0
0
mirror of https://github.com/salesagility/SuiteCRM.git synced 2024-12-22 12:28:31 +00:00
salesagility_SuiteCRM/include/MVC/SugarApplication.php
2023-10-31 10:10:48 +00:00

890 lines
35 KiB
PHP
Executable File

<?php
/**
*
* SugarCRM Community Edition is a customer relationship management program developed by
* SugarCRM, Inc. Copyright (C) 2004-2013 SugarCRM Inc.
*
* SuiteCRM is an extension to SugarCRM Community Edition developed by SalesAgility Ltd.
* Copyright (C) 2011 - 2018 SalesAgility Ltd.
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU Affero General Public License version 3 as published by the
* Free Software Foundation with the addition of the following permission added
* to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
* IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
* OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
* details.
*
* You should have received a copy of the GNU Affero General Public License along with
* this program; if not, see http://www.gnu.org/licenses or write to the Free
* Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301 USA.
*
* You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
* SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "Powered by
* SugarCRM" logo and "Supercharged by SuiteCRM" logo. If the display of the logos is not
* reasonably feasible for technical reasons, the Appropriate Legal Notices must
* display the words "Powered by SugarCRM" and "Supercharged by SuiteCRM".
*/
if (!defined('sugarEntry') || !sugarEntry) {
die('Not A Valid Entry Point');
}
/*
* Created on Mar 21, 2007
*
* To change the template for this generated file go to
* Window - Preferences - PHPeclipse - PHP - Code Templates
*/
require_once('include/MVC/Controller/ControllerFactory.php');
require_once('include/MVC/View/ViewFactory.php');
/**
* SugarCRM application
* @api
*/
class SugarApplication
{
public $controller = null;
public $headerDisplayed = false;
public $default_module = 'Home';
public $default_action = 'index';
public function __construct()
{
}
/**
* Perform execution of the application. This method is called from index2.php
*/
public function execute()
{
global $sugar_config;
if (!empty($sugar_config['default_module'])) {
$this->default_module = $sugar_config['default_module'];
}
$module = $this->default_module;
if (!empty($_REQUEST['module'])) {
$module = $_REQUEST['module'];
}
insert_charset_header();
$this->setupPrint();
$this->controller = ControllerFactory::getController($module);
// If the entry point is defined to not need auth, then don't authenticate.
if (empty($_REQUEST['entryPoint']) || $this->controller->checkEntryPointRequiresAuth($_REQUEST['entryPoint'])) {
$this->loadUser();
$this->ACLFilter();
$this->preProcess();
$this->controller->preProcess();
$this->checkHTTPReferer();
}
SugarThemeRegistry::buildRegistry();
$this->loadLanguages();
$this->loadDisplaySettings();
$this->loadGlobals();
$this->setupResourceManagement($module);
$this->controller->execute();
sugar_cleanup();
}
/**
* Load the authenticated user. If there is not an authenticated user then redirect to login screen.
*/
public function loadUser()
{
global $authController, $sugar_config;
// Double check the server's unique key is in the session. Make sure this is not an attempt to hijack a session
$user_unique_key = (isset($_SESSION['unique_key'])) ? $_SESSION['unique_key'] : '';
$server_unique_key = (isset($sugar_config['unique_key'])) ? $sugar_config['unique_key'] : '';
$allowed_actions = (!empty($this->controller->allowed_actions)) ? $this->controller->allowed_actions : $allowed_actions = array('Authenticate', 'Login', 'LoggedOut');
$authController = new AuthenticationController();
if (($user_unique_key != $server_unique_key) && (!in_array($this->controller->action, $allowed_actions)) &&
(!isset($_SESSION['login_error']))) {
session_destroy();
if (!empty($this->controller->action)) {
if (strtolower($this->controller->action) == 'delete') {
$this->controller->action = 'DetailView';
} elseif (strtolower($this->controller->action) == 'save') {
$this->controller->action = 'EditView';
