diff --git a/data/CRMEntity.php b/data/CRMEntity.php
index dc367763c29fcc503134f747be144af97133a4eb..5ad321e653471cf895e1874a7836890e91eff725 100644
--- a/data/CRMEntity.php
+++ b/data/CRMEntity.php
@@ -206,7 +206,8 @@ class CRMEntity {
$upload_file_path = decideFilePath();
// upload the file in server
- $upload_status = copy($filetmp_name, $upload_file_path . $current_id . "_" . $binFile);
+ $encryptFileName = Vtiger_Util_Helper::getEncryptedFileName($binFile);
+ $upload_status = copy($filetmp_name, $upload_file_path . $current_id . "_" . $encryptFileName);
// temporary file will be deleted at the end of request
if ($save_file == 'true' && $upload_status == 'true') {
@@ -231,8 +232,8 @@ class CRMEntity {
$params1 = array($current_id, $current_user->id, $ownerid, $module." ".$attachmentType, $this->column_fields['description'], $adb->formatDate($date_var, true), $adb->formatDate($date_var, true));
$adb->pquery($sql1, $params1);
//Add entry to attachments
- $sql2 = "INSERT INTO vtiger_attachments(attachmentsid, name, description, type, path) values(?, ?, ?, ?, ?)";
- $params2 = array($current_id, $filename, $this->column_fields['description'], $filetype, $upload_file_path);
+ $sql2 = "INSERT INTO vtiger_attachments(attachmentsid, name, description, type, path, storedname) values(?, ?, ?, ?, ?, ?)";
+ $params2 = array($current_id, $filename, $this->column_fields['description'], $filetype, $upload_file_path, $encryptFileName);
$adb->pquery($sql2, $params2);
//Add relation
$sql3 = 'INSERT INTO vtiger_seattachmentsrel VALUES(?,?)';
diff --git a/layouts/v7/modules/Accounts/DetailViewHeaderTitle.tpl b/layouts/v7/modules/Accounts/DetailViewHeaderTitle.tpl
index 7b92d5ce0ead303579f156c73322edacc3fcea1f..eedc4447e3facfdb15c17b197fa736256750844c 100644
--- a/layouts/v7/modules/Accounts/DetailViewHeaderTitle.tpl
+++ b/layouts/v7/modules/Accounts/DetailViewHeaderTitle.tpl
@@ -15,8 +15,8 @@
<div class="hidden-sm hidden-xs recordImage bgAccounts app-{$SELECTED_MENU_CATEGORY}">
{assign var=IMAGE_DETAILS value=$RECORD->getImageDetails()}
{foreach key=ITER item=IMAGE_INFO from=$IMAGE_DETAILS}
- {if !empty($IMAGE_INFO.path)}
- <img src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100%" align="left"><br>
+ {if !empty($IMAGE_INFO.url) && !empty($IMAGE_INFO.path)}
+ <img src="{$IMAGE_INFO.url}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100%" align="left"><br>
{else}
<img src="{vimage_path('summary_organizations.png')}" class="summaryImg"/>
{/if}
diff --git a/layouts/v7/modules/Contacts/DetailViewHeaderTitle.tpl b/layouts/v7/modules/Contacts/DetailViewHeaderTitle.tpl
index 321a158302c204bb9e73c8bdb1ced9e10904eff6..be2ec45526400c100509927cc7d06e39735d4c63 100644
--- a/layouts/v7/modules/Contacts/DetailViewHeaderTitle.tpl
+++ b/layouts/v7/modules/Contacts/DetailViewHeaderTitle.tpl
@@ -15,8 +15,8 @@
<div class="hidden-sm hidden-xs recordImage bgcontacts app-{$SELECTED_MENU_CATEGORY}">
{assign var=IMAGE_DETAILS value=$RECORD->getImageDetails()}
{foreach key=ITER item=IMAGE_INFO from=$IMAGE_DETAILS}
- {if !empty($IMAGE_INFO.path)}
- <img src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100%" align="left"><br>
+ {if !empty($IMAGE_INFO.url)}
+ <img src="{$IMAGE_INFO.url}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100%" align="left"><br>
{else}
<img src="{vimage_path('summary_Contact.png')}" class="summaryImg"/>
{/if}
diff --git a/layouts/v7/modules/Invoice/DetailViewHeaderTitle.tpl b/layouts/v7/modules/Invoice/DetailViewHeaderTitle.tpl
index 47393217a94d54fcb943333d67311223dc71aa58..00976a9bd48ceff7a4af2736211add6a0b8b6c6e 100644
--- a/layouts/v7/modules/Invoice/DetailViewHeaderTitle.tpl
+++ b/layouts/v7/modules/Invoice/DetailViewHeaderTitle.tpl
@@ -15,8 +15,8 @@
<div class="hidden-sm hidden-xs recordImage bginvoice app-{$SELECTED_MENU_CATEGORY}">
{assign var=IMAGE_DETAILS value=$RECORD->getImageDetails()}
{foreach key=ITER item=IMAGE_INFO from=$IMAGE_DETAILS}
- {if !empty($IMAGE_INFO.path)}
- <img src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100%" align="left"><br>
+ {if !empty($IMAGE_INFO.url) && !empty($IMAGE_INFO.path)}
+ <img src="{$IMAGE_INFO.url}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100%" align="left"><br>
