[Vtigercrm-developers] Important Bug Workflows and emails

Manu urs manu.k at vtiger.com
Wed Sep 16 12:37:54 GMT 2015 

Hi

Having code in  end of config.inc.php  is not a good idea .It would be fine
to have a separate config.security.php  file and this be included through
config.inc.php

Regards,
Manu Urs



On Tue, Sep 15, 2015 at 9:44 PM, Manuel Fernando <ptdesigner at gmail.com>
wrote:

> Manu,
>
> After some days we ran into this error:
> *Fatal error*: Cannot redeclare csrf_startup() (previously declared in
> /home/jupix/public_html/vtiger/config.inc.php:213) in
> */home/jupix/public_html/vtiger/config.inc.php* on line *224*
>
> We added the code you suggested to the end of config.inc.php
> Would make any diference?
> If we add this code to config.php , before line include('config.inc.php’);
> or after? What do you recommend?
>
>
>
>
> No dia 13/09/2015, às 20:04, Steve Kenow <skenow at rdspos.com> escreveu:
>
> Yeah - any time you edit and save the email, the script is added again. I
> always view the source before saving and strip out the script completely. 1
> will be added back as it is being saved.
>
> On Thu, Sep 10, 2015 at 8:15 PM, Richard Hills - Technologywise <
> richard at tw.co.nz> wrote:
>
>> Can anyone tell me more about this issue?
>>
>> I've just set up a workflow to send an email and ideally I don't want any
>> tracking / html at all. Wondering if there is a way to force an email for
>> this workflow to exclude all html?
>>
>> My issue is mostly however with the javascript included in the mail:
>>
>> 	<script type="text/javascript">if (top != self) {top.location.href = self.location.href;}</script><script type="text/javascript">var csrfMagicToken = "sid:6d69ceadb7e999ee89105b6ec2b7f01790db3bb7,1441924512";var csrfMagicName = "__vtrftk";</script><script src="libraries/csrf-magic/csrf-magic.js" type="text/javascript"></script><script type="text/javascript">if (top != self) {top.location.href = self.location.href;}</script><script type="text/javascript">var csrfMagicToken = "sid:b61c3de7d74cdc94362af7597429f8cdfcb0a05c,1441927628";var csrfMagicName = "__vtrftk";</script><script src="libraries/csrf-magic/csrf-magic.js" type="text/javascript"></script>
>>
>> I have attempted to add the patch below, but have a feeling the bug was
>> causing multiples of the javascript to be sent, whereas one is actually
>> expected?
>>
>> Any advice would be appreciated, worst case I will add a custom workflow
>> function and use my own mailer calls.
>>
>> Thanks
>>
>>
>> On 31/08/15 17:10, Manu urs wrote:
>>
>> Hi
>>
>> Please add the below patch of code in the config.php  file  to solve the
>> issue.
>>
>> /**
>>>  * Vtiger specific custom config startup for CSRF
>>>  */
>>> function csrf_startup(){
>>>     //Override the default expire time of token
>>>     $GLOBALS['csrf']['expires'] = 259200;
>>>
>>>     /**if an ajax request initiated, then if php serves content with <html> tags
>>>      * as a response, then unnecessarily we are injecting csrf magic javascipt
>>>      * in the response html at <head> and <body> using csrf_ob_handler().
>>>      * So, to overwride above rewriting we need following config.
>>>      */
>>>     if(isAjax()) {
>>>         $GLOBALS['csrf']['frame-breaker'] = false;
>>>         $GLOBALS['csrf']['rewrite-js'] = null;
>>>     }
>>> }
>>>
>>> function isAjax() {
>>>     if (!empty($_SERVER['HTTP_X_PJAX']) && $_SERVER['HTTP_X_PJAX'] == true) {
>>>         return true;
>>>     } elseif (!empty($_SERVER['HTTP_X_REQUESTED_WITH'])) {
>>>         return true;
>>>     }
>>>     return false;
>>> }
>>>
>>>
>> Regards,
>> Manu Urs
>>
>> On Sun, Aug 30, 2015 at 11:42 AM, Stacey Johnson <
>> stacey.johnson110 at gmail.com> wrote:
>>
>>> What about below reported bug?
>>> What time frame "soon" should normally cover?
>>>
>>> On Sat, May 9, 2015 at 12:46 AM, Uma S <uma.s at vtiger.com> wrote:
>>>
>>>> Hi,
>>>>
>>>> We are in between different project development work, will get back
>>>> soon.
>>>>
>>>> On Fri, May 8, 2015 at 9:33 PM, Alan Lord < <alanslists at gmail.com>
>>>> alanslists at gmail.com> wrote:
>>>>
>>>>> On 08/05/15 16:39, Manuel Fernando wrote:
>>>>>
>>>>>> Uma S,
>>>>>>
>>>>>> I know you could reproduce this error. Great, but any fix soon or
>>>>>> plans
>>>>>> to update us?
>>>>>>
>>>>>
>>>>> +1
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> http://www.vtiger.com/
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> With
>>>> Best Regards
>>>> Uma.S
>>>> Vtiger Team
>>>>
>>>> _______________________________________________
>>>> http://www.vtiger.com/
>>>>
>>>
>>>
>>> _______________________________________________
>>> http://www.vtiger.com/
>>>
>>
>>
>>
>> --
>> Regards,
>> Manu
>>
>>
>> _______________________________________________http://www.vtiger.com/
>>
>>
>> --
>> Richard Hills
>> TechnologyWise Ltd, Tauranga, NZrichard at tw.co.nzwww.technologywise.co.nz
>> ph: +64 (0)7 571 1060
>> fax: +64 (0)7 571 1061
>>
>>
>> _______________________________________________
>> http://www.vtiger.com/
>>
>
>
>
> --
> *Steve Kenow*
> Retail Data Systems of Minnesota
> Manager, Service Desk and End User Support
> Direct: 952.392.2686
> Office: 952.934.4002
> skenow at rdspos.com
>
>
>
>
> _______________________________________________
> http://www.vtiger.com/
>
>
>
> _______________________________________________
> http://www.vtiger.com/
>



-- 
Regards,
Manu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20150916/b076d5a9/attachment-0001.html>

More information about the vtigercrm-developers mailing list