCH ETC
$pdf = new Printer();
$pdf->setPageFormat($_REQUEST['pdf_format'], $pdf_orientation);
//$pdf->setPrintHeader(false);
//$pdf->setPrintFooter(false);
// $pdf->SetHeaderData( '','','asd','' );
$pdf->SetCompression(true);
//$pdf->SetMargins( $left,$top, $right = -1,$keepmargins = false );
if (isset($_REQUEST['left']) && $_REQUEST['left'] != '' && $_REQUEST['left'] != 0) {
$pdf->SetLeftMargin($_REQUEST['left']);
}
if (isset($_REQUEST['right']) && $_REQUEST['right'] != '' && $_REQUEST['right'] != 0) {
$pdf->SetRightMargin($_REQUEST['right']);
}
/*
if (isset($_REQUEST['top']) && $_REQUEST['top'] != '' && $_REQUEST['top'] != 0) {
$pdf->SetTopMargin($_REQUEST['top']);
}
if (isset($_REQUEST['bottom']) && $_REQUEST['bottom'] != '' && $_REQUEST['bottom'] != 0) {
$pdf->SetAutoPageBreak(true, $_REQUEST['bottom']);
}*/
/* ----------------------------- */
################
$date_var = $adb->formatDate(date('Y-m-d H:i:s'), true);
$query = "insert into vtiger_audit_trial values(?,?,?,?,?,?)";
$qparams = array($adb->getUniqueID('vtiger_audit_trial'), $current_user->id, $module, 'Generate PDF', $id, $date_var);
$adb->pquery($query, $qparams, true);
TakeContent($pdf, $module, $id, $site_URL);
$filepath = $_REQUEST['file_name'] . '_' . $id . $templateid . '_' . date("YmdHis") . '.pdf';
$pdf->Output($filepath, 'F');
###
$pobierz = $adb->query("select * from vtiger_osspdf_config where conf_id = 'GENERALCONFIGURATION'", true);
###
$data = array();
for ($i = 0; $i < $adb->num_rows($pobierz); $i++) {
$data[$adb->query_result($pobierz, $i, "name")] = $adb->query_result($pobierz, $i, "value");
}
$docid = 0;
if ($data['ifsave'] == 'yes') {
$document_id = CreateDocument($filepath, $data['ifattach'], $id, $module, $docid);
$nr = $document_id + 1;
$document_list[] = $nr . '_' . $filepath;
$storage_path = decideFilePath();
$pelnasciezka = $storage_path . $nr . '_' . $filepath;
} else {
$document_list[] = $filepath;
$storage_path = decideFilePath();
$pelnasciezka = $storage_path . $filepath;
}
chmod('storage', 0777);
if ($_REQUEST['return_name'] != "yes" || $_REQUEST['return_name'] == "") {
rename($filepath, $pelnasciezka);
} else {
$sciezka = "storage/" . $filepath;
rename($filepath, $sciezka);
}
if ($data['ifattach'] == 'yes') {
$sql = "INSERT INTO vtiger_senotesrel (`crmid`,`notesid`) VALUES ('{$id}','{$docid}')";
$wykonaj = $adb->query($sql, true);
}
}
if ($_REQUEST['return_name'] != "yes" || $_REQUEST['return_name'] == "") {
$storage_path = decideFilePath();
} else {
$storage_path = "storage/";
}
$zip = getTranslatedString($_REQUEST['usingmodule']) . '_' . date("YmdHis") . '.zip';
$zipname = 'storage/' . $zip;
$zipname = file_exist_fn($zipname, 0);
if (count($document_list) > 1) {
zipFilesAndDownload($document_list, $zipname, $storage_path, $zip);
} else {
if ($_REQUEST['return_name'] != "yes") {
header("Content-type: application/pdf");
header("Content-Disposition: attachment; filename=" . $document_list[0]);
header("Pragma: no-cache");
header("Expires: 0");
readfile($storage_path . "/" . $document_list[0]);
exit;
} elseif ($_REQUEST['return_name'] == "yes") {
return $document_list[0];
}
}
}
}
/** function to add attachment for a ticket ie., the passed contents will be write in a file and the details will be stored in database
* @param array $input_array - array which contains the following values
=> int $id - customer ie., contact id
int $sessionid - session id
int $ticketid - ticket id
string $filename - file name to be attached with the ticket
string $filetype - file type
int $filesize - file size
string $filecontents - file contents as base64 encoded format
* return void
*/
function add_ticket_attachment($input_array)
{
$adb = PearDatabase::getInstance();
