Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • vtiger/vtigercrm
  • varma/vtigercrm
  • alanbell/vtigercrm
  • mariusz.krzaczkowski/vtigercrm
  • manu.k/vtigercrm
  • adrgranado/vtigercrm
  • uma.s/vtigercrm
  • sardoj/vtigercrm
  • preexo/vtigercrm
  • david.valminos/vtigercrm
  • luca.saba/vtigercrm
  • dubwise/vtigercrm
  • valmir.ttcasolucoes/vtigercrm
  • lord_alan/vtigercrm
  • adrien.futschik/vtigercrm
  • edonit.rexhepi/vtigercrm
  • robert.heinze/vtigercrm
  • nrdimatteo/vtigercrm
  • sebastianzahan/vtigercrm
  • Miky/vtigercrm
  • germanf/vtigercrm
  • bernhardkau1/vtigercrm
  • olegtsoy/vtigercrm
  • grandel/vtigercrm
  • mario.thummler/vtigercrm
  • sutharsan/vtigercrm
  • james.douglas/vtigercrm
  • vikas/vtigercrm
  • jeffmchristensen/vtigercrm
  • lukasz.g/vtigercrm
  • nicolas.gasnier/vtigercrm
  • hamish.theitcompany/vtigercrm
  • engrbm87/vtigercrm
  • Quoc/vtigercrm
  • peter.maria.engeli/vtigercrm
  • kiranraju.j/vtigercrm
  • manuel.lozano/vtigercrm
  • dhaupin/vtigercrm
  • Ragupathyranesh/vtigercrm
  • Stefanbauer/vtigercrm
  • ruben.estrada/vtigercrm
  • sg_mwi1/vtigercrm
  • khaluk/vtigercrm
  • franzfroemel/vtigercrm
  • milan9615/vtigercrm
  • carlos.martin/vtigercrm
  • cmaggi/vtigercrm
  • Soltoon.theLeader/vtigercrm
  • alex.kaplun/vtigercrm
  • navid.hosseini/vtigercrm
  • maie/vtigercrm
  • simonetravaglini/vtigercrm
  • bertrand.wattel/vtigercrm
  • balaji.m/vtigercrm
  • mclarke4/vtigercrm
  • lajeeshk/vtigercrm
  • liam/vtigercrm
  • novikov.sergey/vtigercrm
  • johnwayne.williamson/vtigercrm
  • florian.strahberger-schramm/vtigercrm
  • daniel.schaefer/vtigercrm
  • christopher.gunther/vtigercrm
  • adrien.faveraux/vtigercrm
  • carsten.brandt/vtigercrm
  • stephane.molano/vtigercrm
  • krastan.petrov/vtigercrm
  • alfredo.bravo/vtigercrm
  • flipflop.Joe/vtigercrm
  • mirko.stagni/vtigercrm
  • remigio.ruberto/vtigercrm
  • gautam.dhudashiya/vtigercrm
  • manish.devitechnosolutions1/vtigercrm
  • matinbeigi/vtigercrm
  • devs/vtigercrm
  • happy.dev/vtigercrm
  • m.gigon/vtigercrm
  • manuelmigone/vtigercrm
  • eduardo.gqf/vtigercrm
  • elsayedEl-araby/vtigercrm
  • mirza.mehran/vtigercrm
  • maurice.courtois/vtigercrm
  • zuhri.utama/vtigercrm
  • shilpa.k/vtigercrm
  • Ignazio/vtigercrm
  • code80team/vtigercrm
  • code80/vtigercrm
  • nilay.automatesmb/cache
  • greeshma.kk/vtigercrm
  • vijay.tilak/vtigercrm
  • Paolo.Palamini/vtigercrm
  • estevan/vtigercrm
  • mobilcmcdk/vtigercrm
  • massimiliano.vessi/vtigercrm
  • daniel.voelskow/vtigercrm
  • james1/vtigercrm
  • lokesh.s/vtigercrm
  • rdb/vtigercrm
  • neftaliyagua/vtigercrm
  • angelo.paglialonga/vtigercrm
  • webmarka/vtigercrm
  • javanile/vtigercrm
  • akshath/vtigercrm
  • Hemanth/vtigercrm
  • opencrmitalia/vtigercrm
  • direzione/vtigercrm
  • umadas306/vtigercrm
  • jd-wraptec/vtigercrm
  • felipe.camacho/vtigercrm
  • Martin.allen/vtigercrm
  • amit.r/vtigercrm
  • vicus/vtigercrm
  • dev.osmi/vtigercrm
  • laurent.guillout/vtigercrm
  • christian.blaeul/vtigercrm
  • ap.js100/vtigercrm
  • yoann.mourot/vtigercrm-temp
  • christian.cruz/vtigercrm
  • zyli/vtigercrm
  • kaushik.p/vtigercrm
  • Madhuk/vtigercrm
  • cinakzm/vtigercrm
  • raquel.martinez/vtigercrm
  • tosajibadhi/vtigercrm
  • melvin.i/vtigercrm-melvin
  • ashashingadia/vtigercrm
  • stefanwarnat/vtigercrm
  • saran.s/vtigercrm
  • eduardomozart/vtigercrm
  • Daniel.Lennartz1/vtigercrm
  • juergen.fassmann/vtigercrm
  • Michel.Ram/vtigercrm
  • vincenzo.bruno/vtigercrm
  • Hitesh.Solanki/vtigercrm
133 results
Show changes
Hide whitespace changes
Inline Side-by-side
Showing
with 276 additions and 125 deletions
include/events/SqlResultIterator.inc
View file @ 0d4217fe
......@@ -8,32 +8,42 @@
* All Rights Reserved.
*************************************************************************************/
#[\AllowDynamicProperties]
class SqlResultIterator implements Iterator{
var $result;
var $adb;
var $pos;
function __construct($adb, $result){
$this->result = $result;
$this->adb = $adb;
$this->pos = 0;
}
#[\ReturnTypeWillChange]
public function rewind(){
$this->pos = 0;
}
#[\ReturnTypeWillChange]
function valid(){
$adb = $this->adb;
return $this->pos < $adb->num_rows($this->result);
}
#[\ReturnTypeWillChange]
public function next(){
$this->pos+=1;
}
#[\ReturnTypeWillChange]
public function current(){
$adb = $this->adb;
$data = $adb->raw_query_result_rowdata($this->result, $this->pos);
return new SqlResultIteratorRow($data);
}
#[\ReturnTypeWillChange]
public function key(){
return $this->pos;
}
......@@ -74,6 +84,8 @@
}
class SqlResultIteratorRow{
var $data;
function __construct($data){
$this->data = $data;
}
......
include/events/VTEntityData.inc
View file @ 0d4217fe
......@@ -11,6 +11,7 @@
/**
* A wrapper around CRMEntity instances
*/
#[\AllowDynamicProperties]
class VTEntityData{
private $isNew = false;
......@@ -84,7 +85,7 @@ class VTEntityData{
// added to compute label needed in event handlers
//TODO : need to make sure entity fields are cached
$entityFields = Vtiger_Functions::getEntityModuleInfo($crmEntity->moduleName);
$entityFields = isset($crmEntity->moduleName) ? Vtiger_Functions::getEntityModuleInfo($crmEntity->moduleName) : array("fieldname" => array());
if (!empty($entityFields['fieldname'])) {
$entityFieldNames = explode(',', $entityFields['fieldname']);
$label = '';
......@@ -111,7 +112,7 @@ class VTEntityData{
* @return The entity id.
