diff --git a/config.performance.php b/config.performance.php
index db6125cdc0ff2af6a0bc7943f02cdda4fcfa92ab..303c0dcf5006bb1737ab28658ccf554a2ca414cf 100644
--- a/config.performance.php
+++ b/config.performance.php
@@ -10,7 +10,7 @@
/* Performance paramters can be configured to fine tune vtiger CRM runtime */
$PERFORMANCE_CONFIG = Array(
// Enable Vtiger Log Level for debugging only if requried
- 'LOGLEVEl_DEBUG' => false,
+ 'LOGLEVEL_DEBUG' => false,
// Should the caller information be captured in SQL Logging?
// It adds little overhead for performance but will be useful to debug
diff --git a/layouts/v7/modules/Documents/resources/Documents.js b/layouts/v7/modules/Documents/resources/Documents.js
index ac8e4123aaec00a9f564f5cdff56cf0684be4a63..492273eb7d6cb405d82639addcc989a94bddda98 100644
--- a/layouts/v7/modules/Documents/resources/Documents.js
+++ b/layouts/v7/modules/Documents/resources/Documents.js
@@ -471,7 +471,16 @@ Vtiger.Class('Documents_Index_Js', {
vtigerInstance.referenceModulePopupRegisterEvent(container);
vtigerInstance.registerClearReferenceSelectionEvent(container);
vtigerInstance.registerAutoCompleteFields(container);
- app.helper.registerModalDismissWithoutSubmit(container.find('form'));
+
+ // Avoid duplicate registrations
+ // container could remain in DOM where as form in it could get replaced next invoke after cancel
+ // to avoid duplicate registration on form close/cancel within same transaction we are handling state in form DOM element.
+ var containerForm = container.find("form");
+ if (!containerForm.data("isDismissWithoutSubmitRegistered")) {
+ app.helper.registerModalDismissWithoutSubmit(container.find('form'));
+ containerForm.data("isDismissWithoutSubmitRegistered", true);
+ }
+
var moduleInstance = Vtiger_Edit_Js.getInstanceByModuleName('Documents');
moduleInstance.registerEventForPicklistDependencySetup(container);
diff --git a/layouts/v7/modules/Settings/Tags/resources/List.js b/layouts/v7/modules/Settings/Tags/resources/List.js
index 0a945a6cb2b726e5d7942b5b06094ba6f5d70c0b..2a084ad13de1b6273d148755138d8a3a1cf70226 100644
--- a/layouts/v7/modules/Settings/Tags/resources/List.js
+++ b/layouts/v7/modules/Settings/Tags/resources/List.js
@@ -82,7 +82,7 @@ Settings_Vtiger_List_Js('Settings_Tags_List_Js',{
var editTagContainer = this.getEditTagContainer();
editTagContainer.find('[name="id"]').val(tagInfo.id);
- editTagContainer.find('[name="tagName"]').val(tagInfo.tag);
+ editTagContainer.find('[name="tagName"]').val(app.helper.getDecodedValue(tagInfo.tag));
if(tagInfo.visibility == "public") {
editTagContainer.find('[type="checkbox"]').prop('checked',true);
}else{
@@ -199,4 +199,4 @@ Settings_Vtiger_List_Js('Settings_Tags_List_Js',{
self.registerEditTagSaveEvent();
})
}
-});
\ No newline at end of file
+});
diff --git a/layouts/v7/modules/Vtiger/RecentComments.tpl b/layouts/v7/modules/Vtiger/RecentComments.tpl
index 5bbec85ea00036bd438f7ac81c91a6586c12b36b..a9de04159e12716a4bf45044506aadfcadd50eb7 100644
--- a/layouts/v7/modules/Vtiger/RecentComments.tpl
+++ b/layouts/v7/modules/Vtiger/RecentComments.tpl
@@ -232,8 +232,8 @@
</div>
</div>
- <div class="hide basicEditCommentBlock container-fluid" style="min-height: 150px;">
- <div class="row commentArea" >
+ <div class="hide basicEditCommentBlock container-fluid">
+ <div class="row commentArea" style="padding-bottom: 10px" >
<input style="width:100%;height:30px;" type="text" name="reasonToEdit" placeholder="{vtranslate('LBL_REASON_FOR_CHANGING_COMMENT', $MODULE_NAME)}" class="input-block-level"/>
</div>
<div class="row" style="padding-bottom: 10px;">
@@ -242,9 +242,11 @@
</div>
</div>
<input type="hidden" name="is_private">
- <div class="pull-right row">
- <button class="btn btn-success btn-sm detailViewSaveComment" type="button" data-mode="edit">{vtranslate('LBL_POST', $MODULE_NAME)}</button>
- <a href="javascript:void(0);" class="cursorPointer closeCommentBlock cancelLink" type="reset">{vtranslate('LBL_CANCEL', $MODULE_NAME)}</a>
+ <div class="row" style="padding-bottom: 10px;">
+ <div class="pull-right">
+ <button class="btn btn-success btn-sm detailViewSaveComment" type="button" data-mode="edit">{vtranslate('LBL_POST', $MODULE_NAME)}</button>
+ <a href="javascript:void(0);" class="cursorPointer closeCommentBlock cancelLink" type="reset">{vtranslate('LBL_CANCEL', $MODULE_NAME)}</a>
+ </div>
</div>
</div>
</div>
diff --git a/layouts/v7/modules/Vtiger/resources/Vtiger.js b/layouts/v7/modules/Vtiger/resources/Vtiger.js
index 2056278a69126f995b647bc308cf8399f24f4eb5..3d13692268e5d2c9990f9cc479101d5a5c4f96ce 100644
--- a/layouts/v7/modules/Vtiger/resources/Vtiger.js
+++ b/layouts/v7/modules/Vtiger/resources/Vtiger.js
@@ -1230,7 +1230,7 @@ Vtiger.Class('Vtiger_Index_Js', {
var quickCreateNode = jQuery('#quickCreateModules').find('[data-name="'+ referenceModuleName +'"]');
if(quickCreateNode.length <= 0) {
var notificationOptions = {
- 'title' : app.vtranslate('JS_NO_CREATE_OR_NOT_QUICK_CREATE_ENABLED')
+ 'message' : app.vtranslate('JS_NO_CREATE_OR_NOT_QUICK_CREATE_ENABLED')
}
app.helper.showAlertNotification(notificationOptions);
}
diff --git a/layouts/v7/resources/application.js b/layouts/v7/resources/application.js
index 834d54ae8456456f644e41e835d054d0b669427c..8676d95e63c447a895d319db566b5f828b9b2497 100644
--- a/layouts/v7/resources/application.js
+++ b/layouts/v7/resources/application.js
@@ -537,4 +537,20 @@ jQuery(function () {
modal_this.$element.focus()
}
})};
-});
\ No newline at end of file
+});
+
+/**
+ * Pre-filter Ajax requests to guard against XSS attacks.