} elseif (strtolower($this->controller->action) == 'quickcreate') {
$this->controller->action = 'index';
$this->controller->module = 'home';
} elseif (isset($_REQUEST['massupdate']) || isset($_GET['massupdate']) || isset($_POST['massupdate'])) {
$this->controller->action = 'index';
} elseif ($this->isModifyAction()) {
$this->controller->action = 'index';
} elseif ($this->controller->action == $this->default_action && $this->controller->module == $this->default_module) {
$this->controller->action = '';
$this->controller->module = '';
} elseif (strtolower($this->controller->module) == 'alerts' && strtolower($this->controller->action) == 'get') {
echo 'lost password';
if (preg_match('/\bentryPoint=Changenewpassword\b/', $_SERVER['HTTP_REFERER'])) {
echo ' - change new password';
}
exit();
}
}
$authController->authController->redirectToLogin($this);
}
$GLOBALS['current_user'] = BeanFactory::newBean('Users');
$isLogicActionCall = $this->controller->module === 'Users' && in_array($this->controller->action, $allowed_actions);
if (isset($_SESSION['authenticated_user_id'])) {
// set in modules/Users/Authenticate.php
if (!$authController->sessionAuthenticate()) {
// if the object we get back is null for some reason, this will break - like user prefs are corrupted
$GLOBALS['log']->fatal('User retrieval for ID: (' . $_SESSION['authenticated_user_id'] . ') does not exist in database or retrieval failed catastrophically. Calling session_destroy() and sending user to Login page.');
session_destroy();
SugarApplication::redirect('index.php?action=Login&module=Users');
die();
}//fi
} elseif (!$isLogicActionCall || !empty($_REQUEST['entryPoint'])) {
session_destroy();
SugarApplication::redirect('index.php?action=Login&module=Users');
die();
}
$GLOBALS['log']->debug('Current user is: ' . $GLOBALS['current_user']->user_name);
//set cookies
if (isset($_SESSION['authenticated_user_id'])) {
$GLOBALS['log']->debug("setting cookie ck_login_id_20 to " . $_SESSION['authenticated_user_id']);
self::setCookie('ck_login_id_20', $_SESSION['authenticated_user_id'], time() + 86400 * 90);
}
if (isset($_SESSION['authenticated_user_theme'])) {
$GLOBALS['log']->debug("setting cookie ck_login_theme_20 to " . $_SESSION['authenticated_user_theme']);
self::setCookie('ck_login_theme_20', $_SESSION['authenticated_user_theme'], time() + 86400 * 90);
}
if (isset($_SESSION['authenticated_user_theme_color'])) {
$GLOBALS['log']->debug("setting cookie ck_login_theme_color_20 to " . $_SESSION['authenticated_user_theme_color']);
self::setCookie('ck_login_theme_color_20', $_SESSION['authenticated_user_theme_color'], time() + 86400 * 90);
}
if (isset($_SESSION['authenticated_user_theme_font'])) {
$GLOBALS['log']->debug("setting cookie ck_login_theme_font_20 to " . $_SESSION['authenticated_user_theme_font']);
self::setCookie('ck_login_theme_font_20', $_SESSION['authenticated_user_theme_font'], time() + 86400 * 90);
}
if (isset($_SESSION['authenticated_user_language'])) {
$GLOBALS['log']->debug("setting cookie ck_login_language_20 to " . $_SESSION['authenticated_user_language']);
self::setCookie('ck_login_language_20', $_SESSION['authenticated_user_language'], time() + 86400 * 90);
}
//check if user can access
}
public function ACLFilter()
{
ACLController :: filterModuleList($GLOBALS['moduleList']);
}
/**
* setupResourceManagement
* This function initialize the ResourceManager and calls the setup method
* on the ResourceManager instance.
*
*/
public function setupResourceManagement($module)
{
require_once('include/resource/ResourceManager.php');
$resourceManager = ResourceManager::getInstance();
$resourceManager->setup($module);
}
public function setupPrint()
{
$GLOBALS['request_string'] = '';
// merge _GET and _POST, but keep the results local
// this handles the issues where values come in one way or the other
// without affecting the main super globals
$merged = array_merge($_GET, $_POST);
foreach ($merged as $key => $val) {
if (is_array($val)) {
foreach ($val as $k => $v) {
//If an array, then skip the urlencoding. This should be handled with stringify instead.