*/
function getId(){
return $this->focus->id;
return is_object($this->focus) && property_exists($this->focus, "id") ? $this->focus->id : null;
}
/**
......
include/events/VTEventCondition.php
View file @ 0d4217fe
......@@ -8,6 +8,7 @@
* All Rights Reserved.
*************************************************************************************/
#[\AllowDynamicProperties]
class VTEventCondition{
function __construct($expr){
if($expr!=''){
......@@ -79,4 +80,4 @@
}
}
?>
\ No newline at end of file
?>
include/events/VTEventHandler.inc
View file @ 0d4217fe
......@@ -8,7 +8,8 @@
* All Rights Reserved.
*************************************************************************************/
#[\AllowDynamicProperties]
abstract class VTEventHandler{
public abstract function handleEvent($name, $data);
}
?>
\ No newline at end of file
?>
include/events/VTEventTrigger.inc
View file @ 0d4217fe
......@@ -9,6 +9,8 @@
*************************************************************************************/
require_once 'include/events/VTBatchEventTrigger.inc';
require_once("include/events/SqlResultIterator.inc");
#[\AllowDynamicProperties]
class VTEventTrigger{
/* EventTrigger cache management */
......@@ -168,4 +170,4 @@
return new self($adb, $triggerName);
}
}
?>
\ No newline at end of file
?>
include/events/VTEventsManager.inc
View file @ 0d4217fe
......@@ -12,6 +12,8 @@
* Create and trigger events in vtiger
*/
class VTEventsManager{
var $adb;
function __construct($adb){
$this->adb = $adb;
}
......
include/fields/CurrencyField.php
View file @ 0d4217fe
......@@ -125,6 +125,7 @@ class CurrencyField {
public static function convertToUserFormat($value, $user=null, $skipConversion=false, $skipFormatting=false) {
// To support negative values
$negative = false;
if(!$value) return $value;
if(stripos($value, '-') === 0) {
$negative = true;
$value = substr($value, 1);
......@@ -197,7 +198,7 @@ class CurrencyField {
* @return Formatted Currency
*/
private function _formatCurrencyValue($value) {
if(empty($value)) {
if(empty($value) || !is_numeric($value)) {
$value = 0;
}
$currencyPattern = $this->currencyFormat;
......@@ -355,8 +356,8 @@ class CurrencyField {
$decimalSeparator = $this->decimalSeparator;
if(empty($currencySeparator)) $currencySeparator = ' ';
if(empty($decimalSeparator)) $decimalSeparator = ' ';
$value = str_replace("$currencySeparator", "", $value);
$value = str_replace("$decimalSeparator", ".", $value);
$value = isset($value) ? str_replace("$currencySeparator", "", $value) : '';
$value = isset($value) ? str_replace("$decimalSeparator", ".", $value) : '';
if($skipConversion == false) {
$value = self::convertToDollar($value,$this->conversionRate);
......@@ -447,7 +448,7 @@ class CurrencyField {
$decimalSeparator = $user->currency_decimal_separator;
}
$fieldValue = explode(decode_html($decimalSeparator), $value);
$fieldValue = vtlib_array(explode(decode_html($decimalSeparator), $value));
if(strlen($fieldValue[1]) <= 1){
if(strlen($fieldValue[1]) == 1) {
return $value = $fieldValue[0].$decimalSeparator.$fieldValue[1];
......
include/fields/DateTimeField.php
View file @ 0d4217fe
......@@ -13,6 +13,8 @@ class DateTimeField {
static protected $databaseTimeZone = null;
protected $datetime;
protected $date;
protected $time;
private static $cache = array();
/**
......@@ -84,7 +86,7 @@ class DateTimeField {
$user = $current_user;
}
$format = $current_user->date_format;
$format = isset($current_user->date_format)? $current_user->date_format : "";
if (empty($format)) {
if (false === strpos($date, '-')) {
if(false === strpos($date, '.')){
......@@ -135,11 +137,15 @@ class DateTimeField {
list($d, $m, $y) = explode('-', $date);
break;
case 'mm-dd-yyyy':
list($m, $d, $y) = explode('-', $date);
break;
if (substr_count($date, '-') == 2) {
list($m, $d, $y) = explode('-', $date);
}
break;
case 'yyyy-mm-dd':
list($y, $m, $d) = explode('-', $date);
break;
if (substr_count($date, '-') == 2) {
list($y, $m, $d) = explode('-', $date);
}
break;
}
if (!empty($y) && !empty($m) && !empty($d)) {
......@@ -173,7 +179,7 @@ class DateTimeField {
if(empty($user)) {
$user = $current_user;
}
$format = $user->date_format;
$format = isset($user->date_format) ? $user->date_format : "";
if(empty($format)) {
$format = 'dd-mm-yyyy';
}
......@@ -190,7 +196,10 @@ class DateTimeField {
public static function __convertToUserFormat($date, $format)
{
$date = self::convertToInternalFormat($date);
list($y, $m, $d) = explode('-', $date[0]);
$dates=explode('-', $date[0]);
$y=isset($dates[0])?$dates[0]:'';
$m=isset($dates[1])?$dates[1]:'';
$d=isset($dates[2])?$dates[2]:'';
switch ($format) {
case 'dd.mm.yyyy':
......@@ -276,7 +285,7 @@ class DateTimeField {
// create datetime object for given time in source timezone
$sourceTimeZone = new DateTimeZone($sourceTimeZoneName);
if($time == '24:00') $time = '00:00';
$myDateTime = new DateTime($time, $sourceTimeZone);
$myDateTime = new DateTime(isset($time) ? $time : '', $sourceTimeZone);
// convert this to target timezone using the DateTimeZone object
$targetTimeZone = new DateTimeZone($targetTimeZoneName);
......@@ -354,7 +363,7 @@ class DateTimeField {
if(empty($user)) {
$user = $current_user;
}
return str_replace(array('yyyy', 'mm','dd'), array('Y', 'm', 'd'), $user->date_format);
return str_replace(array('yyyy', 'mm','dd'), array('Y', 'm', 'd'), isset($user->date_format)? $user->date_format : "");
}
private static function sanitizeDate($value, $user) {
......@@ -369,8 +378,8 @@ class DateTimeField {
$time = false;
/* If date-value is other than yyyy-mm-dd */
if(strpos($value, "-") < 4 && $user->date_format) {
list($date, $time) = explode(' ', $value);
if(strpos($value, "-") < 4 && isset($user->date_format) && $user->date_format) {
list($date, $time) = explode(' ', strpos($value, ' ') ? $value : "$value ");
if(!empty($date)) {
switch ($user->date_format) {
case 'mm.dd.yyyy': list($m, $d, $y) = explode('.', $date); break;
......@@ -382,7 +391,7 @@ class DateTimeField {
}
}
if ($y) {
$value = "$y-$m-$d ".rtrim($time);
$value = "$y-$m-$d ".rtrim($time ? $time : '');
}
}
return $value;
......
