<?php

/*+**********************************************************************************

 * The contents of this file are subject to the vtiger CRM Public License Version 1.1

 * ("License"); You may not use this file except in compliance with the License

 * The Original Code is:  vtiger CRM Open Source

 * The Initial Developer of the Original Code is vtiger.

 * Portions created by vtiger are Copyright (C) vtiger.

 * All Rights Reserved.

 ************************************************************************************/


require_once 'include/utils/utils.php';

require_once 'include/utils/CommonUtils.php';


require_once 'includes/Loader.php';

vimport ('includes.runtime.EntryPoint');


ob_Start();

ob_end_clean();


class Vtiger_WebUI extends Vtiger_EntryPoint {


	/**

	 * Function to check if the User has logged in

	 * @param Vtiger_Request $request

	 * @throws AppException

	 */

	protected function checkLogin (Vtiger_Request $request) {

		if (!$this->hasLogin()) {

			$return_params = $_SERVER['QUERY_STRING'];

			if($return_params && !$_SESSION['return_params']) {

				//Take the url that user would like to redirect after they have successfully logged in.

				$return_params = urlencode($return_params);

				Vtiger_Session::set('return_params', $return_params);

			}

			header ('Location: index.php');

			throw new AppException('Login is required');

		}

	}


	/**

	 * Function to get the instance of the logged in User

	 * @return Users object

	 */

	function getLogin() {

		$user = parent::getLogin();

		if (!$user && isset($_SESSION['authenticated_user_id'])) {

			$userid = Vtiger_Session::get('AUTHUSERID', $_SESSION['authenticated_user_id']);

			if ($userid && vglobal('application_unique_key')==$_SESSION['app_unique_key']) {

				$user = CRMEntity::getInstance('Users');

				$user->retrieveCurrentUserInfoFromFile($userid);

				$this->setLogin($user);

			}

		}

		return $user;

	}


	protected function triggerCheckPermission($handler, $request) {

		$moduleName = $request->getModule();

		$moduleModel = Vtiger_Module_Model::getInstance($moduleName);


		if (empty($moduleModel)) {

			throw new AppException(vtranslate('LBL_HANDLER_NOT_FOUND'));

		}


		$userPrivilegesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();

		$permission = $userPrivilegesModel->hasModulePermission($moduleModel->getId());


		if ($permission) {

			$handler->checkPermission($request);

			return;

		}

		throw new AppException(vtranslate($moduleName, $moduleName).' '.vtranslate('LBL_NOT_ACCESSIBLE'));

	}


	protected function triggerPreProcess($handler, $request) {

		if($request->isAjax()){

			return true;

		}

		$handler->preProcess($request);

	}


	protected function triggerPostProcess($handler, $request) {

		if($request->isAjax()){

			return true;

		}

		$handler->postProcess($request);

	}


	function isInstalled() {

		global $dbconfig;

		if (empty($dbconfig) || empty($dbconfig['db_name']) || $dbconfig['db_name'] == '_DBC_TYPE_') {

			return false;

		}

		return true;

	}


	function process (Vtiger_Request $request) {

		Vtiger_Session::init();

		
		// Better place this here as session get initiated

		//skipping the csrf checking for the forgot(reset) password 

		if($request->get('mode') != 'reset' && $request->get('action') != 'Login' && $request->get('mode') != 'fromMig')

			require_once 'libraries/csrf-magic/csrf-magic.php';


		// TODO - Get rid of global variable $current_user

		// common utils api called, depend on this variable right now

		$currentUser = $this->getLogin();

		vglobal('current_user', $currentUser);

		
		// Traitement pour le Profil CRM Manager admin

		$currUser = Users_Record_Model::getCurrentUserModel();

		if($currUser){

		$roleid = $currUser->get('roleid');

			if($roleid  == 'H41'){

				if(isset($_REQUEST['module'])){

					if($_REQUEST['module'] != 'Users' && $_REQUEST['module'] != 'SplashScreenAjax' 

					&& $_REQUEST['module'] != 'DashBoardAll' && $_REQUEST['module'] != 'DashBoardAjax'){ 

						die;

					}

				}

			}

		}

        // Traitement pour le Profil CRM Manager

		
		// Check we are being connected to on the right host and protocol

		global $site_URL;

		$request_URL = ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']==='on')? 'https': 'http')."://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];

		if ($site_URL && stripos($request_URL, $site_URL) !== 0){

			header("Location: $site_URL",TRUE,301);

			exit;

		}


		global $default_language;

		vglobal('default_language', $default_language);

