[Vtigercrm-developers] Error trying to save a new Record of a new Custom module

Juan Pablo Botero juanpabloboterolopez at gmail.com
Tue Aug 21 22:43:33 PDT 2012 

Hello.

I watch in file '<vtiger>/include/utils/CommonUtils.php' the function:
function

checkFileAccessForInclusion($filepath)

And the conditional that kills the proccess is:

if (stripos($realfilepath, $rootdirpath) !== 0 ||
in_array($filePathParts[0], $unsafeDirectories)) {
        die("Sorry! Attempt to access restricted file.");
    }

i test both functions in the conditional, the function
stripos($realfilepath, $rootdirpath) is different that 0, so, it only
happens in new module made with vtlib.

I don't know if that works, or my search is usesless.

So, what is the best way to make a new module in vtiger 5.4?

Thanks a lot for your patience.


2012/8/21 Juan Pablo Botero <juanpabloboterolopez at gmail.com>

> Hi, thank you so Much.
>
> 2012/8/21 Adam Heinz <amh at metricwise.net>
>
>> On Tue, Aug 21, 2012 at 4:16 AM, Alan Lord <alanslists at gmail.com> wrote:
>> > If this is the case, take a look at include/utils/CommonUtils.php and
>> > check the functions like:
>> >
>> > checkFileAccess($filepath)
>>
>
> i have that function with sentence:
>
> die("Sorry! Attempt to access restricted file. <br />Filepath: " .
> $realfilepath. "<br /> Rootdirpath:" . $rootdirpath);
>
> And doesn't print any path.
>
>
>> > checkFileAccessForInclusion($filepath)
>>
>> Put a debug_print_backtrace() call before each die statement in those
>> two functions to shine some light.
>>
>
> I added before the two die statement, i think is more comfortable that i
> attach a document with the output.
>
> Thanks.
>
>
>
>
>
>> _______________________________________________
>> http://www.vtiger.com/
>>
>
>
>
> --
> Cordialmente:
> Juan Pablo Botero
> Administrador de Sistemas informáticos
> Fedora Ambassador for Colombia
> http://www.jpilldev.net
>
>


-- 
Cordialmente:
Juan Pablo Botero
Administrador de Sistemas informáticos
Fedora Ambassador for Colombia
http://www.jpilldev.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20120822/7956db07/attachment.html

More information about the vtigercrm-developers mailing list