Пример #1
0
 /**
  * @param array $cxn
  * @param string $entity
  * @param string $action
  * @param array $params
  * @return mixed
  */
 public static function route($cxn, $entity, $action, $params)
 {
     $SUPER_PERM = array('administer CiviCRM');
     require_once 'api/v3/utils.php';
     // FIXME: Shouldn't the X-Forwarded-Proto check be part of CRM_Utils_System::isSSL()?
     if (CRM_Core_BAO_Setting::getItem(CRM_Core_BAO_Setting::SYSTEM_PREFERENCES_NAME, 'enableSSL') && !CRM_Utils_System::isSSL() && strtolower(CRM_Utils_Array::value('X_FORWARDED_PROTO', CRM_Utils_System::getRequestHeaders())) != 'https') {
         return civicrm_api3_create_error('System policy requires HTTPS.');
     }
     // Note: $cxn and cxnId are authenticated before router is called.
     $dao = new CRM_Cxn_DAO_Cxn();
     $dao->cxn_id = $cxn['cxnId'];
     if (empty($cxn['cxnId']) || !$dao->find(TRUE) || !$dao->cxn_id) {
         return civicrm_api3_create_error('Failed to lookup connection authorizations.');
     }
     if (!$dao->is_active) {
         return civicrm_api3_create_error('Connection is inactive.');
     }
     if (!is_string($entity) || !is_string($action) || !is_array($params)) {
         return civicrm_api3_create_error('API parameters are malformed.');
     }
     if (empty($cxn['perm']['api']) || !is_array($cxn['perm']['api']) || empty($cxn['perm']['grant']) || !(is_array($cxn['perm']['grant']) || is_string($cxn['perm']['grant']))) {
         return civicrm_api3_create_error('Connection has no permissions.');
     }
     $whitelist = \Civi\API\WhitelistRule::createAll($cxn['perm']['api']);
     \Civi::service('dispatcher')->addSubscriber(new \Civi\API\Subscriber\WhitelistSubscriber($whitelist));
     CRM_Core_Config::singleton()->userPermissionTemp = new CRM_Core_Permission_Temp();
     if ($cxn['perm']['grant'] === '*') {
         CRM_Core_Config::singleton()->userPermissionTemp->grant($SUPER_PERM);
     } else {
         CRM_Core_Config::singleton()->userPermissionTemp->grant($cxn['perm']['grant']);
     }
     $params['check_permissions'] = 'whitelist';
     return civicrm_api($entity, $action, $params);
 }
 /**
  * Add element to form
  *
  */
 function add(&$form)
 {
     $error = NULL;
     $config = CRM_Core_Config::singleton();
     $useSSL = FALSE;
     require_once 'packages/recaptcha/recaptchalib.php';
     // See if we are using SSL
     if (CRM_Utils_System::isSSL()) {
         $useSSL = TRUE;
     }
     $html = recaptcha_get_html($config->recaptchaPublicKey, $error, $useSSL);
     $form->assign('recaptchaHTML', $html);
     $form->assign('recaptchaOptions', $config->recaptchaOptions);
     $form->add('text', 'recaptcha_challenge_field', NULL, NULL, TRUE);
     $form->add('hidden', 'recaptcha_response_field', 'manual_challenge');
     $form->registerRule('recaptcha', 'callback', 'validate', 'CRM_Utils_ReCAPTCHA');
     $form->addRule('recaptcha_challenge_field', ts('Input text must match the phrase in the image. Please review the image and re-enter matching text.'), 'recaptcha', $form);
 }
Пример #3
0
 /**
  * Add element to form.
  *
  * @param CRM_Core_Form $form
  */
 public static function add(&$form)
 {
     $error = NULL;
     $config = CRM_Core_Config::singleton();
     $useSSL = FALSE;
     if (!function_exists('recaptcha_get_html')) {
         require_once 'packages/recaptcha/recaptchalib.php';
     }
     // See if we are using SSL
     if (CRM_Utils_System::isSSL()) {
         $useSSL = TRUE;
     }
     $html = recaptcha_get_html($config->recaptchaPublicKey, $error, $useSSL);
     $form->assign('recaptchaHTML', $html);
     $form->assign('recaptchaOptions', $config->recaptchaOptions);
     $form->add('text', 'g-recaptcha-response', 'reCaptcha', NULL, TRUE);
     $form->registerRule('recaptcha', 'callback', 'validate', 'CRM_Utils_ReCAPTCHA');
     if ($form->isSubmitted() && empty($form->_submitValues['g-recaptcha-response'])) {
         $form->setElementError('g-recaptcha-response', ts('Input text must match the phrase in the image. Please review the image and re-enter matching text.'));
     }
 }
Пример #4
0
 /**
  * Format the url as per language Negotiation.