$log = vglobal('log');
global $root_directory, $upload_badext;
$log->debug("Entering customer portal function add_ticket_attachment");
$adb->println("INPUT ARRAY for the function add_ticket_attachment");
$adb->println($input_array);
$id = $input_array['id'];
$sessionid = $input_array['sessionid'];
$ticketid = $input_array['ticketid'];
$filename = $input_array['filename'];
$filetype = $input_array['filetype'];
$filesize = $input_array['filesize'];
$filecontents = $input_array['filecontents'];
if (!validateSession($id, $sessionid)) {
return null;
}
//decide the file path where we should upload the file in the server
$upload_filepath = decideFilePath();
$attachmentid = $adb->getUniqueID("vtiger_crmentity");
//fix for space in file name
$filename = sanitizeUploadFileName($filename, $upload_badext);
$new_filename = $attachmentid . '_' . $filename;
$data = base64_decode($filecontents);
$description = 'CustomerPortal Attachment';
//write a file with the passed content
$handle = @fopen($upload_filepath . $new_filename, 'w');
fputs($handle, $data);
fclose($handle);
//Now store this file information in db and relate with the ticket
$date_var = $adb->formatDate(date('Y-m-d H:i:s'), true);
$crmquery = "insert into vtiger_crmentity (crmid,setype,description,createdtime) values(?,?,?,?)";
$crmresult = $adb->pquery($crmquery, array($attachmentid, 'HelpDesk Attachment', $description, $date_var));
$attachmentquery = "insert into vtiger_attachments(attachmentsid,name,description,type,path) values(?,?,?,?,?)";
$attachmentreulst = $adb->pquery($attachmentquery, array($attachmentid, $filename, $description, $filetype, $upload_filepath));
$relatedquery = "insert into vtiger_seattachmentsrel values(?,?)";
$relatedresult = $adb->pquery($relatedquery, array($ticketid, $attachmentid));
$user_id = getDefaultAssigneeId();
require_once 'modules/Documents/Documents.php';
$focus = new Documents();
$focus->column_fields['notes_title'] = $filename;
$focus->column_fields['filename'] = $filename;
$focus->column_fields['filetype'] = $filetype;
$focus->column_fields['filesize'] = $filesize;
$focus->column_fields['filelocationtype'] = 'I';
$focus->column_fields['filedownloadcount'] = 0;
$focus->column_fields['filestatus'] = 1;
$focus->column_fields['assigned_user_id'] = $user_id;
$focus->column_fields['folderid'] = 1;
$focus->parent_id = $ticketid;
$focus->save('Documents');
$related_doc = 'insert into vtiger_seattachmentsrel values (?,?)';
$res = $adb->pquery($related_doc, array($focus->id, $attachmentid));
$tic_doc = 'insert into vtiger_senotesrel values(?,?)';
$res = $adb->pquery($tic_doc, array($ticketid, $focus->id));
$log->debug("Exiting customer portal function add_ticket_attachment");
}
function add_attachment_to_contact($cid, $email, $emailid)
{
// add vtiger_attachments to contact
global $adb, $current_user, $default_charset;
for ($j = 0; $j < 2; $j++) {
if ($j == 0) {
$attachments = $email->downloadAttachments();
} else {
$attachments = $email->downloadInlineAttachments();
}
$upload_filepath = decideFilePath();
for ($i = 0, $num_files = count($attachments); $i < $num_files; $i++) {
$current_id = $adb->getUniqueID("vtiger_crmentity");
$date_var = $adb->formatDate(date('Y-m-d H:i:s'), true);
$filename = preg_replace("/[ ()-]+/", "_", $attachments[$i]["filename"]);
preg_match_all('/=\\?([^\\?]+)\\?([^\\?]+)\\?([^\\?]+)\\?=/', $filename, $matches);
$totalmatches = count($matches[0]);
for ($index = 0; $index < $totalmatches; ++$index) {
$charset = $matches[1][$index];
$encoding = strtoupper($matches[2][$index]);
$data = $matches[3][$index];
if ($encoding == 'B') {
$filename = base64_decode($data);
} else {
if ($encoding == 'Q') {
$filename = quoted_printable_decode($data);
