[Vtigercrm-developers] Important Bug Workflows and emails

Thu Oct 1 12:38:27 GMT 2015

Hi Manu,

I have applied your fix

but it is  corrupting  the serialised data saving in
com_vtiger_workflowtask table.
also

__vtrftksid:061e920a61b1a795a4cef8c3fbd9e35e6b26cede,1443697598
__vtrftksid:061e920a61b1a795a4cef8c3fbd9e35e6b26cede,1443697598

this variables comes two times in ajax request

Regards,
Lajeesh

On Wed, Sep 16, 2015 at 6:07 PM, Manu urs <manu.k at vtiger.com> wrote:

> Hi
>
> Having code in  end of config.inc.php  is not a good idea .It would be
> fine to have a separate config.security.php  file and this be included
> through config.inc.php
>
> Regards,
> Manu Urs
>
>
>
> On Tue, Sep 15, 2015 at 9:44 PM, Manuel Fernando <ptdesigner at gmail.com>
> wrote:
>
>> Manu,
>>
>> After some days we ran into this error:
>> *Fatal error*: Cannot redeclare csrf_startup() (previously declared in
>> /home/jupix/public_html/vtiger/config.inc.php:213) in
>> */home/jupix/public_html/vtiger/config.inc.php* on line *224*
>>
>> We added the code you suggested to the end of config.inc.php
>> Would make any diference?
>> If we add this code to config.php , before line
>> include('config.inc.php’); or after? What do you recommend?
>>
>>
>>
>>
>> No dia 13/09/2015, às 20:04, Steve Kenow <skenow at rdspos.com> escreveu:
>>
>> Yeah - any time you edit and save the email, the script is added again. I
>> always view the source before saving and strip out the script completely. 1
>> will be added back as it is being saved.
>>
>> On Thu, Sep 10, 2015 at 8:15 PM, Richard Hills - Technologywise <
>> richard at tw.co.nz> wrote:
>>
>>> Can anyone tell me more about this issue?
>>>
>>> I've just set up a workflow to send an email and ideally I don't want
>>> any tracking / html at all. Wondering if there is a way to force an email
>>> for this workflow to exclude all html?
>>>
>>> My issue is mostly however with the javascript included in the mail:
>>>
>>> 	<script type="text/javascript">if (top != self) {top.location.href = self.location.href;}</script><script type="text/javascript">var csrfMagicToken = "sid:6d69ceadb7e999ee89105b6ec2b7f01790db3bb7,1441924512";var csrfMagicName = "__vtrftk";</script><script src="libraries/csrf-magic/csrf-magic.js" type="text/javascript"></script><script type="text/javascript">if (top != self) {top.location.href = self.location.href;}</script><script type="text/javascript">var csrfMagicToken = "sid:b61c3de7d74cdc94362af7597429f8cdfcb0a05c,1441927628";var csrfMagicName = "__vtrftk";</script><script src="libraries/csrf-magic/csrf-magic.js" type="text/javascript"></script>
>>>
>>> I have attempted to add the patch below, but have a feeling the bug was
>>> causing multiples of the javascript to be sent, whereas one is actually
>>> expected?
>>>
>>> Any advice would be appreciated, worst case I will add a custom workflow
>>> function and use my own mailer calls.
>>>
>>> Thanks
>>>
>>>
>>> On 31/08/15 17:10, Manu urs wrote:
>>>
>>> Hi
>>>
>>> Please add the below patch of code in the config.php  file  to solve the
>>> issue.
>>>
>>> /**
>>>>  * Vtiger specific custom config startup for CSRF
>>>>  */
>>>> function csrf_startup(){
>>>>     //Override the default expire time of token
>>>>     $GLOBALS['csrf']['expires'] = 259200;
>>>>
>>>>     /**if an ajax request initiated, then if php serves content with <html> tags
>>>>      * as a response, then unnecessarily we are injecting csrf magic javascipt
>>>>      * in the response html at <head> and <body> using csrf_ob_handler().
>>>>      * So, to overwride above rewriting we need following config.
>>>>      */
>>>>     if(isAjax()) {
>>>>         $GLOBALS['csrf']['frame-breaker'] = false;
>>>>         $GLOBALS['csrf']['rewrite-js'] = null;
>>>>     }
>>>> }
>>>>
>>>> function isAjax() {
>>>>     if (!empty($_SERVER['HTTP_X_PJAX']) && $_SERVER['HTTP_X_PJAX'] == true) {
>>>>         return true;
>>>>     } elseif (!empty($_SERVER['HTTP_X_REQUESTED_WITH'])) {
>>>>         return true;
>>>>     }
>>>>     return false;
>>>> }
>>>>
>>>>
>>> Regards,
>>> Manu Urs
>>>
>>> On Sun, Aug 30, 2015 at 11:42 AM, Stacey Johnson <
>>> stacey.johnson110 at gmail.com> wrote:
>>>
>>>> What about below reported bug?
>>>> What time frame "soon" should normally cover?
>>>>
>>>> On Sat, May 9, 2015 at 12:46 AM, Uma S <uma.s at vtiger.com> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> We are in between different project development work, will get back
>>>>> soon.
>>>>>
>>>>> On Fri, May 8, 2015 at 9:33 PM, Alan Lord < <alanslists at gmail.com>
>>>>> alanslists at gmail.com> wrote:
>>>>>
>>>>>> On 08/05/15 16:39, Manuel Fernando wrote:
>>>>>>
>>>>>>> Uma S,
>>>>>>>
>>>>>>> I know you could reproduce this error. Great, but any fix soon or
>>>>>>> plans
>>>>>>> to update us?
>>>>>>>
>>>>>>
>>>>>> +1
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> http://www.vtiger.com/
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> With
>>>>> Best Regards
>>>>> Uma.S
>>>>> Vtiger Team
>>>>>
>>>>> _______________________________________________
>>>>> http://www.vtiger.com/
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> http://www.vtiger.com/
>>>>
>>>
>>>
>>>
>>> --
>>> Regards,
>>> Manu
>>>
>>>
>>> _______________________________________________http://www.vtiger.com/
>>>
>>>
>>> --
>>> Richard Hills
>>> TechnologyWise Ltd, Tauranga, NZrichard at tw.co.nzwww.technologywise.co.nz
>>> ph: +64 (0)7 571 1060
>>> fax: +64 (0)7 571 1061
>>>
>>>
>>> _______________________________________________
>>> http://www.vtiger.com/
>>>
>>
>>
>>
>> --
>> *Steve Kenow*
>> Retail Data Systems of Minnesota
>> Manager, Service Desk and End User Support
>> Direct: 952.392.2686
>> Office: 952.934.4002
>> skenow at rdspos.com
>>
>>
>>
>>
>> _______________________________________________
>> http://www.vtiger.com/
>>
>>
>>
>> _______________________________________________
>> http://www.vtiger.com/
>>
>
>
>
> --
> Regards,
> Manu
>
> _______________________________________________
> http://www.vtiger.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20151001/508a45c8/attachment.html>