Merge pull request #2022 from YetiForceCompany/master

Master
YetiForceCompany · Oct 13, 2015 · ff558f9 · ff558f9
2 parents 0bd8442 + 3ac4ff7
commit ff558f9
Show file tree

Hide file tree

Showing 710 changed files with 19,100 additions and 7,948 deletions.
diff --git a/api/webservice/Portal/modules/Base/GetModulesList.php b/api/webservice/Portal/modules/Base/GetModulesList.php
@@ -13,8 +13,13 @@ class API_Base_GetModulesList extends BaseAction
 
 	public function getModulesList()
 	{
-		$modules = ['HelpDesk' => 'HelpDesk','Accounts' => 'Accounts'];
-
+		$db = PearDatabase::getInstance();
+		$query = 'SELECT * FROM vtiger_tab WHERE isentitytype = ? AND presence = ?';
+		$result = $db->pquery($query, [1, 0]);
+		$modules = [];
+		while ($row = $db->fetch_array($result)) {
+			$modules[$row['name']] = $row['name'];
+		}
 		return $modules;
 	}
 }
diff --git a/config/config.template.php b/config/config.template.php
@@ -237,12 +237,20 @@
 
 // autocomplete global search - Whether or not automated search should be turned on"
 $gsAutocomplete = 1; // 0 or 1
-
 // autocomplete global search - The minimum number of characters a user must type before a search is performed. 
 $gsMinLength = 3;
 
 // autocomplete global search - Amount of returned results.
 $gsAmountResponse = 10;
 
 // Is sending emails active. 
-$isActiveSendingMails = false;
+$isActiveSendingMails = true;
+
+// Should the task in cron be unblocked if the script execution time was exceeded
+$unblockedTimeoutCronTasks = true;
+
+// The maximum time of executing a cron. Recommended same as the max_exacution_time parameter value.
+$maxExecutionCronTime = 3600;
+
+// System's language selection in the login window (true/false).
+$langInLoginView = false;
diff --git a/config/performance.php b/config/performance.php
@@ -27,4 +27,7 @@
 
 	// Display administrators in the list of users (Assigned To)
 	'SHOW_ADMINISTRATORS_IN_USERS_LIST' => true,
+
+	// The numbers of emails downloaded during one scanning
+	'NUMBERS_EMAILS_DOWNLOADED_DURING_ONE_SCANNING' => 100,
 );
diff --git a/config/security.php b/config/security.php
@@ -0,0 +1,6 @@
+<?php
+/* {[The file is published on the basis of YetiForce Public License that can be found in the following directory: licenses/License.html]} */
+$SECURITY_CONFIG = [
+	// Possible to reset the password while logging in (true/false)
+	'RESET_LOGIN_PASSWORD' => false,
+];
diff --git a/config/version.php b/config/version.php
@@ -8,6 +8,6 @@
  * All Rights Reserved.
  * Contributor(s): YetiForce.com
  * ****************************************************************************** */
-$patch_version = '20150831';
-$YetiForce_current_version = '2.2.0';
+$patch_version = '20151013';
+$YetiForce_current_version = '2.3.0';
 $_SESSION['yetiforce_version'] = $YetiForce_current_version;
diff --git a/cron/MultiReference.service b/cron/MultiReference.service
@@ -0,0 +1,39 @@
+<?php
+/**
+ * Multi reference value cron
+ * @package YetiForce.Cron
+ * @license licenses/License.html
+ * @author Mariusz Krzaczkowski <[email protected]>
+ */
+include_once 'include/main/WebUI.php';
+$current_user = Users::getActiveAdminUser();
+
+$db = PearDatabase::getInstance();
+$log = vglobal('log');
+$log = &LoggerManager::getLogger('MultiReferenceValue');
+$log->info('Cron MultiReferenceValue - Start');
+
+$result = $db->pquery('SELECT * FROM s_yf_multireference');
+while ($multireference = $db->fetch_array($result)) {
+	$entity = CRMEntity::getInstance($multireference['source_module']);
+	$queryGenerator = new QueryGenerator($multireference['source_module'], $current_user);
+	$queryGenerator->setFields(['id']);
+	$queryGenerator->addCustomWere(['column' => $entity->table_index, 'operator' => '>', 'value' => $multireference['lastid'], 'glue' => 'AND']);
+	$query = $queryGenerator->getQuery();
+	$query .= ' ORDER BY ' . $entity->table_index . ' ASC';
+	$recordsResult = $db->query($query);
+
+	$fields = Vtiger_MultiReferenceValue_UIType::getMultiReferenceValueFields($multireference['source_module'], $multireference['dest_module']);
+	while ($id = $db->getSingleValue($recordsResult)) {
+		foreach ($fields as $field) {
+			$fieldModel = new Vtiger_Field_Model();
+			$fieldModel->initialize($field);
+			$UITypeModel = $fieldModel->getUITypeModel();
+			$UITypeModel->reloadValue($multireference['source_module'], $id);
+		}
+		$db->update('s_yf_multireference', ['lastid' => $id], 'source_module = ? AND dest_module = ?', [$multireference['source_module'], $multireference['dest_module']]);
+	}
+	$db->delete('s_yf_multireference', 'source_module = ? AND dest_module = ?', [$multireference['source_module'], $multireference['dest_module']]);
+}
+
+$log->info('Cron MultiReferenceValue - End');
diff --git a/cron/SendReminder.service b/cron/SendReminder.service
@@ -13,7 +13,7 @@ INNER JOIN vtiger_activity_reminder ON vtiger_activity.activityid=vtiger_activit
 LEFT OUTER JOIN vtiger_recurringevents ON vtiger_activity.activityid=vtiger_recurringevents.activityid 
 WHERE DATE_FORMAT(vtiger_activity.date_start,'%Y-%m-%d, %H:%i:%s') >= '".date('Y-m-d')."' 
 AND vtiger_crmentity.crmid != 0 
-AND vtiger_activity.eventstatus = 'Planned' 
+AND vtiger_activity.status = 'PLL_PLANNED' 
 AND vtiger_activity_reminder.reminder_sent = 0 
 GROUP BY vtiger_activity.activityid,vtiger_recurringevents.recurringid";
 