{else}
<img src="{vimage_path('summary_organizations.png')}" class="summaryImg"/>
{/if}
diff --git a/layouts/v7/modules/Leads/DetailViewHeaderTitle.tpl b/layouts/v7/modules/Leads/DetailViewHeaderTitle.tpl
index 9339f20596bf43798943cdb439d00373f6312a53..cf005265fd4fe6db065d42f6ee6e5422b2cf443b 100644
--- a/layouts/v7/modules/Leads/DetailViewHeaderTitle.tpl
+++ b/layouts/v7/modules/Leads/DetailViewHeaderTitle.tpl
@@ -15,8 +15,8 @@
<div class="hidden-sm hidden-xs recordImage bgleads app-{$SELECTED_MENU_CATEGORY}">
{assign var=IMAGE_DETAILS value=$RECORD->getImageDetails()}
{foreach key=ITER item=IMAGE_INFO from=$IMAGE_DETAILS}
- {if !empty($IMAGE_INFO.path)}
- <img src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100px" align="left"><br>
+ {if !empty($IMAGE_INFO.url) && !empty($IMAGE_INFO.path)}
+ <img src="{$IMAGE_INFO.url}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100px" align="left"><br>
{else}
<img src="{vimage_path('summary_Leads.png')}" class="summaryImg"/>
{/if}
diff --git a/layouts/v7/modules/Products/DetailViewHeaderTitle.tpl b/layouts/v7/modules/Products/DetailViewHeaderTitle.tpl
index 59f83579e25661afd5d25cf094e8433a9995479a..0dc6610d4b1e84fee68875293ac4dafe254c3c5c 100644
--- a/layouts/v7/modules/Products/DetailViewHeaderTitle.tpl
+++ b/layouts/v7/modules/Products/DetailViewHeaderTitle.tpl
@@ -15,16 +15,16 @@
{assign var=IMAGE_DETAILS value=$RECORD->getImageDetails()}
<div class="hidden-sm hidden-xs recordImage bgproducts app-{$SELECTED_MENU_CATEGORY}" {if $IMAGE_DETAILS|@count gt 1}style = "display:block"{/if}>
{foreach key=ITER item=IMAGE_INFO from=$IMAGE_DETAILS}
- {if !empty($IMAGE_INFO.path)}
+ {if !empty($IMAGE_INFO.url)}
{if $IMAGE_DETAILS|@count eq 1}
- <img src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100%" align="left"><br>
+ <img src="{$IMAGE_INFO.url}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100%" align="left"><br>
{else if $IMAGE_DETAILS|@count eq 2}
- <span><img src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="50%" height="100%" align="left"></span>
+ <span><img src="{$IMAGE_INFO.url}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="50%" height="100%" align="left"></span>
{else if $IMAGE_DETAILS|@count eq 3}
- <span><img src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" {if $ITER eq 0 or $ITER eq 1}width="50%" height = "50%"{/if}{if $ITER eq 2}width="100%" height="50%"{/if} align="left"></span>
+ <span><img src="{$IMAGE_INFO.url}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" {if $ITER eq 0 or $ITER eq 1}width="50%" height = "50%"{/if}{if $ITER eq 2}width="100%" height="50%"{/if} align="left"></span>
{else if $IMAGE_DETAILS|@count eq 4 or $IMAGE_DETAILS|@count gt 4}
{if $ITER gt 3}{break}{/if}
- <span><img src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}"width="50%" height="50%" align="left"></span>
+ <span><img src="{$IMAGE_INFO.url}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}"width="50%" height="50%" align="left"></span>
{/if}
{else}
<img src="{vimage_path('summary_Products.png')}" class="summaryImg"/>
diff --git a/layouts/v7/modules/PurchaseOrder/DetailViewHeaderTitle.tpl b/layouts/v7/modules/PurchaseOrder/DetailViewHeaderTitle.tpl
index a2c8da0ee510aeb95b2d5b7fea597b7de34c7413..88b5d62e016dd256766057290609f0be9a07107e 100644
--- a/layouts/v7/modules/PurchaseOrder/DetailViewHeaderTitle.tpl
+++ b/layouts/v7/modules/PurchaseOrder/DetailViewHeaderTitle.tpl
@@ -15,8 +15,8 @@
<div class="hidden-sm hidden-xs recordImage bgpurchaseorder app-{$SELECTED_MENU_CATEGORY}">
{assign var=IMAGE_DETAILS value=$RECORD->getImageDetails()}
{foreach key=ITER item=IMAGE_INFO from=$IMAGE_DETAILS}
- {if !empty($IMAGE_INFO.path)}
- <img src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100%" align="left"><br>
+ {if !empty($IMAGE_INFO.url) && !empty($IMAGE_INFO.path)}
+ <img src="{$IMAGE_INFO.url}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100%" align="left"><br>
{else}
<img src="{vimage_path('summary_organizations.png')}" class="summaryImg"/>
{/if}
diff --git a/layouts/v7/modules/Quotes/DetailViewHeaderTitle.tpl b/layouts/v7/modules/Quotes/DetailViewHeaderTitle.tpl