}
}
$filename = iconv(str_replace('_', '-', $charset), $default_charset, $filename);
}
$saveasfile = $upload_filepath . '/' . $current_id . '_' . $filename;
$filetype = MailAttachmentMIME::detect($saveasfile);
$filesize = $attachments[$i]["filesize"];
$query = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,createdtime,modifiedtime) values(?,?,?,?,?,?,?)";
$qparams = array($current_id, $current_user->id, $current_user->id, 'Contacts Attachment', 'Uploaded from webmail during qualification', $date_var, $date_var);
$result = $adb->pquery($query, $qparams);
$sql = "insert into vtiger_attachments (attachmentsid,name,description,type,path) values(?,?,?,?,?)";
$params = array($current_id, $filename, 'Uploaded ' . $filename . ' from webmail', $filetype, $upload_filepath);
$result = $adb->pquery($sql, $params);
if (!empty($result)) {
// Create document record
$document = new Documents();
$document->column_fields['notes_title'] = $filename;
$document->column_fields['filename'] = $filename;
$document->column_fields['filesize'] = $filesize;
$document->column_fields['filetype'] = $filetype;
$document->column_fields['filestatus'] = 1;
$document->column_fields['filelocationtype'] = 'I';
$document->column_fields['folderid'] = 1;
// Default Folder
$document->column_fields['assigned_user_id'] = $current_user->id;
$document->save('Documents');
$sql1 = "insert into vtiger_senotesrel values(?,?)";
$params1 = array($cid, $document->id);
$result = $adb->pquery($sql1, $params1);
$sql1 = "insert into vtiger_seattachmentsrel values(?,?)";
$params1 = array($document->id, $current_id);
$result = $adb->pquery($sql1, $params1);
$sql1 = "insert into vtiger_seattachmentsrel values(?,?)";
$params1 = array($emailid, $current_id);
$result = $adb->pquery($sql1, $params1);
}
//we have to add attachmentsid_ as prefix for the filename
$move_filename = $upload_filepath . '/' . $current_id . '_' . $filename;
$fp = fopen($move_filename, "w") or die("Can't open file");
fputs($fp, base64_decode($attachments[$i]["filedata"]));
fclose($fp);
}
}
}
/**
* This function is used to upload the attachment in the server and save that attachment information in db.
* @param int $id - entity id to which the file to be uploaded
* @param string $module - the current module name
* @param array $file_details - array which contains the file information(name, type, size, tmp_name and error)
* return void
*/
function uploadAndSaveFile($id, $module, $file_details, $attachmentname = '', $direct_import = false)
{
global $log;
$fparams = print_r($file_details, true);
$log->debug("Entering into uploadAndSaveFile({$id},{$module},{$fparams}) method.");
global $adb, $current_user;
global $upload_badext;
$date_var = date("Y-m-d H:i:s");
//to get the owner id
$ownerid = $this->column_fields['assigned_user_id'];
if (!isset($ownerid) || $ownerid == '') {
$ownerid = $current_user->id;
}
if (isset($file_details['original_name']) && $file_details['original_name'] != null) {
$file_name = $file_details['original_name'];
} else {
$file_name = $file_details['name'];
}
$binFile = sanitizeUploadFileName($file_name, $upload_badext);
$current_id = $adb->getUniqueID("vtiger_crmentity");
$filename = ltrim(basename(" " . $binFile));
//allowed filename like UTF-8 characters
$filetype = $file_details['type'];
$filesize = $file_details['size'];
$filetmp_name = $file_details['tmp_name'];
//get the file path inwhich folder we want to upload the file
$upload_file_path = decideFilePath();
//upload the file in server
if ($direct_import) {
$upload_status = copy($filetmp_name, $upload_file_path . $current_id . "_" . $binFile);
} else {
$upload_status = move_uploaded_file($filetmp_name, $upload_file_path . $current_id . "_" . $binFile);