@@ -109,4 +109,4 @@ if($adb->num_rows($result) >= 1)
 			}
 		}
 	}
-}
+}
diff --git a/cron/vtigercron.php b/cron/vtigercron.php
@@ -11,23 +11,20 @@
 /**
  * Start the cron services configured.
  */
-require_once 'config/config.php';
-require_once 'config/debug.php';
-require_once 'config/performance.php';
-include_once 'vtlib/Vtiger/Cron.php';
+include_once 'include/main/WebUI.php';
+require_once('vtlib/Vtiger/Cron.php');
 require_once('modules/Emails/mail.php');
-// Extended inclusions
-require_once 'include/Loader.php';
-vimport('include.runtime.EntryPoint');
 
-if (PHP_SAPI === "cli" || PHP_SAPI === "cgi-fcgi" || (isset($_SESSION["authenticated_user_id"]) && isset($_SESSION["app_unique_key"]) && $_SESSION["app_unique_key"] == $application_unique_key)) {
+Vtiger_Session::init();
+
+if (PHP_SAPI === 'cli' || PHP_SAPI === 'cgi-fcgi' || (!empty(Vtiger_Session::get('authenticated_user_id')) && !empty(Vtiger_Session::get('app_unique_key')) && Vtiger_Session::get('app_unique_key') == vglobal('application_unique_key'))) {
 	$log = LoggerManager::getLogger('CRON');
 	vglobal('log', $log);
-	
+
 	$cronTasks = false;
 	if (isset($_REQUEST['service'])) {
 		// Run specific service
-		$cronTasks = array(Vtiger_Cron::getInstance($_REQUEST['service']));
+		$cronTasks = [Vtiger_Cron::getInstance($_REQUEST['service'])];
 	} else {
 		// Run all service
 		$cronTasks = Vtiger_Cron::listAllActiveInstances();
@@ -39,40 +36,55 @@
 	$current_user = vglobal('current_user');
 	$current_user = Users::getActiveAdminUser();
 
-	echo sprintf('%s | Start CRON', date('Y-m-d H:i:s')) . "\n";
+	echo sprintf('---------------  %s | Start CRON  ----------', date('Y-m-d H:i:s')) . PHP_EOL;
 	foreach ($cronTasks as $cronTask) {
 		try {
-			$cronTask->setBulkMode(true);
+			// Timeout could happen if intermediate cron-tasks fails
+			// and affect the next task. Which need to be handled in this cycle.				
+			if ($cronTask->hadTimeout()) {
+				echo sprintf('%s | %s - Cron task had timedout as it was not completed last time it run' . PHP_EOL, date('Y-m-d H:i:s'), $cronTask->getName());
+				if (vglobal('unblockedTimeoutCronTasks')) {
+					$cronTask->unlockTask();
+				}
+			}
 