index 9fcf58ad1b36a26641223fc23918d49f5e4768c1..3ec010d240a67a648af04ce941fde90123e1d96b 100644
--- a/layouts/v7/modules/Quotes/DetailViewHeaderTitle.tpl
+++ b/layouts/v7/modules/Quotes/DetailViewHeaderTitle.tpl
@@ -15,8 +15,8 @@
<div class="hidden-sm hidden-xs recordImage bgquotes app-{$SELECTED_MENU_CATEGORY}">
{assign var=IMAGE_DETAILS value=$RECORD->getImageDetails()}
{foreach key=ITER item=IMAGE_INFO from=$IMAGE_DETAILS}
- {if !empty($IMAGE_INFO.path)}
- <img src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100%" align="left"><br>
+ {if !empty($IMAGE_INFO.url) && !empty($IMAGE_INFO.path)}
+ <img src="{$IMAGE_INFO.url}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100%" align="left"><br>
{else}
<img src="{vimage_path('summary_organizations.png')}" class="summaryImg"/>
{/if}
diff --git a/layouts/v7/modules/SalesOrder/DetailViewHeaderTitle.tpl b/layouts/v7/modules/SalesOrder/DetailViewHeaderTitle.tpl
index 965261dd62dfb80b818bfcebe8501fa259d7748c..6095458f1a3665cb5529303914392b76d86b3aee 100644
--- a/layouts/v7/modules/SalesOrder/DetailViewHeaderTitle.tpl
+++ b/layouts/v7/modules/SalesOrder/DetailViewHeaderTitle.tpl
@@ -15,8 +15,8 @@
<div class="hidden-sm hidden-xs recordImage bgsalesorder app-{$SELECTED_MENU_CATEGORY}">
{assign var=IMAGE_DETAILS value=$RECORD->getImageDetails()}
{foreach key=ITER item=IMAGE_INFO from=$IMAGE_DETAILS}
- {if !empty($IMAGE_INFO.path)}
- <img src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100%" align="left"><br>
+ {if !empty($IMAGE_INFO.url) && !empty($IMAGE_INFO.path)}
+ <img src="{$IMAGE_INFO.url}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="100%" height="100%" align="left"><br>
{else}
<img src="{vimage_path('summary_organizations.png')}" class="summaryImg"/>
{/if}
diff --git a/layouts/v7/modules/Users/CalendarSettingsDetailView.tpl b/layouts/v7/modules/Users/CalendarSettingsDetailView.tpl
index 6c327c3497860f9e9068672893b8cee768c82db4..cb37e45d80a938eaae1868c82ece75e8b2c17fb9 100644
--- a/layouts/v7/modules/Users/CalendarSettingsDetailView.tpl
+++ b/layouts/v7/modules/Users/CalendarSettingsDetailView.tpl
@@ -72,8 +72,8 @@
<td class="fieldValue {$WIDTHTYPE}">
<div id="imageContainer" width="300" height="200">
{foreach key=ITER item=IMAGE_INFO from=$IMAGE_DETAILS}
- {if !empty($IMAGE_INFO.path) && !empty({$IMAGE_INFO.orgname})}
- <img src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" width="300" height="200">
+ {if !empty($IMAGE_INFO.url) && !empty({$IMAGE_INFO.orgname})}
+ <img src="{$IMAGE_INFO.url}" width="300" height="200">
{/if}
{/foreach}
</div>
diff --git a/layouts/v7/modules/Users/DetailViewBlockView.tpl b/layouts/v7/modules/Users/DetailViewBlockView.tpl
index 0d4cd57c6d18c80271ed25b1f71b1fe8753c493d..50b41e2dca2647b40e7a9684e7e37bc072c1e06e 100644
--- a/layouts/v7/modules/Users/DetailViewBlockView.tpl
+++ b/layouts/v7/modules/Users/DetailViewBlockView.tpl
@@ -65,8 +65,8 @@
<td class="fieldValue {$WIDTHTYPE}">
<div id="imageContainer" width="300" height="200">
{foreach key=ITER item=IMAGE_INFO from=$IMAGE_DETAILS}
- {if !empty($IMAGE_INFO.path) && !empty({$IMAGE_INFO.orgname})}
- <img src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" width="300" height="200">
+ {if !empty($IMAGE_INFO.url) && !empty({$IMAGE_INFO.orgname})}
+ <img src="{$IMAGE_INFO.url}" width="300" height="200">
{/if}
{/foreach}
</div>
diff --git a/layouts/v7/modules/Users/ListViewContents.tpl b/layouts/v7/modules/Users/ListViewContents.tpl
index d0e37a7258810e76ecbb45d78cc677bbe535cc63..4c505bde7f3a3c0c407c8a010aefb4f421f89609 100644
--- a/layouts/v7/modules/Users/ListViewContents.tpl
+++ b/layouts/v7/modules/Users/ListViewContents.tpl
@@ -97,9 +97,9 @@
<div style="margin-left: -13px;">
{assign var=IMAGE_DETAILS value=$LISTVIEW_ENTRY->getImageDetails()}
{foreach item=IMAGE_INFO from=$IMAGE_DETAILS}
- {if !empty($IMAGE_INFO.path) && !empty({$IMAGE_INFO.orgname})}
+ {if !empty($IMAGE_INFO.url) && !empty({$IMAGE_INFO.orgname})}
<div class='col-lg-2'>
- <img height="25px" width="25px" src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}">
+ <img height="25px" width="25px" src="{$IMAGE_INFO.url}">
</div>
{/if}
{/foreach}