include/utils/ConfigReader.php
View file @ 0d4217fe
......@@ -24,7 +24,7 @@ class ConfigReader {
function load($path, $name, $force = false) {
$this->name = $path;
if(!$force && isset(self::$propertiesCache) && self::$propertiesCache[$path]) {
if(!$force && isset(self::$propertiesCache) && isset(self::$propertiesCache[$path]) && self::$propertiesCache[$path]) {
$this->properties = self::$propertiesCache[$path];
return;
}
......@@ -46,4 +46,4 @@ class ConfigReader {
}
}
?>
\ No newline at end of file
?>
include/utils/EditViewUtils.php
View file @ 0d4217fe
......@@ -89,6 +89,7 @@ function getAssociatedProducts($module, $focus, $seid = '', $refModuleName = fal
$log->debug("Entering getAssociatedProducts(".$module.",".get_class($focus).",".$seid."='') method ...");
global $adb;
$output = '';
$taxtype = '';
global $theme,$current_user;
$no_of_decimal_places = getCurrencyDecimalPlaces();
......@@ -235,7 +236,7 @@ function getAssociatedProducts($module, $focus, $seid = '', $refModuleName = fal
$product_Detail[$i]['delRow'.$i]="Del";
}
if (in_array($module, $lineItemSupportedModules) || $module === 'Vendors' || (!$focus->mode && $seid)) {
if (in_array($module, $lineItemSupportedModules) || $module === 'Vendors' || (!isset($focus->mode) && $seid) || (!$focus->mode && $seid)) {
$subProductsQuery = 'SELECT vtiger_seproductsrel.crmid AS prod_id, quantity FROM vtiger_seproductsrel
INNER JOIN vtiger_crmentity ON vtiger_crmentity.crmid = vtiger_seproductsrel.crmid
INNER JOIN vtiger_products ON vtiger_products.productid = vtiger_seproductsrel.crmid
......@@ -248,6 +249,7 @@ function getAssociatedProducts($module, $focus, $seid = '', $refModuleName = fal
array_push($subParams, 'Products');
} else {
$subProductsQuery = 'SELECT productid AS prod_id, quantity FROM vtiger_inventorysubproductrel WHERE id=? AND sequence_no=?';
$focus->id = isset($focus->id) ? $focus->id : "";
$subParams = array($focus->id, $i);
}
$subProductsResult = $adb->pquery($subProductsQuery, $subParams);
......@@ -276,7 +278,7 @@ function getAssociatedProducts($module, $focus, $seid = '', $refModuleName = fal
$product_Detail[$i]['hdnProductId'.$i] = $hdnProductId;
$product_Detail[$i]['productName'.$i] = from_html($productname);
/* Added to fix the issue Product Pop-up name display*/
if($_REQUEST['action'] == 'CreateSOPDF' || $_REQUEST['action'] == 'CreatePDF' || $_REQUEST['action'] == 'SendPDFMail')
if((isset($_REQUEST['action'])) && ($_REQUEST['action'] == 'CreateSOPDF' || $_REQUEST['action'] == 'CreatePDF' || $_REQUEST['action'] == 'SendPDFMail'))
$product_Detail[$i]['productName'.$i]= htmlspecialchars($product_Detail[$i]['productName'.$i]);
$product_Detail[$i]['hdnProductcode'.$i] = $hdnProductcode;
$product_Detail[$i]['productDescription'.$i]= from_html($productdescription);
......@@ -285,7 +287,7 @@ function getAssociatedProducts($module, $focus, $seid = '', $refModuleName = fal
}else {
$product_Detail[$i]['comment'.$i]= $comment;
}
$focus->object_name=isset($focus->object_name) ? $focus->object_name : '';
if($module != 'PurchaseOrder' && $focus->object_name != 'Order') {
$product_Detail[$i]['qtyInStock'.$i]=decimalFormat($qtyinstock);
}
......@@ -301,7 +303,7 @@ function getAssociatedProducts($module, $focus, $seid = '', $refModuleName = fal
}
$discount_percent = decimalFormat($adb->query_result($result,$i-1,'discount_percent'));
$discount_amount = $adb->query_result($result,$i-1,'discount_amount');
$discount_amount = decimalFormat(number_format($discount_amount, $no_of_decimal_places,'.',''));
$discount_amount = isset($discount_amount) ? decimalFormat(number_format($discount_amount, $no_of_decimal_places,'.','')):"";
$discountTotal = 0;
//Based on the discount percent or amount we will show the discount details
......@@ -404,12 +406,12 @@ function getAssociatedProducts($module, $focus, $seid = '', $refModuleName = fal
$finalDiscount = 0;
$product_Detail[1]['final_details']['discount_type_final'] = 'zero';
$subTotal = ($focus->column_fields['hdnSubTotal'] != '')?$focus->column_fields['hdnSubTotal']:0;
$subTotal = (isset($focus->column_fields['hdnSubTotal']) && $focus->column_fields['hdnSubTotal'] != '') ? $focus->column_fields['hdnSubTotal'] : 0;
$subTotal = number_format($subTotal, $no_of_decimal_places,'.','');
$product_Detail[1]['final_details']['hdnSubTotal'] = $subTotal;
$discountPercent = ($focus->column_fields['hdnDiscountPercent'] != '')?$focus->column_fields['hdnDiscountPercent']:0;
$discountAmount = ($focus->column_fields['hdnDiscountAmount'] != '')?$focus->column_fields['hdnDiscountAmount']:0;
$discountPercent = (isset($focus->column_fields['hdnDiscountPercent']) && $focus->column_fields['hdnDiscountPercent'] != '') ? $focus->column_fields['hdnDiscountPercent'] : 0;
$discountAmount = (isset($focus->column_fields['hdnDiscountAmount']) && $focus->column_fields['hdnDiscountAmount'] != '') ? $focus->column_fields['hdnDiscountAmount'] : 0;
if($discountPercent != '0'){
$discountAmount = ($product_Detail[1]['final_details']['hdnSubTotal'] * $discountPercent / 100);
}
......@@ -420,8 +422,8 @@ function getAssociatedProducts($module, $focus, $seid = '', $refModuleName = fal
$product_Detail[1]['final_details']['discount_percentage_final'] = 0;
$product_Detail[1]['final_details']['discount_amount_final'] = $discount_amount_final;
$hdnDiscountPercent = (float) $focus->column_fields['hdnDiscountPercent'];
$hdnDiscountAmount = (float) $focus->column_fields['hdnDiscountAmount'];
$hdnDiscountPercent = isset($focus->column_fields['hdnDiscountPercent']) ? (float) $focus->column_fields['hdnDiscountPercent'] : 0.0;
$hdnDiscountAmount = isset($focus->column_fields['hdnDiscountAmount']) ? (float) $focus->column_fields['hdnDiscountAmount'] : 0.0;
if(!empty($hdnDiscountPercent)) {
$finalDiscount = ($subTotal*$discountPercent/100);
......@@ -468,9 +470,11 @@ function getAssociatedProducts($module, $focus, $seid = '', $refModuleName = fal
if($tax_percent == '' || $tax_percent == 'NULL')
$tax_percent = 0;
$taxamount = ($subTotal-$finalDiscount)*$tax_percent/100;