 			// Not ready to run yet?
-			if (!$cronTask->isRunnable()) {
-				echo sprintf("%s | %s - not ready to run as the time to run again is not completed\n", date('Y-m-d H:i:s'), $cronTask->getName());
+			if ($cronTask->isRunning()) {
+				$log->fatal($cronTask->getName() . ' - Task omitted, it has not been finished during the last scanning');
+				echo sprintf('%s | %s - Task omitted, it has not been finished during the last scanning' . PHP_EOL, date('Y-m-d H:i:s'), $cronTask->getName());
 				continue;
 			}
 
-			// Timeout could happen if intermediate cron-tasks fails
-			// and affect the next task. Which need to be handled in this cycle.				
-			if ($cronTask->hadTimedout()) {
-				echo sprintf("%s | %s - cron task had timedout as it is not completed last time it run- restarting\n", date('Y-m-d H:i:s'), $cronTask->getName());
+			// Not ready to run yet?
+			if (!$cronTask->isRunnable()) {
+				$log->info($cronTask->getName() . ' - Not ready to run as the time to run again is not completed');
+				echo sprintf('%s | %s - Not ready to run as the time to run again is not completed' . PHP_EOL, date('Y-m-d H:i:s'), $cronTask->getName());
+				continue;
 			}
 
 			// Mark the status - running		
 			$cronTask->markRunning();
-			echo sprintf('%s | %s (%s) - Start task', date('Y-m-d H:i:s'), $cronTask->getName(), date('Y-m-d H:i:s', $cronTask->getLastStart())) . "\n";
+			echo sprintf('%s | %s - Start task' . PHP_EOL, date('Y-m-d H:i:s'), $cronTask->getName());
 
 			checkFileAccess($cronTask->getHandlerFile());
+			ob_start();
 			require_once $cronTask->getHandlerFile();
+			$taskResponse = ob_get_contents();
+			ob_end_clean();
+			if ($taskResponse != '') {
+				$log->warn($cronTask->getName() . ' - The task returned a message:' . PHP_EOL . $taskResponse);
+				echo 'Task response:' . PHP_EOL . $taskResponse . PHP_EOL;
+			}
 
 			// Mark the status - finished
 			$cronTask->markFinished();
-			echo "\n" . sprintf('%s | %s (%s) - End task', date('Y-m-d H:i:s'), $cronTask->getName(), date('Y-m-d H:i:s', $cronTask->getLastStart()), date('Y-m-d H:i:s', $cronTask->getLastEnd())) . "\n";
-		} catch (Exception $e) {
-			echo sprintf("%s | ERROR: %s - cron task execution throwed exception.\n", date('Y-m-d H:i:s'), $cronTask->getName());
-			echo $e->getMessage();
-			echo "\n";
+			echo sprintf('%s | %s - End task', date('Y-m-d H:i:s'), $cronTask->getName()) . PHP_EOL;
+		} catch (AppException $e) {
+			echo sprintf('%s | ERROR: %s - Cron task execution throwed exception.' . PHP_EOL, date('Y-m-d H:i:s'), $cronTask->getName());
+			echo $e->getMessage() . PHP_EOL;
 		}
 	}
-	echo sprintf('%s | End CRON', date('Y-m-d H:i:s')) . "\n";
+	echo sprintf('===============  %s | End CRON  ==========', date('Y-m-d H:i:s')) . PHP_EOL;
 } else {
 	echo("Access denied!");
 }
diff --git a/include/CRMEntity.php b/include/CRMEntity.php
@@ -253,13 +253,12 @@ function insertIntoCrmEntity($module, $fileid = '')
 			$description_val = from_html($this->column_fields['description'], ($insertion_mode == 'edit') ? true : false);
 			$attention_val = from_html($this->column_fields['attention'], ($insertion_mode == 'edit') ? true : false);
 			$was_read = ($this->column_fields['was_read'] == 'on') ? true : false;
-			$inheritsharing = ($this->column_fields['inheritsharing'] == 'on') ? true : false;
 			checkFileAccessForInclusion('user_privileges/user_privileges_' . $current_user->id . '.php');
 			require('user_privileges/user_privileges_' . $current_user->id . '.php');
 			$tabid = getTabid($module);
 			if ($is_admin == true || $profileGlobalPermission[1] == 0 || $profileGlobalPermission[2] == 0) {
-				$sql = "update vtiger_crmentity set smownerid=?,modifiedby=?,description=?,attention=?, modifiedtime=?, was_read=?, inheritsharing=? where crmid=?";
-				$params = array($ownerid, $current_user->id, $description_val, $attention_val, $adb->formatDate($date_var, true), $was_read, $inheritsharing, $this->id);
+				$sql = "update vtiger_crmentity set smownerid=?,modifiedby=?,description=?,attention=?, modifiedtime=?, was_read=? where crmid=?";
+				$params = array($ownerid, $current_user->id, $description_val, $attention_val, $adb->formatDate($date_var, true), $was_read, $this->id);
 			} else {
 				$profileList = getCurrentUserProfileList();
 				$perm_qry = "SELECT columnname FROM vtiger_field INNER JOIN vtiger_profile2field ON vtiger_profile2field.fieldid = vtiger_field.fieldid INNER JOIN vtiger_def_org_field ON vtiger_def_org_field.fieldid = vtiger_field.fieldid WHERE vtiger_field.tabid = ? AND vtiger_profile2field.visible = 0 AND vtiger_profile2field.readonly = 0 AND vtiger_profile2field.profileid IN (" . generateQuestionMarks($profileList) . ") AND vtiger_def_org_field.visible = 0 and vtiger_field.tablename='vtiger_crmentity' and vtiger_field.presence in (0,2);";
@@ -269,8 +268,8 @@ function insertIntoCrmEntity($module, $fileid = '')
 					$columname[] = $adb->query_result($perm_result, $i, "columnname");
 				}
 				if (is_array($columname) && in_array("description", $columname)) {
-					$sql = "update vtiger_crmentity set smownerid=?,modifiedby=?,description=?, attention=?, modifiedtime=?,was_read=?, inheritsharing=? where crmid=?";
-					$params = array($ownerid, $current_user->id, $description_val, $attention_val, $adb->formatDate($date_var, true), $was_read, $inheritsharing, $this->id);
+					$sql = "update vtiger_crmentity set smownerid=?,modifiedby=?,description=?, attention=?, modifiedtime=?,was_read=? where crmid=?";
+					$params = array($ownerid, $current_user->id, $description_val, $attention_val, $adb->formatDate($date_var, true), $was_read, $this->id);
 				} else {
 					$sql = "update vtiger_crmentity set smownerid=?,modifiedby=?, modifiedtime=? where crmid=?";
 					$params = array($ownerid, $current_user->id, $adb->formatDate($date_var, true), $this->id);
@@ -290,7 +289,6 @@ function insertIntoCrmEntity($module, $fileid = '')
 			// Customization
 			$created_date_var = $adb->formatDate($date_var, true);
 			$modified_date_var = $adb->formatDate($date_var, true);
-			$inheritsharing = ($this->column_fields['inheritsharing'] == 'on') ? true : false;
 			// Preserve the timestamp
 			if (self::isBulkSaveMode()) {
 				if (!empty($this->column_fields['createdtime']))
@@ -301,8 +299,8 @@ function insertIntoCrmEntity($module, $fileid = '')
 