diff --git a/layouts/v7/modules/Users/PreferenceDetailViewHeader.tpl b/layouts/v7/modules/Users/PreferenceDetailViewHeader.tpl
index 10b30b2c5a111edc4d6d9ca72d691d7278c4fba0..3c6173ce5b42be83a27864c0577e201d58fee7d2 100644
--- a/layouts/v7/modules/Users/PreferenceDetailViewHeader.tpl
+++ b/layouts/v7/modules/Users/PreferenceDetailViewHeader.tpl
@@ -18,9 +18,9 @@
<div class="col-xs-8">
{assign var=IMAGE_DETAILS value=$RECORD->getImageDetails()}
{foreach key=ITER item=IMAGE_INFO from=$IMAGE_DETAILS}
- {if !empty($IMAGE_INFO.path) && !empty($IMAGE_INFO.orgname)}
+ {if !empty($IMAGE_INFO.url) && !empty($IMAGE_INFO.orgname)}
<span class="logo col-xs-2">
- <img height="75px" width="75px" src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" data-image-id="{$IMAGE_INFO.id}">
+ <img height="75px" width="75px" src="{$IMAGE_INFO.url}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" data-image-id="{$IMAGE_INFO.id}">
</span>
{/if}
{/foreach}
diff --git a/layouts/v7/modules/Users/UserViewHeader.tpl b/layouts/v7/modules/Users/UserViewHeader.tpl
index 0aaa035d57c8a0e97eb0dc77aebf792d496ff1c2..0e4b6266523a7f5aeb39bce42caec5758232e6fe 100644
--- a/layouts/v7/modules/Users/UserViewHeader.tpl
+++ b/layouts/v7/modules/Users/UserViewHeader.tpl
@@ -18,8 +18,8 @@
<div class="col-md-5 recordImage" style="height: 50px;width: 50px;">
{assign var=NOIMAGE value=0}
{foreach key=ITER item=IMAGE_INFO from=$RECORD->getImageDetails()}
- {if !empty($IMAGE_INFO.path) && !empty($IMAGE_INFO.orgname)}
- <img height="100%" width="100%"src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" data-image-id="{$IMAGE_INFO.id}">
+ {if !empty($IMAGE_INFO.url) && !empty($IMAGE_INFO.orgname)}
+ <img height="100%" width="100%" src="{$IMAGE_INFO.url}" alt="{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" data-image-id="{$IMAGE_INFO.id}">
{else}
{assign var=NOIMAGE value=1}
{/if}
diff --git a/layouts/v7/modules/Vtiger/DetailViewBlockView.tpl b/layouts/v7/modules/Vtiger/DetailViewBlockView.tpl
index 5a47f3518b195258f6db5ab0d667051d567ba05d..f2a99adfeeebedfe2cf40b996156fe25bbcd9862 100644
--- a/layouts/v7/modules/Vtiger/DetailViewBlockView.tpl
+++ b/layouts/v7/modules/Vtiger/DetailViewBlockView.tpl
@@ -69,8 +69,8 @@
<td class="fieldValue {$WIDTHTYPE}">
<ul id="imageContainer">
{foreach key=ITER item=IMAGE_INFO from=$IMAGE_DETAILS}
- {if !empty($IMAGE_INFO.path) && !empty({$IMAGE_INFO.orgname})}
- <li><img src="{$IMAGE_INFO.path}_{$IMAGE_INFO.orgname}" title="{$IMAGE_INFO.orgname}" width="400" height="300" /></li>
+ {if !empty($IMAGE_INFO.url) && !empty({$IMAGE_INFO.orgname})}
+ <li><img src="{$IMAGE_INFO.url}" title="{$IMAGE_INFO.orgname}" width="400" height="300" /></li>
{/if}
{/foreach}
</ul>
diff --git a/layouts/v7/modules/Vtiger/EmailPreview.tpl b/layouts/v7/modules/Vtiger/EmailPreview.tpl
index 04c027e9f7bf06a7451cfe4062d0426d613343ec..db4bce28727bba8d681caed7b1e4c1f4ac5d9234 100644
--- a/layouts/v7/modules/Vtiger/EmailPreview.tpl
+++ b/layouts/v7/modules/Vtiger/EmailPreview.tpl
@@ -135,9 +135,9 @@
{foreach item=ATTACHMENT_DETAILS from=$RECORD->getAttachmentDetails()}
<i class="fa fa-download"></i>
<a {if array_key_exists('docid',$ATTACHMENT_DETAILS)}
- href="index.php?module=Documents&action=DownloadFile&record={$ATTACHMENT_DETAILS['docid']}&fileid={$ATTACHMENT_DETAILS['fileid']}"
+ href="index.php?module=Documents&action=DownloadFile&record={$ATTACHMENT_DETAILS['docid']}&fileid={$ATTACHMENT_DETAILS['fileid']}&name={$ATTACHMENT_DETAILS['attachment']}"
{else}
- href="index.php?module=Emails&action=DownloadFile&attachment_id={$ATTACHMENT_DETAILS['fileid']}"
+ href="index.php?module=Emails&action=DownloadFile&attachment_id={$ATTACHMENT_DETAILS['fileid']}&name={$ATTACHMENT_DETAILS['attachment']}"
{/if}>{$ATTACHMENT_DETAILS['attachment']}</a>
{/foreach}
{/if}
diff --git a/modules/Documents/models/Record.php b/modules/Documents/models/Record.php
index 1c12401d9610a073d85e164b002c67b10d4f772f..44cd7b29e373f549c1f61e9891b69d663cc266fe 100644
--- a/modules/Documents/models/Record.php
+++ b/modules/Documents/models/Record.php
@@ -21,7 +21,7 @@ class Documents_Record_Model extends Vtiger_Record_Model {
function getDownloadFileURL() {