list($before_dot, $after_dot) = explode('.', $taxamount);
if($after_dot[$no_of_decimal_places] == 5) {
$taxamount = round($taxamount, $no_of_decimal_places, PHP_ROUND_HALF_DOWN);
$split_taxamounts =explode('.', $taxamount);
$before_dot=isset($split_taxamounts[0]) ? $split_taxamounts[0] : '';
$after_dot=isset($split_taxamounts[1]) ? $split_taxamounts[1] : '';
if(isset($after_dot[$no_of_decimal_places]) && $after_dot[$no_of_decimal_places] == 5) {
$taxamount = round($taxamount, $no_of_decimal_places, PHP_ROUND_HALF_UP);
} else {
$taxamount = number_format($taxamount, $no_of_decimal_places,'.','');
}
......@@ -521,7 +525,7 @@ function getAssociatedProducts($module, $focus, $seid = '', $refModuleName = fal
$product_Detail[1]['final_details']['tax_totalamount'] = number_format($taxTotal, $no_of_decimal_places, '.', '');
//To set the Shipping & Handling charge
$shCharge = ($focus->column_fields['hdnS_H_Amount'] != '')?$focus->column_fields['hdnS_H_Amount']:0;
$shCharge = (isset($focus->column_fields['hdnS_H_Amount']) && $focus->column_fields['hdnS_H_Amount'] != '') ? $focus->column_fields['hdnS_H_Amount'] : 0;
$shCharge = number_format($shCharge, $no_of_decimal_places,'.','');
$product_Detail[1]['final_details']['shipping_handling_charge'] = $shCharge;
......@@ -539,7 +543,7 @@ function getAssociatedProducts($module, $focus, $seid = '', $refModuleName = fal
$shtax_percent = 0;
//if condition is added to call this function when we create PO/SO/Quotes/Invoice from Product module
if (in_array($module, $inventoryModules)) {
$shtax_percent = getInventorySHTaxPercent($focus->id,$shtax_name);
$shtax_percent = getInventorySHTaxPercent($focus->id,$shtax_name,$shtax_count);
}
$shtaxamount = $shCharge*$shtax_percent/100;
$shtaxtotal = $shtaxtotal + $shtaxamount;
......@@ -557,12 +561,12 @@ function getAssociatedProducts($module, $focus, $seid = '', $refModuleName = fal
$product_Detail[1]['final_details']['shtax_totalamount'] = $shtaxtotal;
//To set the Adjustment value
$adjustment = ($focus->column_fields['txtAdjustment'] != '')?$focus->column_fields['txtAdjustment']:0;
$adjustment = (isset($focus->column_fields['txtAdjustment']) && $focus->column_fields['txtAdjustment'] != '') ? $focus->column_fields['txtAdjustment'] : 0;
$adjustment = number_format($adjustment, $no_of_decimal_places,'.','');
$product_Detail[1]['final_details']['adjustment'] = $adjustment;
//To set the grand total
$grandTotal = ($focus->column_fields['hdnGrandTotal'] != '')?$focus->column_fields['hdnGrandTotal']:0;
$grandTotal = (isset($focus->column_fields['hdnGrandTotal']) && $focus->column_fields['hdnGrandTotal'] != '')?$focus->column_fields['hdnGrandTotal']:0;
$grandTotal = number_format($grandTotal, $no_of_decimal_places,'.','');
$product_Detail[1]['final_details']['grandTotal'] = $grandTotal;
......@@ -623,4 +627,4 @@ function split_validationdataArray($validationData)
}
?>
\ No newline at end of file
?>
include/utils/EmailTemplate.php
View file @ 0d4217fe
......@@ -50,17 +50,19 @@ class EmailTemplate {
for ($i = 0; $i < php7_count($templateVariablePair); $i++) {
$templateVariablePair[$i] = str_replace('$', '', $templateVariablePair[$i]);
list($module, $columnName) = explode('-', $templateVariablePair[$i]);
list($parentColumn, $childColumn) = explode(':', $columnName);
$this->templateFields[$module][] = $parentColumn;
$this->referencedFields[$parentColumn][] = $childColumn;
$this->processedmodules[$module] = false;
if(isset($columnName) && strpos($columnName, ':') !== false) {
list($parentColumn, $childColumn) = explode(':', $columnName);
$this->templateFields[$module][] = $parentColumn;
$this->referencedFields[$parentColumn][] = $childColumn;
$this->processedmodules[$module] = false;
}
}
$this->processed = false;
}
}
private function getTemplateVariableListForModule($module) {
return $this->templateFields[strtolower($module)];
return isset($this->templateFields[strtolower($module)]) ? $this->templateFields[strtolower($module)] : "";
}
public function process($params) {
......
include/utils/InventoryUtils.php
View file @ 0d4217fe
......@@ -21,7 +21,7 @@
function updateStk($product_id,$qty,$mode,$ext_prod_arr,$module)
{
global $log;
$log->debug("Entering updateStk(".$product_id.",".$qty.",".$mode.",".$ext_prod_arr.",".$module.") method ...");
$log->debug("Entering updateStk(".$product_id.",".$qty.",".$mode.",".implode('',$ext_prod_arr).",".$module.") method ...");
global $adb;
global $current_user;
......@@ -200,7 +200,8 @@ function getProductTaxPercentage($type,$productid,$default='')
if($current_user->truncate_trailing_zeros == true) {
$taxpercentage = decimalFormat($taxpercentage);
}
return array('percentage' => $taxpercentage, 'regions' => Zend_Json::decode(html_entity_decode($adb->query_result($res, $i, 'regions'))));
$regions=$adb->query_result($res,0, 'regions');
return array('percentage' => $taxpercentage, 'regions' => Zend_Json::decode(html_entity_decode(!empty($regions) ? $regions : '[]')));
}
/** Function used to add the history entry in the relevant tables for PO, SO, Quotes and Invoice modules
......@@ -383,7 +384,8 @@ function getTaxDetailsForProduct($productid, $available='all')
$tax_details[$i]['type'] = $adb->query_result($res, $i, 'type');
$tax_details[$i]['regions'] = Zend_Json::decode(html_entity_decode($adb->query_result($res, $i, 'taxregions')));
$tax_details[$i]['compoundon'] = Zend_Json::decode(html_entity_decode($adb->query_result($res, $i, 'compoundon')));
$tax_details[$i]['productregions']= Zend_Json::decode(html_entity_decode($adb->query_result($res, $i, 'productregions')));
$productregions=$adb->query_result($res, $i, 'productregions');
$tax_details[$i]['productregions']= Zend_Json::decode(html_entity_decode(!empty($productregions) ? $productregions : ''));
}
}
else
......@@ -425,6 +427,7 @@ function deleteInventoryProductDetails($focus)
}
}
}
$focus->update_product_array=isset($focus->update_product_array) ? $focus->update_product_array :''; //to avoid undefined property warning.
