SOPHAL/CRM
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2794e62571dfd83d408483b1edaa5580512b9055
CRM/includes/main/WebUI.php
BACHIR SOULDI 2794e62571 first commit
2025-09-28 08:49:37 +01:00

1329 lines
19 KiB
PHP
Raw Blame History

<?php
/*+**********************************************************************************
* The contents of this file are subject to the vtiger CRM Public License Version 1.1
* ("License"); You may not use this file except in compliance with the License
* The Original Code is: vtiger CRM Open Source
* The Initial Developer of the Original Code is vtiger.
* Portions created by vtiger are Copyright (C) vtiger.
* All Rights Reserved.
************************************************************************************/
require_once 'include/utils/utils.php';
require_once 'include/utils/CommonUtils.php';
require_once 'includes/Loader.php';
vimport ('includes.runtime.EntryPoint');
ob_Start();
ob_end_clean();
class Vtiger_WebUI extends Vtiger_EntryPoint {
/**
* Function to check if the User has logged in
* @param Vtiger_Request $request
* @throws AppException
*/
protected function checkLogin (Vtiger_Request $request) {
if (!$this->hasLogin()) {
$return_params = $_SERVER['QUERY_STRING'];
if($return_params && !$_SESSION['return_params']) {
//Take the url that user would like to redirect after they have successfully logged in.
$return_params = urlencode($return_params);
Vtiger_Session::set('return_params', $return_params);
}
header ('Location: index.php');
throw new AppException('Login is required');
}
}
/**
* Function to get the instance of the logged in User
* @return Users object
*/
function getLogin() {
$user = parent::getLogin();
if (!$user && isset($_SESSION['authenticated_user_id'])) {
$userid = Vtiger_Session::get('AUTHUSERID', $_SESSION['authenticated_user_id']);
if ($userid && vglobal('application_unique_key')==$_SESSION['app_unique_key']) {
$user = CRMEntity::getInstance('Users');
$user->retrieveCurrentUserInfoFromFile($userid);
$this->setLogin($user);
}
}
return $user;
}
protected function triggerCheckPermission($handler, $request) {
$moduleName = $request->getModule();
$moduleModel = Vtiger_Module_Model::getInstance($moduleName);
if (empty($moduleModel)) {
throw new AppException(vtranslate('LBL_HANDLER_NOT_FOUND'));
}
$userPrivilegesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
$permission = $userPrivilegesModel->hasModulePermission($moduleModel->getId());
if ($permission) {
$handler->checkPermission($request);
return;
}
throw new AppException(vtranslate($moduleName, $moduleName).' '.vtranslate('LBL_NOT_ACCESSIBLE'));
}
protected function triggerPreProcess($handler, $request) {
if($request->isAjax()){
return true;
}
$handler->preProcess($request);
}
protected function triggerPostProcess($handler, $request) {
if($request->isAjax()){
return true;
}
$handler->postProcess($request);
}
function isInstalled() {
global $dbconfig;
if (empty($dbconfig) || empty($dbconfig['db_name']) || $dbconfig['db_name'] == '_DBC_TYPE_') {
return false;
}
return true;
}
function process (Vtiger_Request $request) {
Vtiger_Session::init();
// Better place this here as session get initiated
//skipping the csrf checking for the forgot(reset) password
if($request->get('mode') != 'reset' && $request->get('action') != 'Login' && $request->get('mode') != 'fromMig')
require_once 'libraries/csrf-magic/csrf-magic.php';
// TODO - Get rid of global variable $current_user
// common utils api called, depend on this variable right now
$currentUser = $this->getLogin();
vglobal('current_user', $currentUser);
// Traitement pour le Profil CRM Manager admin
$currUser = Users_Record_Model::getCurrentUserModel();
if($currUser){
$roleid = $currUser->get('roleid');
if($roleid == 'H41'){
if(isset($_REQUEST['module'])){
if($_REQUEST['module'] != 'Users' && $_REQUEST['module'] != 'SplashScreenAjax'
&& $_REQUEST['module'] != 'DashBoardAll' && $_REQUEST['module'] != 'DashBoardAjax'){
die;
}
}
}
}
// Traitement pour le Profil CRM Manager
// Check we are being connected to on the right host and protocol
global $site_URL;
$request_URL = ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']==='on')? 'https': 'http')."://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
if ($site_URL && stripos($request_URL, $site_URL) !== 0){
header("Location: $site_URL",TRUE,301);
exit;
}
global $default_language;
vglobal('default_language', $default_language);
$currentLanguage = Vtiger_Language_Handler::getLanguage();
vglobal('current_language',$currentLanguage);
$module = $request->getModule();
$qualifiedModuleName = $request->getModule(false);
if ($currentUser && $qualifiedModuleName) {
$moduleLanguageStrings = Vtiger_Language_Handler::getModuleStringsFromFile($currentLanguage,$qualifiedModuleName);
if(isset($moduleLanguageStrings['languageStrings'])){
vglobal('mod_strings', $moduleLanguageStrings['languageStrings']);
}
}
if ($currentUser) {
$moduleLanguageStrings = Vtiger_Language_Handler::getModuleStringsFromFile($currentLanguage);
if(isset($moduleLanguageStrings['languageStrings'])){
vglobal('app_strings', $moduleLanguageStrings['languageStrings']);
}
}
$view = $request->get('view');
$action = $request->get('action');
$response = false;
//Not able to open other pages when heavy duty view is open.