if ($this->get('filelocationtype') == 'I') {
$fileDetails = $this->getFileDetails();
- return 'index.php?module='. $this->getModuleName() .'&action=DownloadFile&record='. $this->getId() .'&fileid='. $fileDetails['attachmentsid'];
+ return 'index.php?module='. $this->getModuleName() .'&action=DownloadFile&record='. $this->getId() .'&fileid='. $fileDetails['attachmentsid'].'&name='. $fileDetails['name'];
} else {
return $this->get('filename');
}
@@ -40,8 +40,9 @@ class Documents_Record_Model extends Vtiger_Record_Model {
$fileDetails = $this->getFileDetails();
if (!empty ($fileDetails)) {
$filePath = $fileDetails['path'];
+ $storedFileName = $fileDetails['storedname'];
- $savedFile = $fileDetails['attachmentsid']."_".decode_html($this->get('filename'));
+ $savedFile = $fileDetails['attachmentsid']."_".$storedFileName;
if(fopen($filePath.$savedFile, "r")) {
$returnValue = true;
@@ -72,10 +73,11 @@ class Documents_Record_Model extends Vtiger_Record_Model {
if (!empty ($fileDetails)) {
$filePath = $fileDetails['path'];
$fileName = $fileDetails['name'];
+ $storedFileName = $fileDetails['storedname'];
if ($this->get('filelocationtype') == 'I') {
$fileName = html_entity_decode($fileName, ENT_QUOTES, vglobal('default_charset'));
- $savedFile = $fileDetails['attachmentsid']."_".$fileName;
+ $savedFile = $fileDetails['attachmentsid']."_".$storedFileName;
while(ob_get_level()) {
ob_end_clean();
diff --git a/modules/Documents/views/FilePreview.php b/modules/Documents/views/FilePreview.php
index b73f661186cd35696666c2d0326fb7351f80427a..a3446fdec9a1b52fdd5b3480318920f9a326fe6f 100644
--- a/modules/Documents/views/FilePreview.php
+++ b/modules/Documents/views/FilePreview.php
@@ -41,10 +41,11 @@ class Documents_FilePreview_View extends Vtiger_IndexAjax_View {
if (!empty ($fileDetails)) {
$filePath = $fileDetails['path'];
$fileName = $fileDetails['name'];
+ $storedFileName = $fileDetails['storedname'];
if ($recordModel->get('filelocationtype') == 'I') {
$fileName = html_entity_decode($fileName, ENT_QUOTES, vglobal('default_charset'));
- $savedFile = $fileDetails['attachmentsid']."_".$fileName;
+ $savedFile = $fileDetails['attachmentsid']."_".$storedFileName;
$fileSize = filesize($filePath.$savedFile);
$fileSize = $fileSize + ($fileSize % 1024);
diff --git a/modules/Emails/actions/DownloadFile.php b/modules/Emails/actions/DownloadFile.php
index 01aabbbf81a6ee38da1ee259d31910414ef36b65..882a1ddf51926287e7d310f67133f82b6577bf0b 100644
--- a/modules/Emails/actions/DownloadFile.php
+++ b/modules/Emails/actions/DownloadFile.php
@@ -24,8 +24,9 @@ class Emails_DownloadFile_Action extends Vtiger_Action_Controller {
$db = PearDatabase::getInstance();
$attachmentId = $request->get('attachment_id');
- $query = "SELECT * FROM vtiger_attachments WHERE attachmentsid = ?" ;
- $result = $db->pquery($query, array($attachmentId));
+ $name = $request->get('name');
+ $query = "SELECT * FROM vtiger_attachments WHERE attachmentsid = ? AND name = ?" ;
+ $result = $db->pquery($query, array($attachmentId, $name));
if($db->num_rows($result) == 1)
{
@@ -34,7 +35,8 @@ class Emails_DownloadFile_Action extends Vtiger_Action_Controller {
$name = $row["name"];
$filepath = $row["path"];
$name = decode_html($name);
- $saved_filename = $attachmentId."_".$name;
+ $storedFileName = $row['storedname'];
+ $saved_filename = $attachmentId."_". $storedFileName;
$disk_file_size = filesize($filepath.$saved_filename);
$filesize = $disk_file_size + ($disk_file_size % 1024);
$fileContent = fread(fopen($filepath.$saved_filename, "r"), $filesize);
diff --git a/modules/Migration/schema/711_to_720.php b/modules/Migration/schema/711_to_720.php
new file mode 100644
index 0000000000000000000000000000000000000000..fa7be894350a8f5086a0cd9b59d7acfab11fafde
--- /dev/null
+++ b/modules/Migration/schema/711_to_720.php
@@ -0,0 +1,17 @@
+<?php
+/*+********************************************************************************
+ * The contents of this file are subject to the vtiger CRM Public License Version 1.0
+ * ("License"); You may not use this file except in compliance with the License
+ * The Original Code is: vtiger CRM Open Source
+ * The Initial Developer of the Original Code is vtiger.