 			$description_val = from_html($this->column_fields['description'], ($insertion_mode == 'edit') ? true : false);
 			$attention_val = from_html($this->column_fields['attention'], ($insertion_mode == 'edit') ? true : false);
-			$sql = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,attention,modifiedby,createdtime,modifiedtime,inheritsharing) values(?,?,?,?,?,?,?,?,?,?)";
-			$params = array($current_id, $current_user->id, $ownerid, $module, $description_val, $attention_val, $current_user->id, $created_date_var, $modified_date_var, $inheritsharing);
+			$sql = "insert into vtiger_crmentity (crmid,smcreatorid,smownerid,setype,description,attention,modifiedby,createdtime,modifiedtime) values(?,?,?,?,?,?,?,?,?)";
+			$params = array($current_id, $current_user->id, $ownerid, $module, $description_val, $attention_val, $current_user->id, $created_date_var, $modified_date_var);
 			$adb->pquery($sql, $params);
 
 			$this->column_fields['createdtime'] = $created_date_var;
@@ -474,6 +472,13 @@ function insertIntoEntityTable($table_name, $module, $fileid = '')
 						$field_list = $this->column_fields[$fieldname];
 					}
 					$fldvalue = $field_list;
+				} elseif (in_array($uitype, [303, 304])) {
+					if (is_array($this->column_fields[$fieldname])) {
+						$field_list = implode(',', $this->column_fields[$fieldname]);
+					} else {
+						$field_list = $this->column_fields[$fieldname];
+					}
+					$fldvalue = $field_list;
 				} elseif ($uitype == 5 || $uitype == 6 || $uitype == 23) {
 					//Added to avoid function call getDBInsertDateValue in ajax save
 					if (isset($current_user->date_format) && !$ajaxSave) {
@@ -538,6 +543,7 @@ function insertIntoEntityTable($table_name, $module, $fileid = '')
 			else {
 				$fldvalue = '';
 			}
+
 			if ($fldvalue == '') {
 				$fldvalue = $this->get_column_value($columname, $fldvalue, $fieldname, $uitype, $datatype);
 			}
@@ -778,11 +784,11 @@ function retrieve_entity_info($record, $module)
 			$result = $adb->pquery($sql, $params);
 