if (is_array($v)) {
continue;
}
$GLOBALS['request_string'] .= urlencode($key) . '[' . $k . ']=' . urlencode($v) . '&';
}
} else {
$GLOBALS['request_string'] .= urlencode($key) . '=' . urlencode($val) . '&';
}
}
$GLOBALS['request_string'] .= 'print=true';
}
public function preProcess()
{
$config = new Administration;
$config->retrieveSettings();
if (!empty($_SESSION['authenticated_user_id'])) {
if (isset($_SESSION['hasExpiredPassword']) && $_SESSION['hasExpiredPassword'] == '1') {
if ($this->controller->action != 'Save' && $this->controller->action != 'Logout') {
$this->controller->module = 'Users';
$this->controller->action = 'ChangePassword';
$record = $GLOBALS['current_user']->id;
} else {
$this->handleOfflineClient();
}
} else {
$ut = $GLOBALS['current_user']->getPreference('ut');
if (empty($ut) && $this->controller->action != 'AdminWizard' && $this->controller->action != 'EmailUIAjax' && $this->controller->action != 'Wizard' && $this->controller->action != 'SaveAdminWizard' && $this->controller->action != 'SaveUserWizard' && $this->controller->action != 'SaveTimezone' && $this->controller->action != 'Logout') {
$this->controller->module = 'Users';
$this->controller->action = 'SetTimezone';
$record = $GLOBALS['current_user']->id;
} else {
if ($this->controller->action != 'AdminWizard' && $this->controller->action != 'EmailUIAjax' && $this->controller->action != 'Wizard' && $this->controller->action != 'SaveAdminWizard' && $this->controller->action != 'SaveUserWizard') {
$this->handleOfflineClient();
}
}
}
}
$this->handleAccessControl();
}
public function handleOfflineClient()
{
if (isset($GLOBALS['sugar_config']['disc_client']) && $GLOBALS['sugar_config']['disc_client']) {
if (isset($_REQUEST['action']) && $_REQUEST['action'] != 'SaveTimezone') {
if (!file_exists('modules/Sync/file_config.php')) {
if ($_REQUEST['action'] != 'InitialSync' && $_REQUEST['action'] != 'Logout' &&
($_REQUEST['action'] != 'Popup' && $_REQUEST['module'] != 'Sync')) {
//echo $_REQUEST['action'];
//die();
$this->controller->module = 'Sync';
$this->controller->action = 'InitialSync';
}
} else {
require_once('modules/Sync/file_config.php');
if (isset($file_sync_info['is_first_sync']) && $file_sync_info['is_first_sync']) {
if ($_REQUEST['action'] != 'InitialSync' && $_REQUEST['action'] != 'Logout' &&
($_REQUEST['action'] != 'Popup' && $_REQUEST['module'] != 'Sync')) {
$this->controller->module = 'Sync';
$this->controller->action = 'InitialSync';
}
}
}
}
global $moduleList, $sugar_config, $sync_modules;
require_once('modules/Sync/SyncController.php');
$GLOBALS['current_user']->is_admin = '0'; //No admins for disc client
}
}
/**
* Handles everything related to authorization.
*/
public function handleAccessControl()
{
if ($GLOBALS['current_user']->isDeveloperForAnyModule()) {
return;
}
if (!empty($_REQUEST['action']) && $_REQUEST['action'] == "RetrieveEmail") {
return;
}
if (!is_admin($GLOBALS['current_user']) && !empty($GLOBALS['adminOnlyList'][$this->controller->module]) && !empty($GLOBALS['adminOnlyList'][$this->controller->module]['all']) && (empty($GLOBALS['adminOnlyList'][$this->controller->module][$this->controller->action]) || $GLOBALS['adminOnlyList'][$this->controller->module][$this->controller->action] != 'allow')) {
$this->controller->hasAccess = false;
return;
}
// Bug 20916 - Special case for check ACL access rights for Subpanel QuickCreates
if (isset($_POST['action']) && $_POST['action'] == 'SubpanelCreates') {
$actual_module = $_POST['target_module'];
if (!empty($GLOBALS['modListHeader']) && !in_array($actual_module, $GLOBALS['modListHeader'])) {
$this->controller->hasAccess = false;
}
return;
}
if (!empty($GLOBALS['current_user']) && empty($GLOBALS['modListHeader'])) {
$GLOBALS['modListHeader'] = query_module_access_list($GLOBALS['current_user']);
}
if (in_array($this->controller->module, $GLOBALS['modInvisList']) &&
((in_array('Activities', $GLOBALS['moduleList']) &&
in_array('Calendar', $GLOBALS['moduleList'])) &&
in_array($this->controller->module, $GLOBALS['modInvisListActivities']))
) {
$this->controller->hasAccess = false;
return;
}
}
/**
* Load only bare minimum of language that can be done before user init and MVC stuff
*/
public static function preLoadLanguages()
{
$GLOBALS['current_language'] = get_current_language();
$GLOBALS['log']->debug('current_language is: ' . $GLOBALS['current_language']);
//set module and application string arrays based upon selected language
$GLOBALS['app_strings'] = return_application_language($GLOBALS['current_language']);
}
/**
* Load application wide languages as well as module based languages so they are accessible
* from the module.