		$currentLanguage = Vtiger_Language_Handler::getLanguage();

		vglobal('current_language',$currentLanguage);

		$module = $request->getModule();

		$qualifiedModuleName = $request->getModule(false);


		if ($currentUser && $qualifiedModuleName) {

			$moduleLanguageStrings = Vtiger_Language_Handler::getModuleStringsFromFile($currentLanguage,$qualifiedModuleName);

			if(isset($moduleLanguageStrings['languageStrings'])){

				vglobal('mod_strings', $moduleLanguageStrings['languageStrings']);

			}

		}


		if ($currentUser) {

			$moduleLanguageStrings = Vtiger_Language_Handler::getModuleStringsFromFile($currentLanguage);

			if(isset($moduleLanguageStrings['languageStrings'])){

				vglobal('app_strings', $moduleLanguageStrings['languageStrings']);

			}

		}


		$view = $request->get('view');

		$action = $request->get('action');

		$response = false;


		//Not able to open other pages when heavy duty view is open.

		//heavy duty report views are open and to navigate to other module list view / detail view the page loading almost freezes page.

		if ($module == 'Reports' && !$view) {

			Vtiger_Session::readonly();

		}


		try {

			if($this->isInstalled() === false && $module != 'Install') {

				header('Location:index.php?module=Install&view=Index');

				exit;

			}


			if(empty($module)) {

				if ($this->hasLogin()) {

					
					$defaultModule = vglobal('default_module');

					
					$moduleModel = Vtiger_Module_Model::getInstance($defaultModule);

					if(!empty($defaultModule) && $defaultModule != 'Home' && $moduleModel && $moduleModel->isActive()) {

						$module = $defaultModule; $qualifiedModuleName = $defaultModule; $view = 'List';

						if($module == 'Calendar') { 

							// To load MyCalendar instead of list view for calendar

							//TODO: see if it has to enhanced and get the default view from module model

							$view = 'Calendar';

						}

					} else {

						$module = 'Home'; $qualifiedModuleName = 'Home'; $view = 'DashBoard';

						
						//sophal

						if(showNewDashBoard($_SESSION['authenticated_user_id']) == true) 

							$module="DashBoardAll";

						//sophal

						
					}

				} else {

					$module = 'Users'; $qualifiedModuleName = 'Settings:Users'; $view = 'Login';

				}

				$request->set('module', $module);

				$request->set('view', $view);

			}


			if (!empty($action)) {

				$componentType = 'Action';

				$componentName = $action;

			} else {

				$componentType = 'View';

				if(empty($view)) {

					$view = 'Index';

				}

				$componentName = $view;

			}


			if($module == "CustomDashboard") {

				include "CustomDashboard.php";

				return;

			}


			if($module == "PTGeneration") {

				include "PTGeneration.php";

				return;

			}


			if($module == "MyPT") {

				include "MyPT.php";

				return;

			}


			if($module == "PTReporting") {

				include "PTReporting.php";

				return;

			}


			if($module == "Planning") {

				include "Planning.php";

				return;

			}


			if($module == "Objectives") {

				include "Objectives.php";

				return;

			}


			if($module == "Veille") {

				include "Veille.php";

				return;

			}


			if($module == "MonitoringVMPlanning") {

				include "MonitoringVMPlanning.php";

				return;

			}


            if($module == "MonitoringVM") {

				include "MonitoringVM.php";

				return;

			}


            if($module == "MonitoringVpBC") {

				include "MonitoringVpBC.php";

				return;

			}


			if($module == "MonitoringVpBCTotal") {

				include "MonitoringVpBCTotal.php";

				return;

			}


			if($module == "MonitoringVPBCWilaya") {

				include "MonitoringVPBCWilaya.php";

				return;

			}


			if($module == "MonitoringVPProduits") {

				include "MonitoringVPProduits.php";

				return;

			}


			if($module == "MonitoringVPGrossistes") {

				include "MonitoringVPGrossistes.php";

				return;

			}


			if($module == "MonitoringVPCompte") {

				include "MonitoringVPCompte.php";

				return;

			}


            if($module == "MonitoringVPVisite") {

				include "MonitoringVPVisite.php";

				return;

			}


			if($module == "MonitoringVpObjective") {

				include "MonitoringVpObjective.php";

				return;

			}


			if($module == "MonitoringVMVisiteDuo") {

				include "MonitoringVMVisiteDuo.php";

				return;

			}


            if($module == "MonitoringVmCompte") {

				include "MonitoringVmCompte.php";

				return;