  *
  * @param string $url
  *
  * @return string $url, formatted url.
  * @static
  */
 function languageNegotiationURL($url, $addLanguagePart = TRUE, $removeLanguagePart = FALSE)
 {
     if (empty($url)) {
         return $url;
     }
     //CRM-7803 -from d7 onward.
     $config = CRM_Core_Config::singleton();
     if (function_exists('variable_get') && module_exists('locale') && function_exists('language_negotiation_get')) {
         global $language;
         //does user configuration allow language
         //support from the URL (Path prefix or domain)
         if (language_negotiation_get('language') == 'locale-url') {
             $urlType = variable_get('locale_language_negotiation_url_part');
             //url prefix
             if ($urlType == LOCALE_LANGUAGE_NEGOTIATION_URL_PREFIX) {
                 if (isset($language->prefix) && $language->prefix) {
                     if ($addLanguagePart) {
                         $url .= $language->prefix . '/';
                     }
                     if ($removeLanguagePart) {
                         $url = str_replace("/{$language->prefix}/", '/', $url);
                     }
                 }
             }
             //domain
             if ($urlType == LOCALE_LANGUAGE_NEGOTIATION_URL_DOMAIN) {
                 if (isset($language->domain) && $language->domain) {
                     if ($addLanguagePart) {
                         $url = (CRM_Utils_System::isSSL() ? 'https' : 'http') . '://' . $language->domain . base_path();
                     }
                     if ($removeLanguagePart && defined('CIVICRM_UF_BASEURL')) {
                         $url = str_replace('\\', '/', $url);
                         $parseUrl = parse_url($url);
                         //kinda hackish but not sure how to do it right
                         //hope http_build_url() will help at some point.
                         if (is_array($parseUrl) && !empty($parseUrl)) {
                             $urlParts = explode('/', $url);
                             $hostKey = array_search($parseUrl['host'], $urlParts);
                             $ufUrlParts = parse_url(CIVICRM_UF_BASEURL);
                             $urlParts[$hostKey] = $ufUrlParts['host'];
                             $url = implode('/', $urlParts);
                         }
                     }
                 }
             }
         }
     }
     return $url;
 }
Пример #5
0
 /**
  * Determine the location of the CiviCRM source tree.
  *
  * @return array
  *   - url: string. ex: "http://example.com/sites/all/modules/civicrm"
  *   - path: string. ex: "/var/www/sites/all/modules/civicrm"
  */
 public function getCiviSourceStorage()
 {
     global $civicrm_root;
     // Don't use $config->userFrameworkBaseURL; it has garbage on it.
     // More generally, we shouldn't be using $config here.
     if (!defined('CIVICRM_UF_BASEURL')) {
         throw new RuntimeException('Undefined constant: CIVICRM_UF_BASEURL');
     }
     $cmsPath = $this->cmsRootPath();
     // $config  = CRM_Core_Config::singleton();
     // overkill? // $cmsUrl = CRM_Utils_System::languageNegotiationURL($config->userFrameworkBaseURL, FALSE, TRUE);
     $cmsUrl = CIVICRM_UF_BASEURL;
     if (CRM_Utils_System::isSSL()) {
         $cmsUrl = str_replace('http://', 'https://', $cmsUrl);
     }
     $civiRelPath = CRM_Utils_File::relativize($civicrm_root, $cmsPath);
     $civiUrl = rtrim($cmsUrl, '/') . '/' . ltrim($civiRelPath, ' /');
     return array('url' => CRM_Utils_File::addTrailingSlash($civiUrl, '/'), 'path' => CRM_Utils_File::addTrailingSlash($civicrm_root));
 }
Пример #6
0
 /**
  * @inheritDoc
  */
 public function languageNegotiationURL($url, $addLanguagePart = TRUE, $removeLanguagePart = FALSE)
 {
     if (empty($url)) {
         return $url;
     }
     if (function_exists('config_get') && module_exists('locale') && function_exists('language_negotiation_get')) {
         global $language;
         // Check if language support from the URL (Path prefix or domain) is set.