}
if ($upload_status) {
$description_val = empty($this->column_fields['description']) ? '' : $this->column_fields['description'];
if ($module == 'Contacts' || $module == 'Products') {
$sql1 = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,createdtime,modifiedtime) values(?, ?, ?, ?, ?, ?, ?)";
$params1 = array($current_id, $current_user->id, $ownerid, $module . " Image", $description_val, $adb->formatDate($date_var, true), $adb->formatDate($date_var, true));
} else {
$sql1 = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,createdtime,modifiedtime) values(?, ?, ?, ?, ?, ?, ?)";
$params1 = array($current_id, $current_user->id, $ownerid, $module . " Attachment", $description_val, $adb->formatDate($date_var, true), $adb->formatDate($date_var, true));
}
$adb->pquery($sql1, $params1);
$sql2 = "insert into vtiger_attachments(attachmentsid, name, description, type, path) values(?, ?, ?, ?, ?)";
$params2 = array($current_id, $filename, $description_val, $filetype, $upload_file_path);
$result = $adb->pquery($sql2, $params2);
if ($_REQUEST['mode'] == 'edit') {
if ($id != '' && isset($_REQUEST['fileid']) && $_REQUEST['fileid'] != '') {
$delquery = 'delete from vtiger_seattachmentsrel where crmid = ? and attachmentsid = ?';
$delparams = array($id, vtlib_purify($_REQUEST['fileid']));
$adb->pquery($delquery, $delparams);
}
}
if ($module == 'Documents') {
$query = "delete from vtiger_seattachmentsrel where crmid = ?";
$qparams = array($id);
$adb->pquery($query, $qparams);
}
if ($module == 'Contacts' || property_exists($this, 'HasDirectImageField') && $this->HasDirectImageField) {
if ($module == 'Contacts') {
$imageattachment = 'Image';
} else {
$imageattachment = 'Attachment';
}
$att_sql = "select vtiger_seattachmentsrel.attachmentsid from vtiger_seattachmentsrel\n\t\t\t\t inner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_seattachmentsrel.attachmentsid\n\t\t\t\t inner join vtiger_attachments on vtiger_crmentity.crmid=vtiger_attachments.attachmentsid\n\t\t\t\t where vtiger_crmentity.setype='{$module} {$imageattachment}'\n\t\t\t\t and vtiger_attachments.name=?\n\t\t\t\t and vtiger_seattachmentsrel.crmid=?";
$res = $adb->pquery($att_sql, array($attachmentname, $id));
$attachmentsid = $adb->query_result($res, 0, 'attachmentsid');
if ($attachmentsid != '') {
$delquery = 'delete from vtiger_seattachmentsrel where crmid=? and attachmentsid=?';
$adb->pquery($delquery, array($id, $attachmentsid));
$crm_delquery = "delete from vtiger_crmentity where crmid=?";
$adb->pquery($crm_delquery, array($attachmentsid));
$sql5 = 'insert into vtiger_seattachmentsrel values(?,?)';
$adb->pquery($sql5, array($id, $current_id));
} else {
$sql3 = 'insert into vtiger_seattachmentsrel values(?,?)';
$adb->pquery($sql3, array($id, $current_id));
}
} else {
$sql3 = 'insert into vtiger_seattachmentsrel values(?,?)';
$adb->pquery($sql3, array($id, $current_id));
}
return true;
} else {
$log->debug("Skip the save attachment process.");
return false;
}
}
function preSaveCheck($request)
{
global $adb, $log;
$saveerror = false;
$errmsg = '';
if ($this->mode == '' && $_REQUEST['filelocationtype'] == 'I' && $_REQUEST['action'] != 'DocumentsAjax') {
$upload_file_path = decideFilePath();
$dirpermission = is_writable($upload_file_path);
$upload = is_uploaded_file($_FILES['filename']['tmp_name']);
if (!$dirpermission || ($_FILES['error'] != 0 and $_FILES['error'] != 4) || (!$upload and $_FILES['error'] != 4)) {
$saveerror = true;
$errmsg = getTranslatedString('LBL_FILEUPLOAD_FAILED', 'Documents');
}
}
return array($saveerror, $errmsg, 'EditView', '');
}
/**
* This function is used to upload the attachment in the server and save that attachment information in db.