			}


            if($module == "MonitoringVmTypeActivite") {

				include "MonitoringVmTypeActivite.php";

				return;

			}

			
			if($module == "MonitoringVmVisiteSpecialite") {

				include "MonitoringVmVisiteSpecialite.php";

				return;

			}


            if($module == "MonitoringVmProduit") {

				include "MonitoringVmProduit.php";

				return;

			}


			if($module == "MonitoringVMSpecialite") {

				include "MonitoringVMSpecialite.php";

				return;

			}


            if($module == "MonitoringVmVisiteProduitSpecialite") {

				include "MonitoringVmVisiteProduitSpecialite.php";

				return;

			}

			if($module == "PrescriptionVMProduit") {

				include "PrescriptionVMProduit.php";

				return;

			}


            if($module == "ENT_QCM") {

				include "ENT_QCM.php";

				return;

			}

                        
            if($module == "QCMGeneration") {

				include "QCMGeneration.php";

				return;

			}

            if($module == "QCMGenerationCorrection"){

                include "QCMGenerationCorrection.php";

				return;

            }

            if($module == "QCMGenerationCorrectionDR"){

                include "QCMGenerationCorrectionDR.php";

				return;

            }


            if($module == "QCMExamen"){

                include "QCMExamen.php";

				return;

            }

                         
            if($module == "QCMAjouterExamen"){

                include "QCMAjouterExamen.php";

				return;

            }

                         
            if($module == "QCMExamenEdit"){

                include "QCMExamenEdit.php";

				return;

            }


            if($module == "QCMNotes"){

                include "QCMNotes.php";

				return;

            }

            if($module == "Encaissement"){

                include "Encaissement.php";

				return;

            }

            if($module == "EncaissementAjouter"){

                include "EncaissementAjouter.php";

				return;

            }

            if($module == "EncaissementEdit"){

                include "EncaissementEdit.php";

				return;

            }

                        
            if($module == "EncaissementBalance"){

                include "EncaissementBalance.php";

				return;

            }


            if($module == "Questionnaire"){

                include "Questionnaire.php";

				return;

            }

            if($module == "QuestionnaireAjouter"){

                include "QuestionnaireAjouter.php";

				return;

            }

			if($module == "QuestionnaireEdit"){

                include "QuestionnaireEdit.php";

				return;

            }

						 
			if($module == "QuestionnaireList"){

                include "QuestionnaireList.php";

				return;

            }

            if($module == "QuestionnaireListeResultats"){

                include "QuestionnaireListeResultats.php";

				return;

             }

            if($module == "QuestionnaireListeResultatsEdit"){

                include "QuestionnaireListeResultatsEdit.php";

				return;

            }

						 
			if($module == "QuestionnaireReporting"){

                include "QuestionnaireReporting.php";

				return;

            }

						 
			if($module == "QuestionnaireSaveData"){

                include "QuestionnaireSaveData.php";

				return;

            }

            if($module == "QuestionnaireTraitement"){

                include "QuestionnaireTraitement.php";

				return;

            }

            if($module == "QuestionnaireUpdateQuestion"){

                include "QuestionnaireUpdateQuestion.php";

				return;

            }

                         
            if($module == "MonitoringVmPotentialite"){

                include "MonitoringVmPotentialite.php";

				return;

            }

            if($module == "MonitoringVmPotentialite"){

                include "MonitoringVmPotentialite.php";

				return;

            }

            if($module == "MonitoringVmVisiteWilayaSpecialite"){

                include "MonitoringVmVisiteWilayaSpecialite.php";

				return;

            }

						 
			if($module == "MonitoringSuperviseurWilaya"){

                include "MonitoringSuperviseurWilaya.php";

				return;

            }


			if($module == "MonitoringSuperviseurReseau"){

                include "MonitoringSuperviseurReseau.php";

				return;

            }


			if($module == "TransfertPF"){

				include "TransfertPF.php";

				return;

			}

            if($module == "SplashScreenAjax"){

                include "SplashScreenAjax.php";

				return;

            } 

			if($module == "SplashScreenAjouter"){

                include "SplashScreenAjouter.php";

				return;

            } 

			if($module == "SplashScreenEdit"){

                                include "SplashScreenEdit.php";

				return;

                         } 

			if($module == "SplashScreenListe"){

                include "SplashScreenListe.php";

				return;

            } 


            if($module == "PlanificationDR"){

                include "PlanificationDR.php";

				return;

            }


			if($module == "ExportData"){

				include "ExportData.php";

				return;