         if (language_negotiation_get('language') == 'locale-url') {
             $urlType = config_get('locale.settings', 'locale_language_negotiation_url_part');
             // URL prefix negotiation.
             if ($urlType == LANGUAGE_NEGOTIATION_URL_PREFIX) {
                 if (isset($language->prefix) && $language->prefix) {
                     if ($addLanguagePart) {
                         $url .= $language->prefix . '/';
                     }
                     if ($removeLanguagePart) {
                         $url = str_replace("/{$language->prefix}/", '/', $url);
                     }
                 }
             }
             // Domain negotiation.
             if ($urlType == LANGUAGE_NEGOTIATION_URL_DOMAIN) {
                 if (isset($language->domain) && $language->domain) {
                     if ($addLanguagePart) {
                         $cleanedUrl = preg_replace('#^https?://#', '', $language->domain);
                         // Backdrop function base_path() adds a "/" to the beginning and
                         // end of the returned path.
                         if (substr($cleanedUrl, -1) == '/') {
                             $cleanedUrl = substr($cleanedUrl, 0, -1);
                         }
                         $url = (CRM_Utils_System::isSSL() ? 'https' : 'http') . '://' . $cleanedUrl . base_path();
                     }
                     if ($removeLanguagePart && defined('CIVICRM_UF_BASEURL')) {
                         $url = str_replace('\\', '/', $url);
                         $parseUrl = parse_url($url);
                         //kinda hackish but not sure how to do it right
                         //hope http_build_url() will help at some point.
                         if (is_array($parseUrl) && !empty($parseUrl)) {
                             $urlParts = explode('/', $url);
                             $hostKey = array_search($parseUrl['host'], $urlParts);
                             $ufUrlParts = parse_url(CIVICRM_UF_BASEURL);
                             $urlParts[$hostKey] = $ufUrlParts['host'];
                             $url = implode('/', $urlParts);
                         }
                     }
                 }
             }
         }
     }
     return $url;
 }
Пример #7
0
 /**
  * Determine the location of the CiviCRM source tree.
  *
  * FIXME:
  *  1. This was pulled out from a bigger function. It should be split
  *     into even smaller pieces and marked abstract.
  *  2. This would be easier to compute by a calling a CMS API, but
  *     for whatever reason we take the hard way.
  *
  * @return array
  *   - url: string. ex: "http://example.com/sites/all/modules/civicrm"
  *   - path: string. ex: "/var/www/sites/all/modules/civicrm"
  */
 public function getCiviSourceStorage()
 {
     global $civicrm_root;
     $config = CRM_Core_Config::singleton();
     // Don't use $config->userFrameworkBaseURL; it has garbage on it.
     // More generally, w shouldn't be using $config here.