*/
public function loadLanguages()
{
$GLOBALS['current_language'] = get_current_language();
$GLOBALS['log']->debug('current_language is: ' . $GLOBALS['current_language']);
//set module and application string arrays based upon selected language
$GLOBALS['app_strings'] = return_application_language($GLOBALS['current_language']);
if (empty($GLOBALS['current_user']->id)) {
$GLOBALS['app_strings']['NTC_WELCOME'] = '';
}
if (!empty($GLOBALS['system_config']->settings['system_name'])) {
$GLOBALS['app_strings']['LBL_BROWSER_TITLE'] = $GLOBALS['system_config']->settings['system_name'];
}
$GLOBALS['app_list_strings'] = return_app_list_strings_language($GLOBALS['current_language']);
$GLOBALS['mod_strings'] = return_module_language($GLOBALS['current_language'], $this->controller->module);
}
/**
* checkDatabaseVersion
* Check the db version sugar_version.php and compare to what the version is stored in the config table.
* Ensure that both are the same.
*/
public function checkDatabaseVersion($dieOnFailure = true)
{
$row_count = sugar_cache_retrieve('checkDatabaseVersion_row_count');
$sugarDbVersion = $GLOBALS['sugar_db_version'];
$db = DBManagerFactory::getInstance();
if (empty($row_count)) {
$version_query = "SELECT count(*) as the_count FROM config WHERE category='info' AND name='sugar_version' AND " .
$db->convert('value', 'text2char') . " = " .
$db->quoted($sugarDbVersion);
$result = $db->query($version_query);
$row = $db->fetchByAssoc($result);
$row_count = $row['the_count'];
sugar_cache_put('checkDatabaseVersion_row_count', $row_count);
}
if ($row_count == 0 && empty($GLOBALS['sugar_config']['disc_client'])) {
if ($dieOnFailure) {
$replacementStrings = array(
0 => $GLOBALS['sugar_version'],
1 => $GLOBALS['sugar_db_version'],
);
sugar_die(string_format($GLOBALS['app_strings']['ERR_DB_VERSION'], $replacementStrings));
} else {
return false;
}
}
return true;
}
/**
* Load the themes/images.
*/
public function loadDisplaySettings()
{
global $theme;
// load the user's default theme
$theme = $GLOBALS['current_user']->getPreference('user_theme');
if (is_null($theme)) {
$theme = $GLOBALS['sugar_config']['default_theme'];
if (!empty($_SESSION['authenticated_user_theme'])) {
$theme = $_SESSION['authenticated_user_theme'];
} else {
if (!empty($_COOKIE['sugar_user_theme'])) {
$theme = $_COOKIE['sugar_user_theme'];
}
}
if (isset($_SESSION['authenticated_user_theme']) && $_SESSION['authenticated_user_theme'] != '') {
$_SESSION['theme_changed'] = false;
}
}
$available_themes = SugarThemeRegistry::availableThemes();
if (!isset($available_themes[$theme])) {
$theme = $GLOBALS['sugar_config']['default_theme'];
}
if (!is_null($theme) && !headers_sent()) {
self::setCookie('sugar_user_theme', $theme, time() + 31536000, null, null, isSSL(), true); // expires in a year
}
SugarThemeRegistry::set($theme);
require_once('include/utils/layout_utils.php');
$GLOBALS['image_path'] = SugarThemeRegistry::current()->getImagePath() . '/';
if (defined('TEMPLATE_URL')) {
$GLOBALS['image_path'] = TEMPLATE_URL . '/' . $GLOBALS['image_path'];
}
if (isset($GLOBALS['current_user'])) {
$GLOBALS['gridline'] = (int) ($GLOBALS['current_user']->getPreference('gridline') == 'on');
$GLOBALS['current_user']->setPreference('user_theme', $theme, 0, 'global');
}
}
public function loadLicense()
{
loadLicense();
global $user_unique_key, $server_unique_key;