* @param int $id - entity id to which the file to be uploaded
* @param string $module - the current module name
* @param array $file_details - array which contains the file information(name, type, size, tmp_name and error)
* return void
*/
function uploadAndSaveFile($id, $module, $file_details)
{
global $log;
$log->debug("Entering into uploadAndSaveFile({$id},{$module},{$file_details}) method.");
global $adb, $current_user;
global $upload_badext;
$date_var = date("Y-m-d H:i:s");
//to get the owner id
$ownerid = $this->column_fields['assigned_user_id'];
if (!isset($ownerid) || $ownerid == '') {
$ownerid = $current_user->id;
}
if (isset($file_details['original_name']) && $file_details['original_name'] != null) {
$file_name = $file_details['original_name'];
} else {
$file_name = $file_details['name'];
}
$save_file = 'true';
//only images are allowed for Image Attachmenttype
$mimeType = mime_content_type($file_details['tmp_name']);
$mimeTypeContents = explode('/', $mimeType);
// For contacts and products we are sending attachmentType as value
if ($attachmentType == 'Image' || $file_details['size'] && $mimeTypeContents[0] == 'image') {
$save_file = validateImageFile($file_details);
}
if ($save_file == 'false') {
return false;
}
$binFile = sanitizeUploadFileName($file_name, $upload_badext);
$current_id = $adb->getUniqueID("vtiger_crmentity");
$filename = ltrim(basename(" " . $binFile));
//allowed filename like UTF-8 characters
$filetype = $file_details['type'];
$filesize = $file_details['size'];
$filetmp_name = $file_details['tmp_name'];
//get the file path inwhich folder we want to upload the file
$upload_file_path = decideFilePath();
//upload the file in server
$upload_status = move_uploaded_file($filetmp_name, $upload_file_path . $current_id . "_" . $binFile);
$save_file = 'true';
//only images are allowed for these modules
//SalesPlatform.ru begin
//if ($module == 'Contacts' || $module == 'Products') {
// $save_file = validateImageFile($file_details);
//}
//SalesPlatform.ru end
if ($save_file == 'true' && $upload_status == 'true') {
//This is only to update the attached filename in the vtiger_notes vtiger_table for the Notes module
if ($module == 'Contacts' || $module == 'Products') {
$sql1 = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,createdtime,modifiedtime) values(?, ?, ?, ?, ?, ?, ?)";
$params1 = array($current_id, $current_user->id, $ownerid, $module . " Image", $this->column_fields['description'], $adb->formatDate($date_var, true), $adb->formatDate($date_var, true));
} else {
$sql1 = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,createdtime,modifiedtime) values(?, ?, ?, ?, ?, ?, ?)";
$params1 = array($current_id, $current_user->id, $ownerid, $module . " Attachment", $this->column_fields['description'], $adb->formatDate($date_var, true), $adb->formatDate($date_var, true));
}
$adb->pquery($sql1, $params1);
$sql2 = "insert into vtiger_attachments(attachmentsid, name, description, type, path) values(?, ?, ?, ?, ?)";
$params2 = array($current_id, $filename, $this->column_fields['description'], $filetype, $upload_file_path);
$result = $adb->pquery($sql2, $params2);
if ($_REQUEST['mode'] == 'edit') {
if ($id != '' && vtlib_purify($_REQUEST['fileid']) != '') {
$delquery = 'delete from vtiger_seattachmentsrel where crmid = ? and attachmentsid = ?';
$delparams = array($id, vtlib_purify($_REQUEST['fileid']));
$adb->pquery($delquery, $delparams);
}
}
if ($module == 'Documents') {
$query = "delete from vtiger_seattachmentsrel where crmid = ?";
$qparams = array($id);
$adb->pquery($query, $qparams);
}
if ($module == 'Contacts') {
$att_sql = "select vtiger_seattachmentsrel.attachmentsid from vtiger_seattachmentsrel inner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_seattachmentsrel.attachmentsid where vtiger_crmentity.setype='Contacts Image' and vtiger_seattachmentsrel.crmid=?";
$res = $adb->pquery($att_sql, array($id));
