[Vtigercrm-developers] Important Bug Workflows and emails

lajeesh k lajeeshk at gmail.com
Thu Oct 1 17:01:14 GMT 2015 

write this function in separate file and then included in config file


Regards,
Lajeesh

On Thu, Oct 1, 2015 at 9:29 PM, Stacey Johnson <stacey.johnson110 at gmail.com>
wrote:

> Lajeesh, did you set this script in config.php?
>
> Stacey
>
> On Thu, Oct 1, 2015 at 9:33 PM, lajeesh k <lajeeshk at gmail.com> wrote:
>
>> manu's script gives me a hint about this issue.
>> I have write a code to skip appending csrf code on workflow email task
>> edit
>>
>> function csrf_startup(){
>>     if(isset($_POST['module']) && $_POST['module'] == 'Workflows' &&
>> isset($_POST['view']) && $_POST['view'] == 'EditTask' &&
>> isset($_POST['type']) && $_POST['type'] == 'VTEmailTask'){
>>
>>         csrf_conf('rewrite', false);
>>     }
>>
>>
>> }
>>
>>
>> Regards,
>> Lajeesh
>>
>> On Thu, Oct 1, 2015 at 6:08 PM, lajeesh k <lajeeshk at gmail.com> wrote:
>>
>>> Hi Manu,
>>>
>>> I have applied your fix
>>>
>>> but it is  corrupting  the serialised data saving in
>>> com_vtiger_workflowtask table.
>>> also
>>>
>>> __vtrftksid:061e920a61b1a795a4cef8c3fbd9e35e6b26cede,1443697598
>>> __vtrftksid:061e920a61b1a795a4cef8c3fbd9e35e6b26cede,1443697598
>>>
>>> this variables comes two times in ajax request
>>>
>>>
>>>
>>>
>>> Regards,
>>> Lajeesh
>>>
>>> On Wed, Sep 16, 2015 at 6:07 PM, Manu urs <manu.k at vtiger.com> wrote:
>>>
>>>> Hi
>>>>
>>>> Having code in  end of config.inc.php  is not a good idea .It would be
>>>> fine to have a separate config.security.php  file and this be included
>>>> through config.inc.php
>>>>
>>>> Regards,
>>>> Manu Urs
>>>>
>>>>
>>>>
>>>> On Tue, Sep 15, 2015 at 9:44 PM, Manuel Fernando <ptdesigner at gmail.com>
>>>> wrote:
>>>>
>>>>> Manu,
>>>>>
>>>>> After some days we ran into this error:
>>>>> *Fatal error*: Cannot redeclare csrf_startup() (previously declared
>>>>> in /home/jupix/public_html/vtiger/config.inc.php:213) in
>>>>> */home/jupix/public_html/vtiger/config.inc.php* on line *224*
>>>>>
>>>>> We added the code you suggested to the end of config.inc.php
>>>>> Would make any diference?
>>>>> If we add this code to config.php , before line
>>>>> include('config.inc.php’); or after? What do you recommend?
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> No dia 13/09/2015, às 20:04, Steve Kenow <skenow at rdspos.com> escreveu:
>>>>>
>>>>> Yeah - any time you edit and save the email, the script is added
>>>>> again. I always view the source before saving and strip out the script
>>>>> completely. 1 will be added back as it is being saved.
>>>>>
>>>>> On Thu, Sep 10, 2015 at 8:15 PM, Richard Hills - Technologywise <
>>>>> richard at tw.co.nz> wrote:
>>>>>
>>>>>> Can anyone tell me more about this issue?
>>>>>>
>>>>>> I've just set up a workflow to send an email and ideally I don't want
>>>>>> any tracking / html at all. Wondering if there is a way to force an email
>>>>>> for this workflow to exclude all html?
>>>>>>
>>>>>> My issue is mostly however with the javascript included in the mail:
>>>>>>
>>>>>> 	<script type="text/javascript">if (top != self) {top.location.href = self.location.href;}</script><script type="text/javascript">var csrfMagicToken = "sid:6d69ceadb7e999ee89105b6ec2b7f01790db3bb7,1441924512";var csrfMagicName = "__vtrftk";</script><script src="libraries/csrf-magic/csrf-magic.js" type="text/javascript"></script><script type="text/javascript">if (top != self) {top.location.href = self.location.href;}</script><script type="text/javascript">var csrfMagicToken = "sid:b61c3de7d74cdc94362af7597429f8cdfcb0a05c,1441927628";var csrfMagicName = "__vtrftk";</script><script src="libraries/csrf-magic/csrf-magic.js" type="text/javascript"></script>
>>>>>>
>>>>>> I have attempted to add the patch below, but have a feeling the bug
>>>>>> was causing multiples of the javascript to be sent, whereas one is actually