$user_unique_key = (isset($_SESSION['unique_key'])) ? $_SESSION['unique_key'] : '';
$server_unique_key = (isset($sugar_config['unique_key'])) ? $sugar_config['unique_key'] : '';
}
public function loadGlobals()
{
global $currentModule;
$currentModule = $this->controller->module;
if ($this->controller->module == $this->default_module) {
$_REQUEST['module'] = $this->controller->module;
if (empty($_REQUEST['action'])) {
$_REQUEST['action'] = $this->default_action;
}
}
}
/**
* Actions that modify data in this controller's instance and thus require referrers
* @var array
*/
protected $modifyActions = array();
/**
* Actions that always modify data and thus require referrers
* save* and delete* hardcoded as modified
* @var array
*/
private $globalModifyActions = array(
'massupdate', 'configuredashlet', 'import', 'importvcardsave', 'inlinefieldsave',
'wlsave', 'quicksave'
);
/**
* Modules that modify data and thus require referrers for all actions
*/
private $modifyModules = array(
'Administration' => true,
'UpgradeWizard' => true,
'Configurator' => true,
'Studio' => true,
'ModuleBuilder' => true,
'Emails' => true,
'DCETemplates' => true,
'DCEInstances' => true,
'DCEActions' => true,
'Trackers' => array('trackersettings'),
'SugarFavorites' => array('tag'),
'Import' => array('last', 'undo'),
'Users' => array('changepassword', "generatepassword"),
);
protected function isModifyAction()
{
$action = strtolower($this->controller->action);
if (substr($action, 0, 4) == "save" || substr($action, 0, 6) == "delete") {
return true;
}
if (isset($this->modifyModules[$this->controller->module])) {
if ($this->modifyModules[$this->controller->module] === true) {
return true;
}
if (in_array($this->controller->action, $this->modifyModules[$this->controller->module])) {
return true;
}
}
if (in_array($this->controller->action, $this->globalModifyActions)) {
return true;
}
if (in_array($this->controller->action, $this->modifyActions)) {
return true;
}
return false;
}
/**
* The list of the actions excepted from referer checks by default
* @var array
*/
protected $whiteListActions = array('index', 'ListView', 'DetailView', 'EditView', 'oauth', 'authorize', 'Authenticate', 'Login', 'SupportPortal');
/**
*
* Checks a request to ensure the request is coming from a valid source or it is for one of the white listed actions
*/
protected function checkHTTPReferer($dieIfInvalid = true)
{
global $sugar_config;
if (!empty($sugar_config['http_referer']['actions'])) {
$this->whiteListActions = array_merge($sugar_config['http_referer']['actions'], $this->whiteListActions);
}
$strong = empty($sugar_config['http_referer']['weak']);
// Bug 39691 - Make sure localhost and 127.0.0.1 are always valid HTTP referers
$whiteListReferers = array('127.0.0.1', 'localhost');
if (!empty($_SERVER['SERVER_ADDR'])) {
$whiteListReferers[] = $_SERVER['SERVER_ADDR'];
}
if (!empty($sugar_config['http_referer']['list'])) {
$whiteListReferers = array_merge($whiteListReferers, $sugar_config['http_referer']['list']);
}
if ($strong && empty($_SERVER['HTTP_REFERER']) && !in_array($this->controller->action, $this->whiteListActions) && $this->isModifyAction()) {
$http_host = explode(':', $_SERVER['HTTP_HOST']);
$whiteListActions = $this->whiteListActions;
$whiteListActions[] = $this->controller->action;
$whiteListString = "'" . implode("', '", $whiteListActions) . "'";