+ * Portions created by vtiger are Copyright (C) vtiger.
+ * All Rights Reserved.
+ *********************************************************************************/
+
+if (defined('VTIGER_UPGRADE')) {
+ global $current_user, $adb;
+ $db = PearDatabase::getInstance();
+
+ // Added column storedname for vtiger_attachments to support reverse mapping.
+ $db->pquery('ALTER TABLE vtiger_attachments ADD COLUMN storedname varchar(255) NOT NULL AFTER path', array());
+}
diff --git a/modules/Products/models/Record.php b/modules/Products/models/Record.php
index 8fcf1724cf8d6a10503858711f4e2979b9de32ef..62b58951edaf546e381d2df3532585b77da12b3d 100644
--- a/modules/Products/models/Record.php
+++ b/modules/Products/models/Record.php
@@ -342,6 +342,7 @@ class Products_Record_Model extends Vtiger_Record_Model {
* @return <array> Image Details List
*/
public function getImageDetails() {
+ global $site_URL;
$db = PearDatabase::getInstance();
$imageDetails = array();
$recordId = $this->getId();
@@ -356,15 +357,18 @@ class Products_Record_Model extends Vtiger_Record_Model {
$count = $db->num_rows($result);
for($i=0; $i<$count; $i++) {
+ $imageId = $db->query_result($result, $i, 'attachmentsid');
$imageIdsList[] = $db->query_result($result, $i, 'attachmentsid');
$imagePathList[] = $db->query_result($result, $i, 'path');
$imageName = $db->query_result($result, $i, 'name');
+ $url = \Vtiger_Functions::getFilePublicURL($imageId, $imageName);
//decode_html - added to handle UTF-8 characters in file names
$imageOriginalNamesList[] = urlencode(decode_html($imageName));
//urlencode - added to handle special characters like #, %, etc.,
$imageNamesList[] = $imageName;
+ $imageUrlsList[] = $url;
}
if(is_array($imageOriginalNamesList)) {
@@ -374,7 +378,8 @@ class Products_Record_Model extends Vtiger_Record_Model {
'id' => $imageIdsList[$j],
'orgname' => $imageOriginalNamesList[$j],
'path' => $imagePathList[$j].$imageIdsList[$j],
- 'name' => $imageNamesList[$j]
+ 'name' => $imageNamesList[$j],
+ 'url' => $imageUrlsList[$j]
);
}
}
diff --git a/modules/Users/Users.php b/modules/Users/Users.php
index cf70a282d493a483a3a104af71a1e2bc7597a725..b8c183aa402ddfa8125627c5a15aa6afb7898c19 100755
--- a/modules/Users/Users.php
+++ b/modules/Users/Users.php
@@ -1058,7 +1058,8 @@ class Users extends CRMEntity {
//get the file path inwhich folder we want to upload the file
$upload_file_path = decideFilePath();
//upload the file in server
- $upload_status = move_uploaded_file($filetmp_name,$upload_file_path.$current_id."_".$binFile);
+ $encryptFileName = Vtiger_Util_Helper::getEncryptedFileName($binFile);
+ $upload_status = move_uploaded_file($filetmp_name,$upload_file_path.$current_id."_".$encryptFileName);
if($save_file == 'true') {
@@ -1066,8 +1067,8 @@ class Users extends CRMEntity {
$params1 = array($current_id, $current_user->id, $ownerid, $module." Image", $this->column_fields['description'], $this->db->formatString("vtiger_crmentity","createdtime",$date_var), $this->db->formatDate($date_var, true));
$this->db->pquery($sql1, $params1);
- $sql2="insert into vtiger_attachments(attachmentsid, name, description, type, path) values(?,?,?,?,?)";
- $params2 = array($current_id, $filename, $this->column_fields['description'], $filetype, $upload_file_path);
+ $sql2="insert into vtiger_attachments(attachmentsid, name, description, type, path, storedname) values(?,?,?,?,?,?)";
+ $params2 = array($current_id, $filename, $this->column_fields['description'], $filetype, $upload_file_path, $encryptFileName);
$result=$this->db->pquery($sql2, $params2);
if($id != '') {
diff --git a/modules/Users/models/Record.php b/modules/Users/models/Record.php
index 3c13332b3d08745c704a566fca86956590c4cdd4..c12abc18b48181843b476cffe4b02a2c391be203 100644
--- a/modules/Users/models/Record.php
+++ b/modules/Users/models/Record.php
@@ -378,6 +378,7 @@ class Users_Record_Model extends Vtiger_Record_Model {
* @return <Array> list of Image names and paths
*/
public function getImageDetails() {
+ global $site_URL;
$db = PearDatabase::getInstance();
$imageDetails = array();
@@ -394,6 +395,7 @@ class Users_Record_Model extends Vtiger_Record_Model {
$imageId = $db->query_result($result, 0, 'attachmentsid');
$imagePath = $db->query_result($result, 0, 'path');