 			if (!$result || $adb->num_rows($result) < 1) {
-				throw new Exception($app_strings['LBL_RECORD_NOT_FOUND'] . ': ' . $record . ' ' . $module, -1);
+				throw new AppException($app_strings['LBL_RECORD_NOT_FOUND'] . ': ' . $record . ' ' . $module, -1);
 			} else {
 				$resultrow = $adb->query_result_rowdata($result);
 				if (!empty($resultrow['deleted'])) {
-					throw new Exception($app_strings['LBL_RECORD_DELETE'] . ': ' . $record . ' ' . $module, 1);
+					throw new AppException($app_strings['LBL_RECORD_DELETE'] . ': ' . $record . ' ' . $module, 1);
 					;
 				}
 				foreach ($cachedModuleFields as $fieldinfo) {
@@ -1156,24 +1162,23 @@ function unlinkDependencies($module, $id)
 	{
 		$log = vglobal('log');
 
-		$fieldRes = $this->db->pquery('SELECT tabid, tablename, columnname FROM vtiger_field WHERE fieldid IN (
-			SELECT fieldid FROM vtiger_fieldmodulerel WHERE relmodule=?)', array($module));
-		$numOfFields = $this->db->num_rows($fieldRes);
-		for ($i = 0; $i < $numOfFields; $i++) {
-			$tabId = $this->db->query_result($fieldRes, $i, 'tabid');
-			$tableName = $this->db->query_result($fieldRes, $i, 'tablename');
-			$columnName = $this->db->query_result($fieldRes, $i, 'columnname');
+		$result = $this->db->pquery('SELECT tabid, tablename, columnname FROM vtiger_field WHERE fieldid IN (
+			SELECT fieldid FROM vtiger_fieldmodulerel WHERE relmodule=?)', [$module]);
+
+		while ($row = $this->db->fetch_array($result)) {
+			$tabId = $row['tabid'];
+			$tableName = $row['tablename'];
+			$columnName = $row['columnname'];
 
 			$relatedModule = vtlib_getModuleNameById($tabId);
 			$focusObj = CRMEntity::getInstance($relatedModule);
 
 			//Backup Field Relations for the deleted entity
-			$targetTableColumn = $focusObj->table_index;
+			$targetTableColumn = $focusObj->tab_name_index[$tableName];
 			//While deleting product record the $targetTableColumn should 'id'.
 			if ($tableName == 'vtiger_inventoryproductrel') {
 				$targetTableColumn = 'id';
 			}
-
 			$relQuery = "SELECT $targetTableColumn FROM $tableName WHERE $columnName=?";
 			$relResult = $this->db->pquery($relQuery, array($id));
 			$numOfRelRecords = $this->db->num_rows($relResult);
@@ -2391,7 +2396,7 @@ function getUserAccessConditionsQuery($module, $user)
 		return $query;
 	}
 
-	function getUserAccessConditionsQuerySR($module, $current_user = false)
+	function getUserAccessConditionsQuerySR($module, $current_user = false, $relatedRecord = false)
 	{
 		if ($current_user == false)
 			$current_user = vglobal('current_user');
@@ -2403,6 +2408,25 @@ function getUserAccessConditionsQuerySR($module, $current_user = false)
 		$query = '';
 		$tabId = getTabid($module);
 
+		if ($relatedRecord) {
+			$role = getRoleInformation($current_user->roleid);
+			if ($role['listrelatedrecord'] != 0) {
+				$rparentRecord = Users_Privileges_Model::getParentRecord($relatedRecord, false, $role['listrelatedrecord']);
+				if ($rparentRecord) {
+					$relatedRecord = $rparentRecord;
+				}
+
+				$recordMetaData = Vtiger_Functions::getCRMRecordMetadata($relatedRecord);
+				$recordPermission = Users_Privileges_Model::isPermitted($recordMetaData['setype'], 'DetailView', $relatedRecord);
+				if (!$recordPermission) {
+					throw new AppException('LBL_PERMISSION_DENIED');
+				}
+				if ($recordMetaData['smownerid'] == $current_user->id) {
+					return '';
+				}
+			}
+		}
+
 		if ($is_admin == false && $profileGlobalPermission[1] == 1 && $profileGlobalPermission[2] == 1 && $defaultOrgSharingPermission[$tabId] == 3) {
 			$securityParameter = $this->getUserAccessConditionsQuery($module, $current_user);
 			foreach (array_merge([$current_user->id], $current_user_groups) as $id) {