$updateInventoryProductRel_update_product_array = $focus->update_product_array;
$adb->pquery("delete from vtiger_inventoryproductrel where id=?", array($focus->id));
$adb->pquery("delete from vtiger_inventorysubproductrel where id=?", array($focus->id));
......@@ -437,6 +440,7 @@ function updateInventoryProductRel($entity) {
global $log, $adb,$updateInventoryProductRel_update_product_array,$updateInventoryProductRel_deduct_stock;
$entity_id = vtws_getIdComponents($entity->getId());
$entity_id = $entity_id[1];
$statusFieldName = '';
$update_product_array = $updateInventoryProductRel_update_product_array;
$log->debug("Entering into function updateInventoryProductRel(".$entity_id.").");
......@@ -474,7 +478,7 @@ function updateInventoryProductRel($entity) {
$updateInventoryProductRel_deduct_stock = false;
deductProductsFromStock($entity_id);
}
} elseif($recordDetails[$statusFieldName] == $statusFieldValue) {
} elseif(isset($recordDetails[$statusFieldName]) && $recordDetails[$statusFieldName] == $statusFieldValue) {
$updateInventoryProductRel_deduct_stock = false;
}
......@@ -613,6 +617,7 @@ function saveInventoryProductDetails(&$focus, $module, $update_prod_stock='false
{
global $log, $adb;
$id=$focus->id;
$description='';
$log->debug("Entering into function saveInventoryProductDetails($module).");
//Added to get the convertid
if(isset($_REQUEST['convert_from']) && $_REQUEST['convert_from'] !='')
......@@ -644,7 +649,7 @@ function saveInventoryProductDetails(&$focus, $module, $update_prod_stock='false
for($i=1; $i<=$tot_no_prod; $i++)
{
//if the product is deleted then we should avoid saving the deleted products
if($_REQUEST["deleted".$i] == 1)
if(isset($_REQUEST["deleted".$i]) && $_REQUEST["deleted".$i] == 1)
continue;
$prod_id = vtlib_purify($_REQUEST['hdnProductId'.$i]);
......@@ -663,8 +668,8 @@ function saveInventoryProductDetails(&$focus, $module, $update_prod_stock='false
$qty = vtlib_purify($_REQUEST['qty'.$i]);
$listprice = vtlib_purify($_REQUEST['listPrice'.$i]);
$comment = vtlib_purify($_REQUEST['comment'.$i]);
$purchaseCost = vtlib_purify($_REQUEST['purchaseCost'.$i]);
$margin = vtlib_purify($_REQUEST['margin'.$i]);
$purchaseCost = isset($_REQUEST['purchaseCost'.$i]) ? vtlib_purify($_REQUEST['purchaseCost'.$i]) : "";
$margin = isset($_REQUEST['margin'.$i]) ? vtlib_purify($_REQUEST['margin'.$i]) : "";
if($module == 'SalesOrder') {
if($updateDemand == '-')
......@@ -779,12 +784,12 @@ function saveInventoryProductDetails(&$focus, $module, $update_prod_stock='false
$taxName = $all_available_taxes[$taxCount]['taxname'];
$requestTaxName = $taxName.'_group_percentage';
$taxValue = 0;
if(isset($_REQUEST[$requestTaxName])) {
if(isset($_REQUEST[$requestTaxName]) && !empty($_REQUEST[$requestTaxName])) {
$taxValue = vtlib_purify($_REQUEST[$requestTaxName]);
}
$updatequery .= " $taxName = ?,";
array_push($updateparams, (-$taxValue));
array_push($updateparams, (-1 * $taxValue));
}
}
......@@ -838,7 +843,7 @@ function saveInventoryProductDetails(&$focus, $module, $update_prod_stock='false
//if the user gave - sign in adjustment then add with the value
$adjustmentType = '';
if($_REQUEST['adjustmentType'] == '-')
if(isset($_REQUEST['adjustmentType']) && $_REQUEST['adjustmentType'] == '-')
$adjustmentType = vtlib_purify($_REQUEST['adjustmentType']);
$adjustment = vtlib_purify($_REQUEST['adjustment']);
......@@ -969,7 +974,7 @@ function getInventoryProductTaxValue($id, $productId, $taxName, $lineItemId = 0)
* @param string $taxname - shipping and handling taxname
* @return float $taxpercentage - shipping and handling taxpercentage which is associated with the given entity
*/
function getInventorySHTaxPercent($id, $taxname)
function getInventorySHTaxPercent($id, $taxname, $taxnum=null)
{
global $log, $adb;
$log->debug("Entering into function getInventorySHTaxPercent($id, $taxname)");
......@@ -978,6 +983,22 @@ function getInventorySHTaxPercent($id, $taxname)
$res = $adb->pquery("select $taxname from vtiger_inventoryshippingrel where id= ?", array($id));
$taxpercentage = $adb->query_result($res,0,$taxname);
// If shipping details is not found then try to get the values from the vtiger_inventorychargesrel
// where the actual shipping and handling tax info of particular record stored.
if($adb->num_rows($res) < 1){
$j=$taxnum+1;
// parse through the json detail and extract the value of specific tax.
$charges_result = $adb->pquery(
"SELECT JSON_UNQUOTE(JSON_EXTRACT(charges, CONCAT('$.\"1\".taxes.\"', ? ,'\"'))) as charges
FROM vtiger_inventorychargesrel
WHERE recordid = ?",
array($taxnum + 1, $id)
);
$rowData = $adb->fetch_array($charges_result);
$charges = isset($rowData['charges']) ? Zend_Json::decode(html_entity_decode($rowData['charges'])):"";
$taxpercentage = $charges;
}
if($taxpercentage == '')
$taxpercentage = 0;
......@@ -1179,7 +1200,7 @@ function getBaseConversionRateForProduct($productid, $mode='edit', $module='Prod
$res = $adb->pquery($sql, $params);
$conv_rate = $adb->query_result($res, 0, 'conversion_rate');
return 1 / $conv_rate;
return $conv_rate ? (1 / $conv_rate) : 1;
}
/** Function used to get the prices for the given list of products based in the specified currency
......@@ -1730,4 +1751,4 @@ function getCompoundTaxesInfoForInventoryRecord($recordId, $moduleName) {
return $compoundTaxesInfo;
}
?>
\ No newline at end of file
?>
include/utils/ListViewUtils.php
View file @ 0d4217fe
......@@ -674,12 +674,17 @@ function decode_emptyspace_html($str){
}
function decode_html($str) {
// null or blank
if (!$str) return $str;
global $default_charset;
// Direct Popup action or Ajax Popup action should be treated the same.
if ((isset($_REQUEST['action']) && $_REQUEST['action'] == 'Popup') || (isset($_REQUEST['file']) && $_REQUEST['file'] == 'Popup'))
return html_entity_decode($str);
else
else if ($str)
return html_entity_decode($str, ENT_QUOTES, $default_charset);
else
return $str;
}
function popup_decode_html($str) {
......@@ -692,7 +697,7 @@ function popup_decode_html($str) {
//function added to check the text length in the listview.
function textlength_check($field_val) {
global $listview_max_textlength, $default_charset;
if ($listview_max_textlength && $listview_max_textlength > 0) {
if ($field_val && $listview_max_textlength && $listview_max_textlength > 0) {
$temp_val = preg_replace("/(<\/?)(\w+)([^>]*>)/i", "", $field_val);
if (function_exists('mb_strlen')) {
if (mb_strlen(decode_html($temp_val)) > $listview_max_textlength) {
......