>>>>>> expected?
>>>>>>
>>>>>> Any advice would be appreciated, worst case I will add a custom
>>>>>> workflow function and use my own mailer calls.
>>>>>>
>>>>>> Thanks
>>>>>>
>>>>>>
>>>>>> On 31/08/15 17:10, Manu urs wrote:
>>>>>>
>>>>>> Hi
>>>>>>
>>>>>> Please add the below patch of code in the config.php  file  to solve
>>>>>> the issue.
>>>>>>
>>>>>> /**
>>>>>>>  * Vtiger specific custom config startup for CSRF
>>>>>>>  */
>>>>>>> function csrf_startup(){
>>>>>>>     //Override the default expire time of token
>>>>>>>     $GLOBALS['csrf']['expires'] = 259200;
>>>>>>>
>>>>>>>     /**if an ajax request initiated, then if php serves content with <html> tags
>>>>>>>      * as a response, then unnecessarily we are injecting csrf magic javascipt
>>>>>>>      * in the response html at <head> and <body> using csrf_ob_handler().
>>>>>>>      * So, to overwride above rewriting we need following config.
>>>>>>>      */
>>>>>>>     if(isAjax()) {
>>>>>>>         $GLOBALS['csrf']['frame-breaker'] = false;
>>>>>>>         $GLOBALS['csrf']['rewrite-js'] = null;
>>>>>>>     }
>>>>>>> }
>>>>>>>
>>>>>>> function isAjax() {
>>>>>>>     if (!empty($_SERVER['HTTP_X_PJAX']) && $_SERVER['HTTP_X_PJAX'] == true) {
>>>>>>>         return true;
>>>>>>>     } elseif (!empty($_SERVER['HTTP_X_REQUESTED_WITH'])) {
>>>>>>>         return true;
>>>>>>>     }
>>>>>>>     return false;
>>>>>>> }
>>>>>>>
>>>>>>>
>>>>>> Regards,
>>>>>> Manu Urs
>>>>>>
>>>>>> On Sun, Aug 30, 2015 at 11:42 AM, Stacey Johnson <
>>>>>> stacey.johnson110 at gmail.com> wrote:
>>>>>>
>>>>>>> What about below reported bug?
>>>>>>> What time frame "soon" should normally cover?
>>>>>>>
>>>>>>> On Sat, May 9, 2015 at 12:46 AM, Uma S <uma.s at vtiger.com> wrote:
>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> We are in between different project development work, will get back
>>>>>>>> soon.
>>>>>>>>
>>>>>>>> On Fri, May 8, 2015 at 9:33 PM, Alan Lord < <alanslists at gmail.com>
>>>>>>>> alanslists at gmail.com> wrote:
>>>>>>>>
>>>>>>>>> On 08/05/15 16:39, Manuel Fernando wrote:
>>>>>>>>>
>>>>>>>>>> Uma S,
>>>>>>>>>>
>>>>>>>>>> I know you could reproduce this error. Great, but any fix soon or
>>>>>>>>>> plans
>>>>>>>>>> to update us?
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> +1
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> With
>>>>>>>> Best Regards
>>>>>>>> Uma.S
>>>>>>>> Vtiger Team
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://www.vtiger.com/
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> http://www.vtiger.com/
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Regards,
>>>>>> Manu
>>>>>>
>>>>>>
>>>>>> _______________________________________________http://www.vtiger.com/
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Richard Hills
>>>>>> TechnologyWise Ltd, Tauranga, NZrichard at tw.co.nzwww.technologywise.co.nz
>>>>>> ph: +64 (0)7 571 1060
>>>>>> fax: +64 (0)7 571 1061
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> http://www.vtiger.com/
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> *Steve Kenow*
>>>>> Retail Data Systems of Minnesota
>>>>> Manager, Service Desk and End User Support
>>>>> Direct: 952.392.2686
>>>>> Office: 952.934.4002
>>>>> skenow at rdspos.com
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> http://www.vtiger.com/
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> http://www.vtiger.com/
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Regards,
>>>> Manu
>>>>
>>>> _______________________________________________
>>>> http://www.vtiger.com/
>>>>
>>>
>>>
>>
>> _______________________________________________
>> http://www.vtiger.com/
>>
>
>
> _______________________________________________
> http://www.vtiger.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20151001/a7e8e5fe/attachment-0001.html>

More information about the vtigercrm-developers mailing list