if ($dieIfInvalid) {
header("Cache-Control: no-cache, must-revalidate");
$ss = new Sugar_Smarty;
$ss->assign('host', $http_host[0]);
$ss->assign('action', $this->controller->action);
$ss->assign('whiteListString', $whiteListString);
$ss->display('include/MVC/View/tpls/xsrf.tpl');
sugar_cleanup(true);
}
return false;
} else {
if (!empty($_SERVER['HTTP_REFERER']) && !empty($_SERVER['SERVER_NAME'])) {
$http_ref = parse_url($_SERVER['HTTP_REFERER']);
if ($http_ref['host'] !== $_SERVER['SERVER_NAME'] && !in_array($this->controller->action, $this->whiteListActions) &&
(empty($whiteListReferers) || !in_array($http_ref['host'], $whiteListReferers))) {
if ($dieIfInvalid) {
header("Cache-Control: no-cache, must-revalidate");
$whiteListActions = $this->whiteListActions;
$whiteListActions[] = $this->controller->action;
$whiteListString = "'" . implode("', '", $whiteListActions) . "'";
$ss = new Sugar_Smarty;
$ss->assign('host', $http_ref['host']);
$ss->assign('action', $this->controller->action);
$ss->assign('whiteListString', $whiteListString);
$ss->display('include/MVC/View/tpls/xsrf.tpl');
sugar_cleanup(true);
}
return false;
}
}
}
return true;
}
public function startSession()
{
$sessionIdCookie = isset($_COOKIE['PHPSESSID']) ? $_COOKIE['PHPSESSID'] : null;
if (isset($_REQUEST['MSID'])) {
session_id($_REQUEST['MSID']);
session_start();
if (!isset($_SESSION['user_id'])) {
if (isset($_COOKIE['PHPSESSID'])) {
self::setCookie('PHPSESSID', '', time() - 42000, '/');
}
sugar_cleanup(false);
session_destroy();
exit('Not a valid entry method');
}
} else {
if (can_start_session()) {
session_start();
}
}
//set the default module to either Home or specified default
$default_module = !empty($GLOBALS['sugar_config']['default_module']) ? $GLOBALS['sugar_config']['default_module'] : 'Home';
//set session expired message if login module and action are set to a non login default
//AND session id in cookie is set but super global session array is empty
if (isset($_REQUEST['login_module']) && isset($_REQUEST['login_action']) && !($_REQUEST['login_module'] == $default_module && $_REQUEST['login_action'] == 'index')) {
if (!is_null($sessionIdCookie) && empty($_SESSION)) {
self::setCookie('loginErrorMessage', 'LBL_SESSION_EXPIRED', time() + 30, '/');
}
}
LogicHook::initialize()->call_custom_logic('', 'after_session_start');
}
public function endSession()
{
session_destroy();
}
/**
* Redirect to another URL
*
* @access public
* @param string $url The URL to redirect to
*/
public static function redirect(
$url
) {
/*
* If the headers have been sent, then we cannot send an additional location header
* so we will output a javascript redirect statement.
*/
if (!empty($_REQUEST['ajax_load'])) {
ob_get_clean();
$ajax_ret = array(
'content' => "<script>SUGAR.ajaxUI.loadContent('$url');</script>\n",
'menu' => array(
'module' => $_REQUEST['module'],
'label' => translate($_REQUEST['module']),
),
);
$json = getJSONobj();
echo $json->encode($ajax_ret);
} else {
if (headers_sent()) {
echo "<script>SUGAR.ajaxUI.loadContent('$url');</script>\n";
} else {
//@ob_end_clean(); // clear output buffer
session_write_close();
header('HTTP/1.1 301 Moved Permanently');
header("Location: " . $url);
}
}
if (!defined('SUITE_PHPUNIT_RUNNER')) {
exit();
}
}
/**
* classic redirect to another URL, but check first that URL start with "Location:"...