include/utils/UserInfoUtil.php
View file @ 0d4217fe
......@@ -352,21 +352,21 @@ function isPermitted($module,$actionname,$record_id='')
}
}
//Checking for vtiger_tab permission
if($profileTabsPermission[$tabid] !=0)
if(isset($profileTabsPermission[$tabid]) && $profileTabsPermission[$tabid] !=0)
{
$permission = "no";
$log->debug("Exiting isPermitted method ...");
return $permission;
}
//Checking for Action Permission
if(strlen($profileActionPermission[$tabid][$actionid]) < 1 && $profileActionPermission[$tabid][$actionid] == '')
if(isset($profileActionPermission[$tabid][$actionid]) && strlen($profileActionPermission[$tabid][$actionid]) < 1 && $profileActionPermission[$tabid][$actionid] == '')
{
$permission = "yes";
$log->debug("Exiting isPermitted method ...");
return $permission;
}
if($profileActionPermission[$tabid][$actionid] != 0 && $profileActionPermission[$tabid][$actionid] != '')
if(isset($profileActionPermission[$tabid][$actionid]) && $profileActionPermission[$tabid][$actionid] != 0 && $profileActionPermission[$tabid][$actionid] != '')
{
$permission = "no";
$log->debug("Exiting isPermitted method ...");
......@@ -1054,8 +1054,9 @@ function getRoleInformation($roleid)
$rolename=$adb->query_result($result,0,'rolename');
$parentrole=$adb->query_result($result,0,'parentrole');
$roledepth=$adb->query_result($result,0,'depth');
$parentRoleArr=explode('::',$parentrole);
$immediateParent=$parentRoleArr[php7_sizeof($parentRoleArr)-2];
$parentRoleArr=explode('::',$parentrole ? $parentrole:'');
$parentRoleArrLen=php7_sizeof($parentRoleArr);
$immediateParent=$parentRoleArrLen>=2 ? $parentRoleArr[$parentRoleArrLen-2]:null;
$roleDet=Array();
$roleDet[]=$rolename;
$roleDet[]=$parentrole;
......@@ -1458,8 +1459,11 @@ function getCombinedUserGlobalPermissions($userId)
$no_of_profiles=php7_sizeof($profArr);
$userGlobalPerrArr=Array();
$userGlobalPerrArr=getProfileGlobalPermission($profArr[0]);
if($no_of_profiles != 1)
if($no_of_profiles) {
$userGlobalPerrArr=getProfileGlobalPermission($profArr[0]);
}
if($no_of_profiles > 1)
{
for($i=1;$i<$no_of_profiles;$i++)
{
......@@ -1593,7 +1597,7 @@ function getParentRole($roleId)
$log->debug("Entering getParentRole(".$roleId.") method ...");
$roleInfo=getRoleInformation($roleId);
$parentRole=$roleInfo[$roleId][1];
$tempParentRoleArr=explode('::',$parentRole);
$tempParentRoleArr=explode('::',$parentRole?$parentRole:'');
$parentRoleArr=Array();
foreach($tempParentRoleArr as $role_id)
{
......@@ -2128,7 +2132,7 @@ function getPermittedModuleNames()
{
foreach($tab_seq_array as $tabid=>$seq_value)
{
if($seq_value === 0 && $profileTabsPermission[$tabid] === 0)
if($seq_value === 0 && (isset($profileTabsPermission[$tabid]) && $profileTabsPermission[$tabid] === 0))
{
$permittedModules[]=getTabModuleName($tabid);
}
......@@ -2167,7 +2171,7 @@ function getPermittedModuleIdList() {
if($is_admin == false && $profileGlobalPermission[1] == 1 &&
$profileGlobalPermission[2] == 1) {
foreach($tab_seq_array as $tabid=>$seq_value) {
if($seq_value === 0 && $profileTabsPermission[$tabid] === 0) {
if($seq_value === 0 && isset($profileTabsPermission[$tabid]) && $profileTabsPermission[$tabid] === 0) {
$permittedModules[]=($tabid);
}
}
......@@ -2319,4 +2323,4 @@ function appendFromClauseToQuery($query,$fromClause) {
return $query;
}
?>
\ No newline at end of file
?>
include/utils/VTCacheUtils.php
View file @ 0d4217fe
......@@ -131,6 +131,7 @@ class VTCacheUtils {
if(!$modulefields){
$fieldInfo = Vtiger_Cache::get('ModuleFields',$tabid);
if($fieldInfo){
$modulefields = array();
foreach($fieldInfo as $block => $blockFields){
foreach ($blockFields as $field){
if(in_array($field->get('presence'), $presencein)) {
......@@ -427,7 +428,7 @@ class VTCacheUtils {
self::$_userSignature[$userName] = $signature;
}
public static function getUserSignature($userName) {
return self::$_userSignature[$userName];
return isset($_userSignature[$userName]) ? self::$_userSignature[$userName] : null;
}
static $_userFullName = array();
......@@ -440,7 +441,7 @@ class VTCacheUtils {
static $_report_field_bylabel = array();
public static function getReportFieldByLabel($module, $label) {
return self::$_report_field_bylabel[$module][$label];
return isset(self::$_report_field_bylabel[$module][$label]) ? self::$_report_field_bylabel[$module][$label] : array();
}
public static function setReportFieldByLabel($module, $label, $fieldInfo) {
......@@ -461,4 +462,4 @@ class VTCacheUtils {
}
}
?>
\ No newline at end of file
?>
include/utils/VtlibUtils.php
View file @ 0d4217fe
......@@ -103,8 +103,8 @@ function vtlib_isModuleActive($module) {
if(!isset($__cache_module_activeinfo[$module])) {
include 'tabdata.php';
$tabId = $tab_info_array[$module];
$presence = $tab_seq_array[$tabId];
$tabId = vtlib_array($tab_info_array)[$module];
$presence = vtlib_array($tab_seq_array)[$tabId];
$__cache_module_activeinfo[$module] = $presence;
} else {
$presence = $__cache_module_activeinfo[$module];
......@@ -145,10 +145,16 @@ function vtlib_moduleAlwaysActive() {
* Toggle the module (enable/disable)
*/
function vtlib_toggleModuleAccess($modules, $enable_disable) {
global $adb, $__cache_module_activeinfo;
global $adb, $__cache_module_activeinfo, $current_user;
include_once('vtlib/Vtiger/Module.php');
// Checks if the user is admin or not
$isAdmin = is_admin($current_user);
if(!$isAdmin) {
throw new AppException('Permission denied! Only admin users can toggle modules');
}
if(is_string($modules)) $modules = array($modules);
$event_type = false;
......@@ -158,8 +164,8 @@ function vtlib_toggleModuleAccess($modules, $enable_disable) {
} else if($enable_disable === false) {
$enable_disable = 1;
$event_type = Vtiger_Module::EVENT_MODULE_DISABLED;
//Update default landing page to dashboard if module is disabled.
$adb->pquery('UPDATE vtiger_users SET defaultlandingpage = ? WHERE defaultlandingpage IN(' . generateQuestionMarks($modules) . ')', array_merge(array('Home'), $modules));
//Update default landing page to dashboard if module is disabled.
$adb->pquery('UPDATE vtiger_users SET defaultlandingpage = ? WHERE defaultlandingpage IN(' . generateQuestionMarks($modules) . ')', array_merge(array('Home'), $modules));
}
$checkResult = $adb->pquery('SELECT name FROM vtiger_tab WHERE name IN ('. generateQuestionMarks($modules) .')', array($modules));
......@@ -666,7 +672,7 @@ function vtlib_purify($input, $ignore = false) {
$value = $input;
if (!is_array($input)) {
$md5OfInput = md5($input);
$md5OfInput = md5($input ? $input : "");
if (array_key_exists($md5OfInput, $purified_cache)) {
$value = $purified_cache[$md5OfInput];
//to escape cleaning up again
......@@ -716,7 +722,9 @@ function vtlib_purify($input, $ignore = false) {
$value = purifyHtmlEventAttributes($value, true);
}
}
$purified_cache[$md5OfInput] = $value;
if (isset($md5OfInput)) {
$purified_cache[$md5OfInput] = $value;
}
}
if(is_array($value)) {
......@@ -727,6 +735,37 @@ function vtlib_purify($input, $ignore = false) {
return $value;
}
/**
* Remove content within quotes (single/double/unbalanced)
* Helpful to keep away quote-injection xss attacks in the templates.
*/
function vtlib_strip_quoted($input) {
if (is_null($input)) return $input;
$output = $input;
/*
* Discard anything in "double quoted until'you find next double quote"
* or discard anything in 'single quoted until "you" find next single quote"
*/
$qchar = '"';
$idx = strpos($input, $qchar);
if ($idx === false) { // no double-quote, find single-quote
$qchar = "'";
$idx = strpos($input, $qchar);
}
if ($idx !== false) {
$output = substr($input,0, $idx);
$idx = strpos($input, $qchar, $idx+1);
if ($idx === false) {
// unbalanced - eat all.
