/**
* Get all the link related to module based on type
* @param Integer Module ID
* @param mixed String or List of types to select
* @param Map Key-Value pair to use for formating the link url
*/
static function getAllByType($tabid, $type = false, $parameters = false)
{
global $adb, $current_user;
self::__initSchema();
$multitype = false;
$orderby = " order by linktype,sequence";
if ($type) {
// Multiple link type selection?
if (is_array($type)) {
$multitype = true;
if ($tabid === self::IGNORE_MODULE) {
$sql = 'SELECT * FROM vtiger_links WHERE linktype IN (' . Vtiger_Utils::implodestr('?', count($type), ',') . ') ';
$params = $type;
$permittedTabIdList = getPermittedModuleIdList();
if (count($permittedTabIdList) > 0 && $current_user->is_admin !== 'on') {
$sql .= ' and tabid IN (' . Vtiger_Utils::implodestr('?', count($permittedTabIdList), ',') . ')';
$params[] = $permittedTabIdList;
}
$result = $adb->pquery($sql . $orderby, array($adb->flatten_array($params)));
} else {
$result = $adb->pquery('SELECT * FROM vtiger_links WHERE tabid=? AND linktype IN (' . Vtiger_Utils::implodestr('?', count($type), ',') . ')' . $orderby, array($tabid, $adb->flatten_array($type)));
}
} else {
// Single link type selection
if ($tabid === self::IGNORE_MODULE) {
$result = $adb->pquery('SELECT * FROM vtiger_links WHERE linktype=?' . $orderby, array($type));
} else {
$result = $adb->pquery('SELECT * FROM vtiger_links WHERE tabid=? AND linktype=?' . $orderby, array($tabid, $type));
}
}
} else {
$result = $adb->pquery('SELECT * FROM vtiger_links WHERE tabid=?' . $orderby, array($tabid));
}
$strtemplate = new Vtiger_StringTemplate();
if ($parameters) {
foreach ($parameters as $key => $value) {
$strtemplate->assign($key, $value);
}
}
$instances = array();
if ($multitype) {
foreach ($type as $t) {
$instances[$t] = array();
}
}
while ($row = $adb->fetch_array($result)) {
$instance = new self();
$instance->initialize($row);
if (!empty($row['handler_path']) && isFileAccessible($row['handler_path'])) {
checkFileAccessForInclusion($row['handler_path']);
require_once $row['handler_path'];
$linkData = new Vtiger_LinkData($instance, $current_user);
$ignore = call_user_func(array($row['handler_class'], $row['handler']), $linkData);
if (!$ignore) {
self::log("Ignoring Link ... " . var_export($row, true));
continue;
}
}
if ($parameters) {
$instance->linkurl = $strtemplate->merge($instance->linkurl);
$instance->linkicon = $strtemplate->merge($instance->linkicon);
}
if ($multitype) {
$instances[$instance->linktype][] = $instance;
} else {
$instances[] = $instance;
}
}
return $instances;
}
/**
* Get all the link related to module based on type
* @param Integer Module ID
* @param mixed String or List of types to select
* @param Map Key-Value pair to use for formating the link url
*/
static function getAllByType($tabid, $type = false, $parameters = false)
{
$adb = PearDatabase::getInstance();
$current_user = vglobal('current_user');
self::__initSchema();
$multitype = false;
if ($type) {
// Multiple link type selection?