$imageName = $db->query_result($result, 0, 'name');
+ $url = \Vtiger_Functions::getFilePublicURL($imageId, $imageName);
//decode_html - added to handle UTF-8 characters in file names
$imageOriginalName = urlencode(decode_html($imageName));
@@ -402,7 +404,8 @@ class Users_Record_Model extends Vtiger_Record_Model {
'id' => $imageId,
'orgname' => $imageOriginalName,
'path' => $imagePath.$imageId,
- 'name' => $imageName
+ 'name' => $imageName,
+ 'url' => $site_URL.$url
);
}
return $imageDetails;
diff --git a/modules/Vtiger/helpers/ShowFile.php b/modules/Vtiger/helpers/ShowFile.php
new file mode 100644
index 0000000000000000000000000000000000000000..8baa67c7a30e77c4ca1a0d63155479b377856249
--- /dev/null
+++ b/modules/Vtiger/helpers/ShowFile.php
@@ -0,0 +1,70 @@
+<?php
+/*+***********************************************************************************
+ * The contents of this file are subject to the vtiger CRM Public License Version 1.0
+ * ("License"); You may not use this file except in compliance with the License
+ * The Original Code is: vtiger CRM Open Source
+ * The Initial Developer of the Original Code is vtiger.
+ * Portions created by vtiger are Copyright (C) vtiger.
+ * All Rights Reserved.
+ *************************************************************************************/
+
+class Vtiger_ShowFile_Helper {
+
+ /**
+ * Function to display images out side of CRM (with out authentication)
+ * @param type $fid - attachment id
+ * @param type $encFileName - md5(filename)
+ */
+ static function handle($fid, $encFileName) {
+ global $upload_badext;
+ $db = PearDatabase::getInstance();
+
+ $query = "SELECT vtiger_attachments.* FROM vtiger_attachments
+ INNER JOIN vtiger_crmentity ON vtiger_crmentity.crmid = vtiger_attachments.attachmentsid
+ WHERE vtiger_attachments.attachmentsid=? AND vtiger_attachments.name=? LIMIT 1";
+ $result = $db->pquery($query, array($fid, $encFileName));
+ if ($result && $db->num_rows($result)) {
+ $resultData = $db->fetch_array($result);
+ $fileId = $resultData['attachmentsid'];
+ $filePath = $resultData['path'];
+ $fileName = $resultData['name'];
+ $storedFileName = $resultData['storedname'];
+ $fileType = $resultData['type'];
+ $sanitizedFileName = sanitizeUploadFileName($fileName, $upload_badext);
+
+ /**
+ * While saving the document applying decode_html to save in DB, but this is not happening for the images
+ * This save happens from mailroom, inbox, record save, document save etc..
+ */
+ if (!empty($encFileName) && !empty($storedFileName)) {
+ $finalFilePath = $filePath.$fileId.'_'.$storedFileName;
+ $isFileExist = false;
+ if (file_exists($finalFilePath)) {
+ $isFileExist = true;
+ } else {
+ $finalFilePath = $filePath.$fileId.'_'.$sanitizedFileName;
+ if (file_exists($finalFilePath)) {
+ $isFileExist = true;
+ }
+ }
+ if ($isFileExist) {
+ Vtiger_ShowFile_Helper::show($finalFilePath,$fileType);
+ }
+ }
+ }
+ }
+
+ /**
+ * Function to show images out side of CRM
+ * @param type $finalFilePath - the proper image folder path
+ * @param type $fileType - image file type
+ */
+ static function show($finalFilePath, $fileType) {
+ $handle = fopen($finalFilePath, "rb");
+ $contents = fread($handle, filesize($finalFilePath));
+ fclose($handle);
+
+ header("Content-Type: $fileType;charset=UTF-8");
+ echo $contents;
+ }
+}
\ No newline at end of file
diff --git a/modules/Vtiger/helpers/Util.php b/modules/Vtiger/helpers/Util.php
index 1bb5ade98dd702be28aa6b87a6e80773688d85eb..3d330a5799724d2e1a115e354a580b1bfee20ae7 100644
--- a/modules/Vtiger/helpers/Util.php
+++ b/modules/Vtiger/helpers/Util.php
@@ -1238,4 +1238,14 @@ class Vtiger_Util_Helper {
return preg_replace($pattern, '\\\\$0', $string);
}
}
+
+ public static function getEncryptedFileName($sanitizedFileName) {
+ $encryptedFileName = $sanitizedFileName;
+ if ($sanitizedFileName) {
+ $fileNameParts = explode('.', decode_html($sanitizedFileName));
+ $fileType = array_pop($fileNameParts);
+ $encryptedFileName = md5(md5(microtime(true)).implode('.', $fileNameParts)).'.'.$fileType;
+ }
+ return $encryptedFileName;
+ }
}
diff --git a/modules/Vtiger/models/Record.php b/modules/Vtiger/models/Record.php
index be7e4fc2b40d5de8f280393dd34150934f51fd43..00e4b3198e34a12bcc167fe649196b676bf2c2b7 100644