$idx = strlen($input)-1;
}
$input = substr($input, $idx+1);
$output .= vtlib_strip_quoted($input);
}
return $output;
}
/**
* Function to replace values in multi dimentional array (str_replace will support only one level of array)
* @param type $search
......@@ -738,46 +777,61 @@ function str_replace_json($search, $replace, $subject){
return json_decode(str_replace($search, $replace, json_encode($subject)), true);
}
/**
* Case-insensitive comparision of string ignore accents.
* @param string $lv - left
* @param string $rv - right
* @return stcasecmp ascii comparision
*/
function strcasecmp_accents($lv, $rv) {
$lvenc = mb_detect_encoding($lv);
$rvenc = mb_detect_encoding($rv);
if ($lvenc != $rvenc) {
if ($lvenc != "ASCII") $lv = iconv($lvenc, "ASCII//TRANSLIT", $lv);
if ($rvenc != "ASCII") $rv = iconv($rvenc, "ASCII//TRANSLIT", $rv);
}
return strcasecmp($lv, $rv);
}
/**
* Callback function to use based on available environment support.
*/
function strcasecmp_accents_callback() {
// when mb & iconv is available - set the locale and return accents netural comparision
// otherwise return standard strcasecmp
if (function_exists('mb_detect_encoding') && function_exists('iconv')) {
setlocale(LC_CTYPE, "en_US.utf8"); // required to make iconv (UTF-8 to ASCII/TRANSLIT)
$callback = "strcasecmp_accents";
} else {
$callback = "strcasecmp";
}
return $callback;
}
/**
* To purify malicious html event attributes
* @param <String> $value
* @return <String>
*/
function purifyHtmlEventAttributes($value,$replaceAll = false){
if (!$value) return $value;
$tmp_markers = $office365ImageMarkers = array();
$value = Vtiger_Functions::strip_base64_data($value,true,$tmp_markers);
$value = Vtiger_Functions::stripInlineOffice365Image($value,true,$office365ImageMarkers);
$tmp_markers = array_merge($tmp_markers, $office365ImageMarkers);
$htmlEventAttributes = "onerror|onblur|onchange|oncontextmenu|onfocus|oninput|oninvalid|onresize|onauxclick|oncancel|oncanplay|oncanplaythrough|".
"onreset|onsearch|onselect|onsubmit|onkeydown|onkeypress|onkeyup|onclose|oncuechange|ondurationchange|onemptied|onended|".
"onclick|ondblclick|ondrag|ondragend|ondragenter|ondragleave|ondragover|ondragexit|onformdata|onloadeddata|onloadedmetadata|".
"ondragstart|ondrop|onmousedown|onmousemove|onmouseout|onmouseover|onmouseenter|onmouseleave|onpause|onplay|onplaying|".
"onmouseup|onmousewheel|onscroll|onwheel|oncopy|oncut|onpaste|onload|onprogress|onratechange|onsecuritypolicyviolation|".
"onselectionchange|onabort|onselectstart|onstart|onfinish|onloadstart|onshow|onreadystatechange|onseeked|onslotchange|".
"onseeking|onstalled|onsubmit|onsuspend|ontimeupdate|ontoggle|onvolumechange|onwaiting|onwebkitanimationend|onstorage|".
"onwebkitanimationiteration|onwebkitanimationstart|onwebkittransitionend|onafterprint|onbeforeprint|onbeforeunload|".
"onhashchange|onlanguagechange|onmessage|onmessageerror|onoffline|ononline|onpagehide|onpageshow|onpopstate|onunload|".
"onrejectionhandled|onunhandledrejection|onloadend|onpointerenter|ongotpointercapture|onlostpointercapture|onpointerdown|".
"onpointermove|onpointerup|onpointercancel|onpointerover|onpointerout|onpointerleave|onactivate|onafterscriptexecute|".
"onanimationcancel|onanimationend|onanimationiteration|onanimationstart|onbeforeactivate|onbeforedeactivate|onbeforescriptexecute|".
"onbegin|onbounce|ondeactivate|onend|onfocusin|onfocusout|onrepeat|ontransitioncancel|ontransitionend|ontransitionrun|".
"ontransitionstart|onbeforecopy|onbeforecut|onbeforepaste|onfullscreenchange|onmozfullscreenchange|onpointerrawupdate|".
"ontouchend|ontouchmove|ontouchstart";
$tmp_markers = $office365ImageMarkers = array();
$value = Vtiger_Functions::strip_base64_data($value,true,$tmp_markers);
$value = Vtiger_Functions::stripInlineOffice365Image($value,true,$office365ImageMarkers);
$tmp_markers = array_merge($tmp_markers, $office365ImageMarkers);
// remove malicious html attributes with its value.
$pattern='/\b(alert|on\w+)\s*\([^)]*\)|\s*(?:on\w+)=(".*?"|\'.*?\'|[^\'">\s]+)\s*/';
if ($replaceAll) {
$regex = '\s*[=&%#]\s*(?:"[^"]*"[\'"]*|\'[^\']*\'[\'"]*|[^]*[\s\/>])*/i';
$value = preg_replace("/\s*(" . $htmlEventAttributes . ")" . $regex, '', $value);
$value = preg_replace($pattern, '', $value);
//remove script tag with contents
$value = purifyScript($value);
//purify javascript alert from the tag contents
$value = purifyJavascriptAlert($value);
} else {
if (preg_match("/\s*(" . $htmlEventAttributes . ")\s*=/i", $value)) {
if (preg_match($pattern, $value)) {
$value = str_replace("=", "&equals;", $value);
}
}
......@@ -835,7 +889,7 @@ function purifyJavascriptAlert($value){
}
}
}
return $value;
}
......@@ -942,6 +996,14 @@ function vtlib_addSettingsLink($linkName, $linkURL, $blockName = false) {
return $success;
}
/**
* PHP Strict helpers.
*/
require_once __DIR__ . "/../../vtlib/Vtiger/Utils/GuardedArray.php"; /* absolute path used to overcome need of chdir in subpaths */
function vtlib_array($data = null) {
return new Vtiger_GuardedArray($data);
}
/**
* PHP7 support for split function
* split : Case sensitive.