$attachmentsid = $adb->query_result($res, 0, 'attachmentsid');
if ($attachmentsid != '') {
$delquery = 'delete from vtiger_seattachmentsrel where crmid=? and attachmentsid=?';
$adb->pquery($delquery, array($id, $attachmentsid));
$crm_delquery = "delete from vtiger_crmentity where crmid=?";
$adb->pquery($crm_delquery, array($attachmentsid));
$sql5 = 'insert into vtiger_seattachmentsrel values(?,?)';
$adb->pquery($sql5, array($id, $current_id));
} else {
$sql3 = 'insert into vtiger_seattachmentsrel values(?,?)';
$adb->pquery($sql3, array($id, $current_id));
}
} else {
$sql3 = 'insert into vtiger_seattachmentsrel values(?,?)';
$adb->pquery($sql3, array($id, $current_id));
}
return true;
} else {
$log->debug("Skip the save attachment process.");
return false;
}
}
function preSaveCheck($request)
{
global $adb, $log;
$saveerror = false;
$errmsg = '';
$upload_file_path = decideFilePath();
$dirpermission = is_writable($upload_file_path);
$upload = is_uploaded_file($_FILES['filename']['tmp_name']);
if ((!$dirpermission || !$upload) && $_REQUEST['action'] != "DocumentsAjax") {
$saveerror = true;
$errmsg = getTranslatedString('LBL_FILEUPLOAD_FAILED', 'Documents');
}
return array($saveerror, $errmsg, 'EditView', '');
}
/**
* Save the Mail Attachments to DB
* @global PearDataBase Instance $adb
* @global Users Instance $current_user
* @global Array $upload_badext
* @param String $filename - name of the file
* @param Text $filecontent
* @return Array with attachment information
*/
function __SaveAttachmentFile($filename, $filecontent)
{
require_once 'modules/Settings/MailScanner/core/MailAttachmentMIME.php';
global $adb, $current_user, $upload_badext;
$dirname = decideFilePath();
$usetime = $adb->formatDate(date('ymdHis'), true);
$binFile = sanitizeUploadFileName($filename, $upload_badext);
$attachid = $adb->getUniqueId('vtiger_crmentity');
$saveasfile = "{$dirname}/{$attachid}" . "_" . $binFile;
$fh = fopen($saveasfile, 'wb');
fwrite($fh, $filecontent);
fclose($fh);
$mimetype = MailAttachmentMIME::detect($saveasfile);
$adb->pquery("INSERT INTO vtiger_crmentity(crmid, smcreatorid, smownerid,\n\t\t\t\tmodifiedby, setype, description, createdtime, modifiedtime, presence, deleted)\n\t\t\t\tVALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", array($attachid, $current_user->id, $current_user->id, $current_user->id, "MailManager Attachment", $binFile, $usetime, $usetime, 1, 0));
$adb->pquery("INSERT INTO vtiger_attachments SET attachmentsid=?, name=?, description=?, type=?, path=?", array($attachid, $binFile, $binFile, $mimetype, $dirname));
$attachInfo = array('attachid' => $attachid, 'path' => $dirname, 'name' => $binFile, 'type' => $mimetype, 'size' => filesize($saveasfile));
return $attachInfo;
}
public function attachFile($filePath, $filename, $filetype)
{
if (null === $this->_mailRecord) {
return;
}
$adb = \PearDatabase::getInstance();
$current_user = \Users_Record_Model::getCurrentUserModel();
$upload_file_path = decideFilePath();
$date_var = date("Y-m-d H:i:s");
$next_id = $adb->getUniqueID("vtiger_crmentity");
if (is_array($filename)) {
if (!empty($filename['filename'])) {
$filename = $filename['filename'];
} else {
$filename = 'unknown-filename.txt';
}
}
rename($filePath, $upload_file_path . $next_id . "_" . $filename);
$sql1 = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,createdtime,modifiedtime) values(?, ?, ?, ?, ?, ?, ?)";
$params1 = array($next_id, $current_user->id, $current_user->id, "Documents Attachment", 'Documents Attachment', date("Y-m-d H:i:s"), date("Y-m-d H:i:s"));
$adb->pquery($sql1, $params1);
$sql2 = "insert into vtiger_attachments(attachmentsid, name, description, type, path) values(?, ?, ?, ?, ?)";
$params2 = array($next_id, $filename, $this->_mailRecord->column_fields["description"], $filetype, $upload_file_path);
$adb->pquery($sql2, $params2, true);
$sql3 = 'insert into vtiger_seattachmentsrel values(?,?)';
$adb->pquery($sql3, array($this->_mailRecord->id, $next_id));
}