--- a/modules/Vtiger/models/Record.php
+++ b/modules/Vtiger/models/Record.php
@@ -397,6 +397,7 @@ class Vtiger_Record_Model extends Vtiger_Base_Model {
* @return <array> Image Details List
*/
public function getImageDetails() {
+ global $site_URL;
$db = PearDatabase::getInstance();
$imageDetails = array();
$recordId = $this->getId();
@@ -412,7 +413,7 @@ class Vtiger_Record_Model extends Vtiger_Base_Model {
$imageId = $db->query_result($result, 0, 'attachmentsid');
$imagePath = $db->query_result($result, 0, 'path');
$imageName = $db->query_result($result, 0, 'name');
-
+ $url = \Vtiger_Functions::getFilePublicURL($imageId, $imageName);
//decode_html - added to handle UTF-8 characters in file names
$imageOriginalName = urlencode(decode_html($imageName));
@@ -421,7 +422,8 @@ class Vtiger_Record_Model extends Vtiger_Base_Model {
'id' => $imageId,
'orgname' => $imageOriginalName,
'path' => $imagePath.$imageId,
- 'name' => $imageName
+ 'name' => $imageName,
+ 'url' => $site_URL.$url
);
}
}
@@ -589,8 +591,9 @@ class Vtiger_Record_Model extends Vtiger_Base_Model {
if (!empty ($fileDetails)) {
$filePath = $fileDetails['path'];
$fileName = $fileDetails['name'];
+ $storedFileName = $fileDetails['storedname'];
$fileName = html_entity_decode($fileName, ENT_QUOTES, vglobal('default_charset'));
- $savedFile = $fileDetails['attachmentsid']."_".$fileName;
+ $savedFile = $fileDetails['attachmentsid']."_".$storedFileName;
$fileSize = filesize($filePath.$savedFile);
$fileSize = $fileSize + ($fileSize % 1024);
if (fopen($filePath.$savedFile, "r")) {
diff --git a/pkg/vtiger/modules/ModComments/modules/ModComments/views/FilePreview.php b/pkg/vtiger/modules/ModComments/modules/ModComments/views/FilePreview.php
index c1d31288870cb03dad126d21df60acdde1390abc..79081deaea5e78a4ea7be35038ea444715dd6b07 100644
--- a/pkg/vtiger/modules/ModComments/modules/ModComments/views/FilePreview.php
+++ b/pkg/vtiger/modules/ModComments/modules/ModComments/views/FilePreview.php
@@ -36,8 +36,9 @@ class ModComments_FilePreview_View extends Vtiger_IndexAjax_View {
if (!empty($fileDetails)) {
$filePath = $fileDetails['path'];
$fileName = $fileDetails['name'];
+ $storedFileName = $fileDetails['storedname'];
$fileName = html_entity_decode($fileName, ENT_QUOTES, vglobal('default_charset'));
- $savedFile = $fileDetails['attachmentsid']."_".$fileName;
+ $savedFile = $fileDetails['attachmentsid']."_".$storedFileName;
$fileSize = filesize($filePath.$savedFile);
$fileSize = $fileSize + ($fileSize % 1024);
diff --git a/public.php b/public.php
new file mode 100644
index 0000000000000000000000000000000000000000..337bb0cf99b6eb53470916c96c5c207bec1ad5d2
--- /dev/null
+++ b/public.php
@@ -0,0 +1,15 @@
+<?php
+/*+***********************************************************************************
+ * The contents of this file are subject to the vtiger CRM Public License Version 1.0
+ * ("License"); You may not use this file except in compliance with the License
+ * The Original Code is: vtiger CRM Open Source
+ * The Initial Developer of the Original Code is vtiger.
+ * Portions created by vtiger are Copyright (C) vtiger.
+ * All Rights Reserved.
+ *************************************************************************************/
+
+include_once 'vtlib/Vtiger/Module.php';
+include_once 'includes/Loader.php';
+vimport('includes.runtime.EntryPoint');
+
+Vtiger_ShowFile_Helper::handle(vtlib_purify($_REQUEST['fid']), vtlib_purify($_REQUEST['key']));
\ No newline at end of file
diff --git a/vtlib/Vtiger/Functions.php b/vtlib/Vtiger/Functions.php
index c3be5245323522655dbd72a9a8f0ca79b6577d0c..840421bb863ddff0ad429d13629530e8651258b6 100644
--- a/vtlib/Vtiger/Functions.php
+++ b/vtlib/Vtiger/Functions.php
@@ -1507,4 +1507,20 @@ class Vtiger_Functions {
}
return $ok;
}
+
+ /**
+ * Function to get file public url to access outside of CRM (from emails)
+ * @param <Integer> $fileId
+ * @param <String> $fileName
+ * @return <String> $sourceUrl
+ */
+ public static function getFilePublicURL($imageId, $imageName) {
+ $publicUrl = '';
+ $fileId = $imageId;
+ $fileName = $imageName;
+ if ($fileId) {
+ $publicUrl = "public.php?fid=$fileId&key=".$fileName;
+ }
+ return $publicUrl;
+ }
}