* @param $header_URL
*/
public static function headerRedirect($header_URL)
{
if (preg_match('/\s*Location:\s*(.*)$/', $header_URL, $matches)) {
$href = $matches[1];
SugarApplication::redirect($href);
} else {
header($header_URL);
}
}
/**
* Storing messages into session
*
* @access public
* @param string $message
*/
public static function appendErrorMessage($message)
{
self::appendMessage('user_error_message', $message);
}
/**
* picking up the messages from the session and clearing session storage array
* @return array messages
*/
public static function getErrorMessages()
{
$messages = self::getMessages('user_error_message');
return $messages;
}
/**
* Storing messages into session
*
* @access public
* @param string $message
*/
public static function appendSuccessMessage($message)
{
self::appendMessage('user_success_message', $message);
}
/**
* picking up the messages from the session and clearing session storage array
* @return array messages
*/
public static function getSuccessMessages()
{
$messages = self::getMessages('user_success_message');
return $messages;
}
/**
* Storing messages into session
* @param string $message
*/
protected static function appendMessage($type, $message)
{
self::validateMessageType($type);
if (empty($_SESSION[$type]) || !is_array($_SESSION[$type])) {
$_SESSION[$type] = array();
}
if (!in_array($message, $_SESSION[$type])) {
$_SESSION[$type][] = $message;
}
}
/**
* picking up the messages from the session and clearing session storage array
* @return array messages
*/
protected static function getMessages($type)
{
self::validateMessageType($type);
if (isset($_SESSION[$type]) && is_array($_SESSION[$type])) {
$msgs = $_SESSION[$type];
unset($_SESSION[$type]);
return $msgs;
} else {
return array();
}
}
/**
*
* @param string $type possible message types: ['user_error_message', 'user_success_message']
* @throws Exception message type should be valid
*/
protected static function validateMessageType($type)
{
if (!in_array($type, array('user_error_message', 'user_success_message'))) {
throw new Exception('Incorrect application message type: ' . $type);
}
}
/**
* Wrapper for the PHP setcookie() function, to handle cases where headers have
* already been sent
* @param $name
* @param $value
* @param int $expire
* @param null $path
* @param null $domain
* @param bool $secure
* @param bool $httponly
*/
public static function setCookie(
$name,
$value,
$expire = 0,
$path = null,
$domain = null,
$secure = false,
$httponly = true
) {
if (isSSL()) {
$secure = true;
}
if ($domain === null) {
if (isset($_SERVER["HTTP_HOST"])) {
$domain = preg_replace('/(\:\d+)$/', '', $_SERVER["HTTP_HOST"]); // Fix #9898 Invalid cookie domain when using non-standard HTTP Port.
} else {
$domain = 'localhost';
}
}
$defaultCookiePath = ini_get('session.cookie_path');
if ($path === null) {
if(empty($defaultCookiePath)) {
$path = '/';
} else {
$path = $defaultCookiePath;
}
}
if (!headers_sent()) {
setcookie($name, $value, $expire, $path, $domain, $secure, $httponly);
}
$_COOKIE[$name] = $value;
}
protected $redirectVars = array('module', 'action', 'record', 'token', 'oauth_token', 'mobile');
/**
* Create string to attach to login URL with vars to preserve post-login
* @return string URL part with login vars
*/
public function createLoginVars()
{
$ret = array();
foreach ($this->redirectVars as $var) {
if (!empty($this->controller->$var)) {
$ret["login_" . $var] = $this->controller->$var;
continue;
}
if (!empty($_REQUEST[$var])) {
$ret["login_" . $var] = $_REQUEST[$var];
}
}
if (isset($_REQUEST['mobile'])) {
$ret['mobile'] = $_REQUEST['mobile'];
}
if (isset($_REQUEST['no_saml'])) {
$ret['no_saml'] = $_REQUEST['no_saml'];
}
if (empty($ret)) {
return '';
}
return "&" . http_build_query($ret);
}
/**
* Get the list of vars passed with login form
* @param bool $add_empty Add empty vars to the result?
* @return array List of vars passed with login
*/
public function getLoginVars($add_empty = true)
{
$ret = array();
foreach ($this->redirectVars as $var) {
if (!empty($_REQUEST['login_' . $var]) || $add_empty) {
$ret["login_" . $var] = isset($_REQUEST['login_' . $var]) ? $_REQUEST['login_' . $var] : '';
}
}
return $ret;
}
/**
* Get URL to redirect after the login
* @return string the URL to redirect to
*/
public function getLoginRedirect()
{
$vars = array();
foreach ($this->redirectVars as $var) {
if (!empty($_REQUEST['login_' . $var])) {
$vars[$var] = $_REQUEST['login_' . $var];
}
}
if (isset($_REQUEST['mobile'])) {
$vars['mobile'] = $_REQUEST['mobile'];
}
if (empty($vars)) {
return "index.php?module=Home&action=index";
} else {
return "index.php?" . http_build_query($vars);
}
}
}