......@@ -983,4 +1045,13 @@ function php7_sizeof($value) {
return php7_count($value);
}
?>
function php7_trim($str) {
// PHP 8.x marks as deprecated
return $str == null ? $str : trim($str);
}
function php7_htmlentities($str) {
// PHP 8.x marks as deprecated
return $str == null ? $str : htmlentities($str);
}
include/utils/utils.php
View file @ 0d4217fe
......@@ -126,7 +126,7 @@ function get_user_array($add_blank=true, $status="Active", $assigned_user="",$pr
}
static $user_array = null;
if(!$module){
$module=$_REQUEST['module'];
$module=isset($_REQUEST['module']) ? $_REQUEST['module'] : "";
}
......@@ -148,13 +148,13 @@ function get_user_array($add_blank=true, $status="Active", $assigned_user="",$pr
vtiger_users.first_name as first_name ,vtiger_users.last_name as last_name, vtiger_users.userlabel AS userlabel
from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like ? and status='Active' union
select shareduserid as id,vtiger_users.user_name as user_name ,
vtiger_users.first_name as first_name ,vtiger_users.last_name as last_name,vtiger_users.userlabel AS userlabel from vtiger_tmp_write_user_sharing_per inner join vtiger_users on vtiger_users.id=vtiger_tmp_write_user_sharing_per.shareduserid where status='Active' and vtiger_tmp_write_user_sharing_per.userid=? and vtiger_tmp_write_user_sharing_per.tabid=? and (user_name != 'admin' OR is_owner=1)";
vtiger_users.first_name as first_name ,vtiger_users.last_name as last_name,vtiger_users.userlabel AS userlabel from vtiger_tmp_write_user_sharing_per inner join vtiger_users on vtiger_users.id=vtiger_tmp_write_user_sharing_per.shareduserid where status='Active' and vtiger_tmp_write_user_sharing_per.userid=? and vtiger_tmp_write_user_sharing_per.tabid=?";
$params = array($current_user->id, $current_user_parent_role_seq."::%", $current_user->id, getTabid($module));
}
else
{
$log->debug("Sharing is Public. All vtiger_users should be listed");
$query = "SELECT id, user_name,first_name,last_name,userlabel from vtiger_users WHERE status=? and (user_name != 'admin' OR is_owner=1)";
$query = "SELECT id, user_name,first_name,last_name,userlabel from vtiger_users WHERE status=?";
$params = array($status);
}
}
......@@ -197,7 +197,7 @@ function get_group_array($add_blank=true, $status="Active", $assigned_user="",$p
}
static $group_array = null;
if(!$module){
$module=$_REQUEST['module'];
$module=isset($_REQUEST['module']) ? $_REQUEST['module'] : "";
}
if($group_array == null)
......@@ -337,7 +337,7 @@ function decide_to_html() {
global $doconvert, $inUTF8, $default_charset;
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
$inUTF8 = (strtoupper($default_charset) == 'UTF-8');
$inUTF8 = (strtoupper($default_charset ? $default_charset : "") == 'UTF-8');
$doconvert = true;
if ($action == 'ExportData') {
......@@ -1795,6 +1795,8 @@ function getValidDBInsertDateValue($value) {
global $log;
$log->debug("Entering getValidDBInsertDateValue(".$value.") method ...");
$value = trim($value);
if (empty($value)) return null;
$delim = array('/','.');
foreach ($delim as $delimiter){
$x = strpos($value, $delimiter);
......@@ -2022,9 +2024,9 @@ function getCurrencyDecimalPlaces($user = null) {
global $current_user;
$currency_decimal_places = 2;
if (!empty($user)) {
if (!empty($user) && isset($user->no_of_currency_decimals)) {
$currency_decimal_places = $user->no_of_currency_decimals;
} else if ($current_user) {
} else if ($current_user && isset($current_user->no_of_currency_decimals)) {
$currency_decimal_places = $current_user->no_of_currency_decimals;
}
return (int)$currency_decimal_places;
......@@ -2437,13 +2439,14 @@ function getRecordGroupId($record) {
* Function to delete record from $_SESSION[$moduleName.'_DetailView_Navigation'.$cvId]
*/
function deleteRecordFromDetailViewNavigationRecords($recordId, $cvId, $moduleName) {
$recordNavigationInfo = Zend_Json::decode($_SESSION[$moduleName . '_DetailView_Navigation' . $cvId]);
if (!empty($recordNavigationInfo) && (php7_count($recordNavigationInfo) != 0)) {
$cachekey = ($moduleName . '_DetailView_Navigation' . $cvId);
$recordNavigationInfo = isset($_SESSION[$cachekey]) ? Zend_Json::decode($_SESSION[$cachekey]) : null;
if ($recordNavigationInfo && (php7_count($recordNavigationInfo) != 0)) {
foreach ($recordNavigationInfo as $key => $recordIdList) {
$recordIdList = array_diff($recordIdList, array($recordId));
$recordNavigationInfo[$key] = $recordIdList;
}
$_SESSION[$moduleName . '_DetailView_Navigation' . $cvId] = Zend_Json::encode($recordNavigationInfo);
$_SESSION[$cachekey] = Zend_Json::encode($recordNavigationInfo);
}
}
......
includes/main/WebUI.php
View file @ 0d4217fe
......@@ -24,7 +24,7 @@ class Vtiger_WebUI extends Vtiger_EntryPoint {
protected function checkLogin (Vtiger_Request $request) {
if (!$this->hasLogin()) {
$return_params = $_SERVER['QUERY_STRING'];
if($return_params && !$_SESSION['return_params']) {
if(isset($return_params) && $return_params && !$_SESSION['return_params']) {
//Take the url that user would like to redirect after they have successfully logged in.
$return_params = urlencode($return_params);
Vtiger_Session::set('return_params', $return_params);
......
includes/runtime/BaseModel.php
View file @ 0d4217fe
......@@ -11,6 +11,7 @@
/**
* Base Model Class
*/
#[\AllowDynamicProperties]
class Vtiger_Base_Model {
protected $valueMap;
......@@ -37,7 +38,7 @@ class Vtiger_Base_Model {
* @return Raw Value for the given key
*/
public function getRaw($key){
return $this->rawData[$key];
return isset($this->rawData[$key]) ? $this->rawData[$key] : '';
}
/**
......@@ -84,7 +85,7 @@ class Vtiger_Base_Model {
* @param String $key
*/
public function has($key) {
return array_key_exists($key, $this->valueMap);
return array_key_exists($key, (array)$this->valueMap); // valueMap can be array or TrackableObject
}
/**
......@@ -95,4 +96,4 @@ class Vtiger_Base_Model {
return (!isset($this->valueMap[$key]) || empty($this->valueMap[$key]));
}
}
\ No newline at end of file
}
includes/runtime/Controller.php
View file @ 0d4217fe
......@@ -11,6 +11,7 @@
/**
* Abstract Controller Class
*/
#[\AllowDynamicProperties]
abstract class Vtiger_Controller {
function __construct() { }
......@@ -181,7 +182,10 @@ abstract class Vtiger_View_Controller extends Vtiger_Action_Controller {
$viewer->assign('PARENT_MODULE', '');
$viewer->assign('EXTENSION_MODULE', '');
$viewer->assign('moduleName', '');
$viewer->assign('CURRENT_USER_MODEL', Users_Record_Model::getCurrentUserModel());
$viewer->assign('CURRENT_USER_ID', $current_user ? $current_user->id : "");
$viewer->assign('USER_CURRENCY_SYMBOL', ''); // will be initialized later
$viewer->assign('INVENTORY_MODULES', array());
$viewer->assign('NOTIFIER_URL', '');
$viewer->assign('GLOBAL_SEARCH_VALUE', '');
......@@ -197,13 +201,14 @@ abstract class Vtiger_View_Controller extends Vtiger_Action_Controller {
$viewer->assign('NO_EDIT', '');
$viewer->assign('SOURCE_MODULE', '');
$viewer->assign('OPERATOR', '');
$viewer->assign('LISTVIEW_COUNT', 0);
$viewer->assign('LISTVIEW_COUNT', '');
$viewer->assign('FOLDER_ID', 0);
$viewer->assign('FOLDER_VALUE', '');
$viewer->assign('VIEWTYPE', '');
$viewer->assign('PRINT_TEMPLATE', '');
$viewer->assign('CLASS_VIEW_ACTION', '');
$viewer->assign('RELATED_MODULE_NAME', '');
$viewer->assign('MODULE_BASIC_ACTIONS', array());
// Editview
$viewer->assign('LEFTPANELHIDE', false);
......@@ -227,6 +232,11 @@ abstract class Vtiger_View_Controller extends Vtiger_Action_Controller {
// Popupview
$viewer->assign('IS_MODULE_DISABLED', false);
// Widgets
$viewer->assign('SCRIPTS', array());
$viewer->assign('STYLES', array());
$viewer->assign('SETTING_EXIST', false);
}
return $this->viewer;
}
......

Copyright 2023 Vtiger. All rights reserved.