//heavy duty report views are open and to navigate to other module list view / detail view the page loading almost freezes page.
if ($module == 'Reports' && !$view) {
Vtiger_Session::readonly();
}
try {
if($this->isInstalled() === false && $module != 'Install') {
header('Location:index.php?module=Install&view=Index');
exit;
}
if(empty($module)) {
if ($this->hasLogin()) {
$defaultModule = vglobal('default_module');
$moduleModel = Vtiger_Module_Model::getInstance($defaultModule);
if(!empty($defaultModule) && $defaultModule != 'Home' && $moduleModel && $moduleModel->isActive()) {
$module = $defaultModule; $qualifiedModuleName = $defaultModule; $view = 'List';
if($module == 'Calendar') {
// To load MyCalendar instead of list view for calendar
//TODO: see if it has to enhanced and get the default view from module model
$view = 'Calendar';
}
} else {
$module = 'Home'; $qualifiedModuleName = 'Home'; $view = 'DashBoard';
//sophal
if(showNewDashBoard($_SESSION['authenticated_user_id']) == true)
$module="DashBoardAll";
//sophal
}
} else {
$module = 'Users'; $qualifiedModuleName = 'Settings:Users'; $view = 'Login';
}
$request->set('module', $module);
$request->set('view', $view);
}
if (!empty($action)) {
$componentType = 'Action';
$componentName = $action;
} else {
$componentType = 'View';
if(empty($view)) {
$view = 'Index';
}
$componentName = $view;
}
if($module == "CustomDashboard") {
include "CustomDashboard.php";
return;
}
if($module == "PTGeneration") {
include "PTGeneration.php";
return;
}
if($module == "MyPT") {
include "MyPT.php";
return;
}
if($module == "PTReporting") {
include "PTReporting.php";
return;
}
if($module == "Planning") {
include "Planning.php";
return;
}
if($module == "Objectives") {
include "Objectives.php";
return;
}
if($module == "Veille") {
include "Veille.php";
return;
}
if($module == "MonitoringVMPlanning") {
include "MonitoringVMPlanning.php";
return;
}
if($module == "MonitoringVM") {
include "MonitoringVM.php";
return;
}
if($module == "MonitoringVpBC") {
include "MonitoringVpBC.php";
return;
}
if($module == "MonitoringVpBCTotal") {
include "MonitoringVpBCTotal.php";
return;
}
if($module == "MonitoringVPBCWilaya") {
include "MonitoringVPBCWilaya.php";
return;
}
if($module == "MonitoringVPProduits") {
include "MonitoringVPProduits.php";
return;
}
if($module == "MonitoringVPGrossistes") {
include "MonitoringVPGrossistes.php";
return;
}
if($module == "MonitoringVPCompte") {
include "MonitoringVPCompte.php";
return;
}
if($module == "MonitoringVPVisite") {
include "MonitoringVPVisite.php";
return;
}
if($module == "MonitoringVpObjective") {
include "MonitoringVpObjective.php";
return;
}
if($module == "MonitoringVMVisiteDuo") {
include "MonitoringVMVisiteDuo.php";
return;
}
if($module == "MonitoringVmCompte") {
include "MonitoringVmCompte.php";
return;
}
if($module == "MonitoringVmTypeActivite") {
include "MonitoringVmTypeActivite.php";
return;
}
if($module == "MonitoringVmVisiteSpecialite") {
include "MonitoringVmVisiteSpecialite.php";
return;
}
if($module == "MonitoringVmProduit") {
include "MonitoringVmProduit.php";
return;
}
if($module == "MonitoringVMSpecialite") {
include "MonitoringVMSpecialite.php";
return;
}
if($module == "MonitoringVmVisiteProduitSpecialite") {
include "MonitoringVmVisiteProduitSpecialite.php";
