SOPHAL/CRM
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
BACHIR SOULDI
2025-09-28 08:49:37 +01:00
commit 2794e62571
16819 changed files with 2664196 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

351
customerportal/include/utils/utils.php Normal file
View File

@@ -0,0 +1,351 @@
<?php
/* +**********************************************************************************
* The contents of this file are subject to the vtiger CRM Public License Version 1.2
* ("License.txt"); You may not use this file except in compliance with the License
* The Original Code is: Vtiger CRM Open Source
* The Initial Developer of the Original Code is Vtiger.
* Portions created by Vtiger are Copyright (C) Vtiger.
* All Rights Reserved.
* ***********************************************************************************/
global $result;
global $client;
function checkFileAccess($filepath) {
$root_directory = '';
// Set the base directory to compare with
$use_root_directory = $root_directory;
if (empty($use_root_directory)) {
$use_root_directory = realpath(dirname(__FILE__).'/../../.');
}
$realfilepath = realpath($filepath);
/** Replace all \\ with \ first */
$realfilepath = str_replace('\\\\', '\\', $realfilepath);
$rootdirpath = str_replace('\\\\', '\\', $use_root_directory);
/** Replace all \ with / now */
$realfilepath = str_replace('\\', '/', $realfilepath);
$rootdirpath = str_replace('\\', '/', $rootdirpath);
if (stripos($realfilepath, $rootdirpath) !== 0) {
die("Sorry! Attempt to access restricted file.");
}
return true;
}
function checkFileAccessForInclusion($filepath) {
$root_directory = '';
// Set the base directory to compare with
$use_root_directory = $root_directory;
if (empty($use_root_directory)) {
$use_root_directory = realpath(dirname(__FILE__).'/../../.');
}
$unsafeDirectories = array('storage', 'cache', 'test');
$realfilepath = realpath($filepath);
/** Replace all \\ with \ first */
$realfilepath = str_replace('\\\\', '\\', $realfilepath);
$rootdirpath = str_replace('\\\\', '\\', $use_root_directory);
/** Replace all \ with / now */
$realfilepath = str_replace('\\', '/', $realfilepath);
$rootdirpath = str_replace('\\', '/', $rootdirpath);
$relativeFilePath = str_replace($rootdirpath, '', $realfilepath);
$filePathParts = explode('/', $relativeFilePath);
if (stripos($realfilepath, $rootdirpath) !== 0 || in_array($filePathParts[0], $unsafeDirectories)) {
die("Sorry! Attempt to access restricted file.");
}
return true;
}
function getblock_header($str, $headerspan = '4', $ticketcloselink = false) {
if ($ticketcloselink == true) {
$list .='<tr><td colspan="'.($headerspan - 1).'" class="detailedViewHeader"><b>'.getTranslatedString($str).'</b></td>';
$list .='<td class="detailedViewHeader"><div align="right">'.$ticketcloselink.'</div></td></tr>';
} else {
$list .='<tr><td colspan="'.($headerspan).'" class="detailedViewHeader"><b>'.getTranslatedString($str).'</b></td></tr>';
}
return $list;
}
function getblock_fieldlist($block_array) {
$list = '';
$z = 0;
$field_count = count($block_array);
if ($field_count != 0) {
for ($i = 0; $i < $field_count; $i++, $z++) {
$blockname = $block_array[$i]['blockname'];
$data = $block_array[$i]['fieldvalue'];
if ($block_array[$i]['fieldlabel'] == 'Note') {
$data = html_entity_decode($data);
}
if ($data == '')
$data = '&nbsp;';
if (strcmp($blockname, $block_array[$i - 1]['blockname'])) {
if ($blockname != 'Ticket Information') //hardcoded for tickets information block so that it ll not be displayed
$list .= getblock_header($blockname);
$z = 0;
}
if ($z == 0 || $z % 2 == 0)
$list .= '<tr>';
$list .= '<td class="dvtCellLabel" width="20%" align="right">'.getTranslatedString($block_array[$i][fieldlabel]).'</td>';
if (($z == 0 || $z % 2 == 0) && ($i == ($field_count - 1)))
$list .= '<td colspan="3" width="20%" class="dvtCellInfo">'.$data.'</td>';
else {
if (stripos($block_array[$i]['fieldvalue'], 'download') != 0) {
$list .= '<td width="20%" class="dvtCellInfo" onclick="downloadMisc(event,this);return false;">'.$data.'</td>';
} else {
$list .= '<td width="20%" class="dvtCellInfo">'.$data.'</td>';
}
}
if ($z % 2 == 1 || ($i == ($field_count - 1) ))
$list .= '</tr>';
}
}
$list.= '<tr><td colspan="4">&nbsp;</td></tr>';
return $list;
}
function getTranslatedString($str) {
global $app_strings;
return (isset($app_strings[$str])) ? $app_strings[$str] : $str;
}
// The function to get html format list data
// input array
// output htmlsource list array
//only for product
function getblock_fieldlistview_product($block_array, $module) {
$header = array();
$header[0] = getTranslatedString($module);
$header[1] = getTranslatedString('QUOTE_RELATED').getTranslatedString($module);
$header[2] = getTranslatedString('INVOICE_RELATED').getTranslatedString($module);
if ($block_array == '') {
$list.='<tr><td>'.$module." ".getTranslatedString('LBL_NOT_AVAILABLE').'</td></tr>';
return $list;
}
for ($k = 0; $k <= 2; $k++) {
$header_arr = $block_array[$k][$module]['head'][0];
$nooffields = count($header_arr);
$data_arr = $block_array[$k][$module]['data'];
$noofdata = count($data_arr);
$list.=getblock_header($header[$k], $nooffields);
if ($block_array[$k][$module]['data'] == '') {
$list.='<tr><td>'.$header[$k]." ".getTranslatedString('LBL_NOT_AVAILABLE').'</td></tr>';
}
if ($nooffields != '') {
$list .='<tr class="detailedViewHeader" align="center">';
for ($i = 0; $i < $nooffields; $i++) {
$list .= "<td>".getTranslatedString($header_arr[$i]['fielddata'])."</td>";
}
$list .='</tr>';
}
if ($noofdata != '') {
for ($j = 0; $j < $noofdata; $j++) {
if ($j == 0 || $j % 2 == 0)
$list .='<tr class="dvtLabel">';
else
$list .='<tr class="dvtInfo">';
for ($i = 0; $i < $nooffields; $i++) {
$data = $data_arr[$j][$i]['fielddata'];
if ($data == '')
$data = '&nbsp;';
$list .= "<td>".$data."</td>";
}
$list .='</tr>';
}
}
$list .= '<tr><td colspan ="'.$nooffields.'">&nbsp;</td></tr>';
}
return $list;
}