     if (!defined('CIVICRM_UF_BASEURL')) {
         throw new RuntimeException('Undefined constant: CIVICRM_UF_BASEURL');
     }
     $baseURL = CRM_Utils_File::addTrailingSlash(CIVICRM_UF_BASEURL, '/');
     if (CRM_Utils_System::isSSL()) {
         $baseURL = str_replace('http://', 'https://', $baseURL);
     }
     if ($config->userFramework == 'Joomla') {
         $userFrameworkResourceURL = $baseURL . "components/com_civicrm/civicrm/";
     } elseif ($config->userFramework == 'WordPress') {
         $userFrameworkResourceURL = CIVICRM_PLUGIN_URL . "civicrm/";
     } elseif ($this->is_drupal) {
         // Drupal setting
         // check and see if we are installed in sites/all (for D5 and above)
         // we dont use checkURL since drupal generates an error page and throws
         // the system for a loop on lobo's macosx box
         // or in modules
         $cmsPath = $config->userSystem->cmsRootPath();
         $userFrameworkResourceURL = $baseURL . str_replace("{$cmsPath}/", '', str_replace('\\', '/', $civicrm_root));
         $siteName = $config->userSystem->parseDrupalSiteName($civicrm_root);
         if ($siteName) {
             $civicrmDirName = trim(basename($civicrm_root));
             $userFrameworkResourceURL = $baseURL . "sites/{$siteName}/modules/{$civicrmDirName}/";
         }
     } else {
         $userFrameworkResourceURL = NULL;
     }
     return array('url' => CRM_Utils_File::addTrailingSlash($userFrameworkResourceURL), 'path' => CRM_Utils_File::addTrailingSlash($civicrm_root));
 }
Пример #8
0
 /**
  * @param int $activity_id
  * @param int $contact_id
  * @param int $petition_id
  *
  * @return bool
  */
 public function confirmSignature($activity_id, $contact_id, $petition_id)
 {
     // change activity status to completed (status_id = 2)
     // I wonder why do we need contact_id when we have activity_id anyway? [chastell]
     $sql = 'UPDATE civicrm_activity SET status_id = 2 WHERE id = %1';
     $activityContacts = CRM_Core_OptionGroup::values('activity_contacts', FALSE, FALSE, FALSE, NULL, 'name');
     $sourceID = CRM_Utils_Array::key('Activity Source', $activityContacts);
     $params = array(1 => array($activity_id, 'Integer'), 2 => array($contact_id, 'Integer'), 3 => array($sourceID, 'Integer'));
     CRM_Core_DAO::executeQuery($sql, $params);
     $sql = 'UPDATE civicrm_activity_contact SET contact_id = %2 WHERE activity_id = %1 AND record_type_id = %3';
     CRM_Core_DAO::executeQuery($sql, $params);
     // remove 'Unconfirmed' tag for this contact
     $tag_name = Civi::settings()->get('tag_unconfirmed');
     $sql = "\nDELETE FROM civicrm_entity_tag\nWHERE       entity_table = 'civicrm_contact'\nAND         entity_id = %1\nAND         tag_id = ( SELECT id FROM civicrm_tag WHERE name = %2 )";
     $params = array(1 => array($contact_id, 'Integer'), 2 => array($tag_name, 'String'));
     CRM_Core_DAO::executeQuery($sql, $params);
     // validate arguments to setcookie are numeric to prevent header manipulation
     if (isset($petition_id) && is_numeric($petition_id) && isset($activity_id) && is_numeric($activity_id)) {
         // set permanent cookie to indicate this users email address now confirmed
         $config = CRM_Core_Config::singleton();
         $url_parts = parse_url($config->userFrameworkBaseURL);
         setcookie("confirmed_{$petition_id}", $activity_id, time() + $this->cookieExpire, $url_parts['path'], $url_parts['host'], CRM_Utils_System::isSSL());
         return TRUE;
     } else {
         CRM_Core_Error::fatal(ts('Petition Id and/or Activity Id is not of the type Positive.'));
         return FALSE;
     }
 }
Пример #9
0
 /**
  * Initialize the config variables.