+ *
+ * See https://github.com/jquery/jquery/issues/2432
+ */
+if (jQuery.ajaxPrefilter) {
+ // For newer versions of jQuery, use an Ajax prefilter to prevent
+ // auto-executing script tags from untrusted domains. This is similar to the
+ // fix that is built in to jQuery 3.0 and higher.
+ jQuery.ajaxPrefilter(function (s) {
+ if (s.crossDomain) {
+ s.contents.script = false;
+ }
+ });
+}
diff --git a/modules/Emails/models/Record.php b/modules/Emails/models/Record.php
index 44d3e41e78df7235de375f3b7c5cc75c76738474..7f5e1d99ec23cdc7cc82cc8deb6a321772502065 100644
--- a/modules/Emails/models/Record.php
+++ b/modules/Emails/models/Record.php
@@ -220,9 +220,10 @@ class Emails_Record_Model extends Vtiger_Record_Model {
$status = $mailer->Send(true);
}
if(!$status) {
- $status = $mailer->getError();
- //If mailer error, then update emailflag as saved
- if($status){
+ // Before inspecting for mailer error do a explict check on its configuration.
+ $err = $mailer->_serverConfigured ? $mailer->getError() : vtranslate("LBL_MAIL_SERVER_DESCRIPTION", "Settings:Vtiger");
+ // If mailer error, then update emailflag as saved
+ if($err){
$this->updateEmailFlag();
}
} else {
diff --git a/modules/Vtiger/helpers/Logger.php b/modules/Vtiger/helpers/Logger.php
index 9a8ac5e00f0f155eb14a41a1dde36773fb8a1d6d..d55d8387f6a17355bf968f46d7a77597d0fd8bd6 100644
--- a/modules/Vtiger/helpers/Logger.php
+++ b/modules/Vtiger/helpers/Logger.php
@@ -32,7 +32,7 @@ class Logger {
if (!self::$initialized) {
global $PERFORMANCE_CONFIG;
// Check if the performance config is set and debug logging is enabled
- if (isset($PERFORMANCE_CONFIG) && isset($PERFORMANCE_CONFIG['LOGLEVEl_DEBUG']) && $PERFORMANCE_CONFIG['LOGLEVEl_DEBUG']) {
+ if (isset($PERFORMANCE_CONFIG) && isset($PERFORMANCE_CONFIG['LOGLEVEL_DEBUG']) && $PERFORMANCE_CONFIG['LOGLEVEL_DEBUG']) {
// Set the default log level to 100 and the log file path
self::$logLevel = 100;
self::$filePath = "logs/vtigercrm.log";
diff --git a/pkg/vtiger/modules/Import/modules/Import/actions/Data.php b/pkg/vtiger/modules/Import/modules/Import/actions/Data.php
index eef394e0a99ae04a2406add4efd22060ae46783c..b1c64ce239fdae4bfeadc6ca54a1f9abfd6e799a 100644
--- a/pkg/vtiger/modules/Import/modules/Import/actions/Data.php
+++ b/pkg/vtiger/modules/Import/modules/Import/actions/Data.php
@@ -765,9 +765,11 @@ class Import_Data_Action extends Vtiger_Action_Controller {
$_REQUEST['cur_'.$this->lineitem_currency_id.'_check'] = 1;
}
$fieldData['currency_id'] = $this->lineitem_currency_id;
- // to save Source of Record while Creating
- $fieldData['source'] = $this->recordSource;
+
+
}
+ // to save Source of Record while Creating
+ $fieldData['source'] = $this->recordSource;
if ($fieldData != null && $checkMandatoryFieldValues) {
foreach ($moduleFields as $fieldName => $fieldInstance) {
if ((($fieldData[$fieldName] == '') || ($fieldData[$fieldName] == null)) && $fieldInstance->isMandatory()) {