if (is_array($type)) {
$multitype = true;
if ($tabid === self::IGNORE_MODULE) {
$sql = 'SELECT * FROM vtiger_links WHERE linktype IN (' . Vtiger_Utils::implodestr('?', count($type), ',') . ') ';
$params = $type;
$permittedTabIdList = getPermittedModuleIdList();
if (count($permittedTabIdList) > 0 && $current_user->is_admin !== 'on') {
array_push($permittedTabIdList, 0);
// Added to support one link for all modules
$sql .= ' and tabid IN (' . Vtiger_Utils::implodestr('?', count($permittedTabIdList), ',') . ')';
$params[] = $permittedTabIdList;
}
$result = $adb->pquery($sql, array($adb->flatten_array($params)));
} else {
$result = $adb->pquery('SELECT * FROM vtiger_links WHERE (tabid=? OR tabid=0) AND linktype IN (' . Vtiger_Utils::implodestr('?', count($type), ',') . ')', array($tabid, $adb->flatten_array($type)));
}
} else {
// Single link type selection
if ($tabid === self::IGNORE_MODULE) {
$result = $adb->pquery('SELECT * FROM vtiger_links WHERE linktype=?', array($type));
} else {
$result = $adb->pquery('SELECT * FROM vtiger_links WHERE (tabid=? OR tabid=0) AND linktype=?', array($tabid, $type));
}
}
} else {
$result = $adb->pquery('SELECT * FROM vtiger_links WHERE tabid=?', array($tabid));
}
$strtemplate = new Vtiger_StringTemplate();
if ($parameters) {
foreach ($parameters as $key => $value) {
$strtemplate->assign($key, $value);
}
}
$instances = array();
if ($multitype) {
foreach ($type as $t) {
$instances[$t] = array();
}
}
while ($row = $adb->fetch_array($result)) {
$skipLink = false;
$instance = new self();
$instance->initialize($row);
if (!empty($row['handler_path']) && isFileAccessible($row['handler_path'])) {
checkFileAccessForInclusion($row['handler_path']);
require_once $row['handler_path'];
$linkData = new Vtiger_LinkData($instance, $current_user);
$ignore = call_user_func(array($row['handler_class'], $row['handler']), $linkData);
if (!$ignore) {
self::log("Ignoring Link ... " . var_export($row, true));
continue;
}
}
if ($parameters) {
$instance->linkurl = $strtemplate->merge($instance->linkurl);
$instance->linkicon = $strtemplate->merge($instance->linkicon);
}
if ($instance->linktype == 'LISTVIEWSIDEBARWIDGET' || $instance->linktype == 'DETAILVIEWSIDEBARWIDGET') {
parse_str($instance->linkurl, $linkurl);
if (isset($linkurl['module']) && !Users_Privileges_Model::isPermitted($linkurl['module'], 'DetailView')) {
$skipLink = true;
}
}
if (!$skipLink) {
if ($multitype) {
$instances[$instance->linktype][] = $instance;
} else {
$instances[$instance->linktype] = $instance;
}
}
}
return $instances;
}
/** Function to check the file access is made within web root directory. */
function checkFileAccess($filepath)
{
if (!isFileAccessible($filepath)) {
die("Sorry! Attempt to access restricted file.");
}
}
/** Function to check the file access is made within web root directory. */
function checkFileAccess($filepath)
{
if (!isFileAccessible($filepath)) {
global $default_charset;
echo "Sorry! Attempt to access restricted file.<br>";
echo 'We are looking for this file path: ' . htmlspecialchars($filepath, ENT_QUOTES, $default_charset) . '<br>';
die;
}
}
protected function uninstallExtension(Vtiger_Request $request)
{
$extensionName = $request->get('extensionName');
$extensionInstance = Settings_ExtensionStore_Extension_Model::getModuleFromExtnName($extensionName);
$extnType = $extensionInstance->get('extnType');
$response = new Vtiger_Response();
if ($extnType == 'module') {
$extensionInstance->delete();
//Remove extension files
global $root_directory;
$deletePaths = array();
$pathToExtensionLayouts = $root_directory . "layouts/vlayout/modules/{$extensionName}";
$layoutDirAccessible = isFileAccessible($pathToExtensionLayouts);
if ($layoutDirAccessible) {
$deletePaths['layouts'] = $pathToExtensionLayouts;
}
$pathToExtensionModule = $root_directory . "modules/{$extensionName}";
$moduleDirAccessible = isFileAccessible($pathToExtensionModule);
if ($moduleDirAccessible) {
$deletePaths['modules'] = $pathToExtensionModule;
}
foreach ($deletePaths as $dirName) {
$this->deleteRecursively($dirName);
}
$response->setResult(array('success' => true, 'message' => 'extension deleted'));
} else {
if ($extnType == 'language') {
$languageInstance = Settings_ExtensionStore_Extension_Model::getLanguageInstance($extensionName);
if ($languageInstance) {
$langPrefix = $languageInstance->get('prefix');
Vtiger_Language::deregister($langPrefix);
//remove files
$langDir = "languages/{$langPrefix}";
if (isFileAccessible($langDir)) {
$this->deleteRecursively($langDir);
}
}
$response->setResult(array('success' => true, 'message' => 'extension deleted'));
} else {
$response->setError('Error in deleting extension');
}
}
$response->emit();
}
/** Function to check the file access is made within web root directory. */
function checkFileAccess($filepath)
{
if (!isFileAccessible($filepath)) {
echo "Sorry! Attempt to access restricted file.<br>";
echo "We are looking for this file path: {$filepath}<br>";
die;
}
}