  *
  * @return void
  */
 private function _initVariables()
 {
     // retrieve serialised settings
     $variables = array();
     CRM_Core_BAO_ConfigSetting::retrieve($variables);
     // if settings are not available, go down the full path
     if (empty($variables)) {
         // Step 1. get system variables with their hardcoded defaults
         $variables = get_object_vars($this);
         // Step 2. get default values (with settings file overrides if
         // available - handled in CRM_Core_Config_Defaults)
         CRM_Core_Config_Defaults::setValues($variables);
         // retrieve directory and url preferences also
         CRM_Core_BAO_Setting::retrieveDirectoryAndURLPreferences($variables);
         // add component specific settings
         $this->componentRegistry->addConfig($this);
         // serialise settings
         $settings = $variables;
         CRM_Core_BAO_ConfigSetting::add($settings);
     }
     $urlArray = array('userFrameworkResourceURL', 'imageUploadURL');
     $dirArray = array('uploadDir', 'customFileUploadDir');
     foreach ($variables as $key => $value) {
         if (in_array($key, $urlArray)) {
             $value = CRM_Utils_File::addTrailingSlash($value, '/');
         } elseif (in_array($key, $dirArray)) {
             if ($value) {
                 $value = CRM_Utils_File::addTrailingSlash($value);
             }
             if (empty($value) || CRM_Utils_File::createDir($value, FALSE) === FALSE) {
                 // seems like we could not create the directories
                 // settings might have changed, lets suppress a message for now
                 // so we can make some more progress and let the user fix their settings
                 // for now we assign it to a know value
                 // CRM-4949
                 $value = $this->templateCompileDir;
                 $url = CRM_Utils_System::url('civicrm/admin/setting/path', 'reset=1');
                 CRM_Core_Session::setStatus(ts('%1 has an incorrect directory path. Please go to the <a href="%2">path setting page</a> and correct it.', array(1 => $key, 2 => $url)), ts('Check Settings'), 'alert');
             }
         } elseif ($key == 'lcMessages') {
             // reset the templateCompileDir to locale-specific and make sure it exists
             if (substr($this->templateCompileDir, -1 * strlen($value) - 1, -1) != $value) {
                 $this->templateCompileDir .= CRM_Utils_File::addTrailingSlash($value);
                 CRM_Utils_File::createDir($this->templateCompileDir);
                 CRM_Utils_File::restrictAccess($this->templateCompileDir);
             }
         }
         $this->{$key} = $value;
     }
     if ($this->userFrameworkResourceURL) {
         // we need to do this here so all blocks also load from an ssl server
         if (CRM_Utils_System::isSSL()) {
             CRM_Utils_System::mapConfigToSSL();
         }
         $rrb = parse_url($this->userFrameworkResourceURL);
         // don't use absolute path if resources are stored on a different server
         // CRM-4642
         $this->resourceBase = $this->userFrameworkResourceURL;
         if (isset($_SERVER['HTTP_HOST']) && isset($rrb['host'])) {
             $this->resourceBase = $rrb['host'] == $_SERVER['HTTP_HOST'] ? $rrb['path'] : $this->userFrameworkResourceURL;
         }
     }
     if (!$this->customFileUploadDir) {
         $this->customFileUploadDir = $this->uploadDir;
     }
     if ($this->geoProvider) {
         $this->geocodeMethod = 'CRM_Utils_Geocode_' . $this->geoProvider;
     } elseif ($this->mapProvider) {
         $this->geocodeMethod = 'CRM_Utils_Geocode_' . $this->mapProvider;
     }
     require_once str_replace('_', DIRECTORY_SEPARATOR, $this->userFrameworkClass) . '.php';
     $class = $this->userFrameworkClass;
     // redundant with _setUserFrameworkConfig
     $this->userSystem = new $class();
 }
Пример #10
0
 /**
  * Determine the URL to a file.
  *
  * @param string $value
  *   The file path. The path may begin with a variable, e.g. "[civicrm.files]/upload".
  * @param string $preferFormat
  *   The preferred format ('absolute', 'relative').
  *   The result data may not meet the preference -- if the setting
  *   refers to an external domain, then the result will be
  *   absolute (regardless of preference).
  * @param bool|NULL $ssl
  *   NULL to autodetect. TRUE to force to SSL.
  * @return mixed|string
  */
 public function getUrl($value, $preferFormat = 'relative', $ssl = NULL)
 {
     $defaultContainer = self::DEFAULT_URL;
     if ($value && $value[0] == '[' && preg_match(';^\\[([a-zA-Z0-9\\._]+)\\](/(.*))$;', $value, $matches)) {
         $defaultContainer = $matches[1];
         $value = empty($matches[3]) ? '.' : $matches[3];
     }
     if (empty($value)) {
         return FALSE;
     }
     if ($value === '.') {
         $value = '';
     }
     if (substr($value, 0, 4) == 'http') {
         return $value;
     }
     $value = $this->getVariable($defaultContainer, 'url') . $value;
     if ($preferFormat === 'relative') {
         $parsed = parse_url($value);
         if (isset($_SERVER['HTTP_HOST']) && isset($parsed['host']) && $_SERVER['HTTP_HOST'] == $parsed['host']) {
             $value = $parsed['path'];
         }
     }
     if ($ssl || $ssl === NULL && \CRM_Utils_System::isSSL()) {
         $value = str_replace('http://', 'https://', $value);
     }
     return $value;
 }