return;
}
if($module == "PrescriptionVMProduit") {
include "PrescriptionVMProduit.php";
return;
}
if($module == "ENT_QCM") {
include "ENT_QCM.php";
return;
}
if($module == "QCMGeneration") {
include "QCMGeneration.php";
return;
}
if($module == "QCMGenerationCorrection"){
include "QCMGenerationCorrection.php";
return;
}
if($module == "QCMGenerationCorrectionDR"){
include "QCMGenerationCorrectionDR.php";
return;
}
if($module == "QCMExamen"){
include "QCMExamen.php";
return;
}
if($module == "QCMAjouterExamen"){
include "QCMAjouterExamen.php";
return;
}
if($module == "QCMExamenEdit"){
include "QCMExamenEdit.php";
return;
}
if($module == "QCMNotes"){
include "QCMNotes.php";
return;
}
if($module == "Encaissement"){
include "Encaissement.php";
return;
}
if($module == "EncaissementAjouter"){
include "EncaissementAjouter.php";
return;
}
if($module == "EncaissementEdit"){
include "EncaissementEdit.php";
return;
}
if($module == "EncaissementBalance"){
include "EncaissementBalance.php";
return;
}
if($module == "Questionnaire"){
include "Questionnaire.php";
return;
}
if($module == "QuestionnaireAjouter"){
include "QuestionnaireAjouter.php";
return;
}
if($module == "QuestionnaireEdit"){
include "QuestionnaireEdit.php";
return;
}
if($module == "QuestionnaireList"){
include "QuestionnaireList.php";
return;
}
if($module == "QuestionnaireListeResultats"){
include "QuestionnaireListeResultats.php";
return;
}
if($module == "QuestionnaireListeResultatsEdit"){
include "QuestionnaireListeResultatsEdit.php";
return;
}
if($module == "QuestionnaireReporting"){
include "QuestionnaireReporting.php";
return;
}
if($module == "QuestionnaireSaveData"){
include "QuestionnaireSaveData.php";
return;
}
if($module == "QuestionnaireTraitement"){
include "QuestionnaireTraitement.php";
return;
}
if($module == "QuestionnaireUpdateQuestion"){
include "QuestionnaireUpdateQuestion.php";
return;
}
if($module == "MonitoringVmPotentialite"){
include "MonitoringVmPotentialite.php";
return;
}
if($module == "MonitoringVmPotentialite"){
include "MonitoringVmPotentialite.php";
return;
}
if($module == "MonitoringVmVisiteWilayaSpecialite"){
include "MonitoringVmVisiteWilayaSpecialite.php";
return;
}
if($module == "MonitoringSuperviseurWilaya"){
include "MonitoringSuperviseurWilaya.php";
return;
}
if($module == "MonitoringSuperviseurReseau"){
include "MonitoringSuperviseurReseau.php";
return;
}
if($module == "TransfertPF"){
include "TransfertPF.php";
return;
}
if($module == "SplashScreenAjax"){
include "SplashScreenAjax.php";
return;
}
if($module == "SplashScreenAjouter"){
include "SplashScreenAjouter.php";
return;
}
if($module == "SplashScreenEdit"){
include "SplashScreenEdit.php";
return;
}
if($module == "SplashScreenListe"){
include "SplashScreenListe.php";
return;
}
if($module == "PlanificationDR"){
include "PlanificationDR.php";
return;
}
if($module == "ExportData"){
include "ExportData.php";
return;
}
if($module == "EtatStockAjouter"){
include "EtatStockAjouter.php";
return;
}
if($module == "EtatStockAjax"){
include "EtatStockAjax.php";
return;
}
if($module == "EtatStockList"){
include "EtatStockList.php";
return;
}
if($module == "EtatStockEdit"){
include "EtatStockEdit.php";
return;
}
if($module == "EtatStockAjaxEdit"){