			}

            if($module == "EtatStockAjouter"){

                include "EtatStockAjouter.php";

				return;

            }		

			if($module == "EtatStockAjax"){

                include "EtatStockAjax.php";

				return;

            }

			if($module == "EtatStockList"){

                include "EtatStockList.php";

				return;

            }

			if($module == "EtatStockEdit"){

                include "EtatStockEdit.php";

				return;

            }

			if($module == "EtatStockAjaxEdit"){

                include "EtatStockAjaxEdit.php";

				return;

            }

			if($module == "EtatStockReporting"){

                include "EtatStockReporting.php";

				return;

            }

			if($module == "EtatStockReportingValorisation"){

                include "EtatStockReportingValorisation.php";

				return;

            }

			if($module == "EtatStockReportingPreemption"){

                include "EtatStockReportingPreemtion.php";

				return;

            }

			if($module == "map"){

                include "map.php";

				return;

            }

			if($module == "bonDeCommandeAjax"){

                include "bonDeCommandeAjax.php";

				return;

            }

			if($module == "MonitoringPack"){

                include "MonitoringPack.php";

				return;

            }

			if($module == "DashBoardAll"){

				include "DashBoardAll.php";

				return;

			}	

            if($module == "DashBoardAjax"){

				include "DashBoardAjax.php";

				return;

			}

			if($module == "NoteDeFraisAjax"){

                include "NoteDeFraisAjax.php";

				return;

            }

			if($module == "NoteDeFraisAjouter"){

                include "NoteDeFraisAjouter.php";

				return;

            }

			if($module == "NoteDeFraisList"){

                include "NoteDeFraisList.php";

				return;

            }

		    if($module == "NoteDeFraisEdit"){

                include "NoteDeFraisEdit.php";

				return;

            }

            if($module == "NoteDeFraisPermission"){

                include "NoteDeFraisPermission.php";

				return;

            }

						
			if($module == "NoteDeFraisParametrage"){

                include "NoteDeFraisParametrage.php";

				return;

            }

			
			if($module == "QuestionnairePicklistAjouter"){


                include "QuestionnairePicklistAjouter.php";


				return;


            }

			if($module == "QuestionnaireListPicklist"){


                include "QuestionnaireListPicklist.php";


				return;


            }

			if($module == "RapportVisitesCoaching"){


                include "RapportVisitesCoaching.php";


				return;


            }

			if($module == "AccountAjax"){

                include "AccountAjax.php";

				return;

            }

			
			if($module == "PharmexObjective"){

                include "PharmexObjective.php";

				return;

            }


			$handlerClass = Vtiger_Loader::getComponentClassName($componentType, $componentName, $qualifiedModuleName);

			$handler = new $handlerClass();


			if ($handler) {

				vglobal('currentModule', $module);


				// Ensure handler validates the request

				$handler->validateRequest($request);


				if ($handler->loginRequired()) {

					$this->checkLogin ($request);

				}


				//TODO : Need to review the design as there can potential security threat

				$skipList = array('Users', 'Home', 'CustomView', 'Import', 'Export', 'Inventory', 'Vtiger', 'PriceBooks', 'Migration', 'Install');


				if(!in_array($module, $skipList) && stripos($qualifiedModuleName, 'Settings') === false) {

					$this->triggerCheckPermission($handler, $request);

				}


				// Every settings page handler should implement this method

				if(stripos($qualifiedModuleName, 'Settings') === 0 || ($module == 'Users')) {

					$handler->checkPermission($request);

				}


				$notPermittedModules = array('ModComments','Integration','DashBoard');


				if(in_array($module, $notPermittedModules) && $view == 'List'){

					header('Location:index.php?module=Home&view=DashBoard');

				}


				$this->triggerPreProcess($handler, $request);			

				//echo $handlerClass;

				$response = $handler->process($request);

				$this->triggerPostProcess($handler, $request);

			} else {

				throw new AppException(vtranslate('LBL_HANDLER_NOT_FOUND'));

			}


		} catch(Exception $e) {

			if ($view) {

				// log for development

				global $log;

				$log->debug($e->getMessage().":".$e->getTraceAsString());


				$viewer = new Vtiger_Viewer();

				$viewer->assign('MESSAGE', $e->getMessage());

				$viewer->view('OperationNotPermitted.tpl', 'Vtiger');

			} else {

				$response = new Vtiger_Response();

				$response->setEmitType(Vtiger_Response::$EMIT_JSON);

				$response->setError($e->getMessage());

			}

		}


		if ($response) {

			$response->emit();

		}

	}

}