include "EtatStockAjaxEdit.php";
return;
}
if($module == "EtatStockReporting"){
include "EtatStockReporting.php";
return;
}
if($module == "EtatStockReportingValorisation"){
include "EtatStockReportingValorisation.php";
return;
}
if($module == "EtatStockReportingPreemption"){
include "EtatStockReportingPreemtion.php";
return;
}
if($module == "map"){
include "map.php";
return;
}
if($module == "bonDeCommandeAjax"){
include "bonDeCommandeAjax.php";
return;
}
if($module == "MonitoringPack"){
include "MonitoringPack.php";
return;
}
if($module == "DashBoardAll"){
include "DashBoardAll.php";
return;
}
if($module == "DashBoardAjax"){
include "DashBoardAjax.php";
return;
}
if($module == "NoteDeFraisAjax"){
include "NoteDeFraisAjax.php";
return;
}
if($module == "NoteDeFraisAjouter"){
include "NoteDeFraisAjouter.php";
return;
}
if($module == "NoteDeFraisList"){
include "NoteDeFraisList.php";
return;
}
if($module == "NoteDeFraisEdit"){
include "NoteDeFraisEdit.php";
return;
}
if($module == "NoteDeFraisPermission"){
include "NoteDeFraisPermission.php";
return;
}
if($module == "NoteDeFraisParametrage"){
include "NoteDeFraisParametrage.php";
return;
}
if($module == "QuestionnairePicklistAjouter"){
include "QuestionnairePicklistAjouter.php";
return;
}
if($module == "QuestionnaireListPicklist"){
include "QuestionnaireListPicklist.php";
return;
}
if($module == "RapportVisitesCoaching"){
include "RapportVisitesCoaching.php";
return;
}
if($module == "AccountAjax"){
include "AccountAjax.php";
return;
}
$handlerClass = Vtiger_Loader::getComponentClassName($componentType, $componentName, $qualifiedModuleName);
$handler = new $handlerClass();
if ($handler) {
vglobal('currentModule', $module);
// Ensure handler validates the request
$handler->validateRequest($request);
if ($handler->loginRequired()) {
$this->checkLogin ($request);
}
//TODO : Need to review the design as there can potential security threat
$skipList = array('Users', 'Home', 'CustomView', 'Import', 'Export', 'Inventory', 'Vtiger', 'PriceBooks', 'Migration', 'Install');
if(!in_array($module, $skipList) && stripos($qualifiedModuleName, 'Settings') === false) {
$this->triggerCheckPermission($handler, $request);
}
// Every settings page handler should implement this method
if(stripos($qualifiedModuleName, 'Settings') === 0 || ($module == 'Users')) {
$handler->checkPermission($request);
}
$notPermittedModules = array('ModComments','Integration','DashBoard');
if(in_array($module, $notPermittedModules) && $view == 'List'){
header('Location:index.php?module=Home&view=DashBoard');
}
$this->triggerPreProcess($handler, $request);
//echo $handlerClass;
$response = $handler->process($request);
$this->triggerPostProcess($handler, $request);
} else {
throw new AppException(vtranslate('LBL_HANDLER_NOT_FOUND'));
}
} catch(Exception $e) {
if ($view) {
// log for development
global $log;
$log->debug($e->getMessage().":".$e->getTraceAsString());
$viewer = new Vtiger_Viewer();
$viewer->assign('MESSAGE', $e->getMessage());
$viewer->view('OperationNotPermitted.tpl', 'Vtiger');
} else {
$response = new Vtiger_Response();
$response->setEmitType(Vtiger_Response::$EMIT_JSON);
$response->setError($e->getMessage());
}
}
if ($response) {
$response->emit();
}
}
}
Reference in New Issue View Git Blame Copy Permalink