<div dir="ltr"><span style="font-size:12.8000001907349px">Lajeesh, did you set this script in config.php?</span><br><div><span style="font-size:12.8000001907349px"><br></span></div><div><span style="font-size:12.8000001907349px">Stacey</span></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Oct 1, 2015 at 9:33 PM, lajeesh k <span dir="ltr"><<a href="mailto:lajeeshk@gmail.com" target="_blank">lajeeshk@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>manu's script gives me a hint about this issue.<br></div>I have write a code to skip appending csrf code on workflow email task edit<br><br>function csrf_startup(){<br> if(isset($_POST['module']) && $_POST['module'] == 'Workflows' && isset($_POST['view']) && $_POST['view'] == 'EditTask' && isset($_POST['type']) && $_POST['type'] == 'VTEmailTask'){<br> <br> csrf_conf('rewrite', false);<br> }<br> <br> <br>}<br></div><div class="gmail_extra"><br clear="all"><div><div><br>Regards,<br>Lajeesh<br></div></div><div><div class="h5">
<br><div class="gmail_quote">On Thu, Oct 1, 2015 at 6:08 PM, lajeesh k <span dir="ltr"><<a href="mailto:lajeeshk@gmail.com" target="_blank">lajeeshk@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div><div>Hi Manu,<br><br></div>I have applied your fix<br><br></div>but it is corrupting the serialised data saving in com_vtiger_workflowtask table.<br></div>also <br><br><span>__vtrftk</span><code>sid:061e920a61b1a795a4cef8c3fbd9e35e6b26cede,1443697598</code><span><br>__vtrftk</span><code>sid:061e920a61b1a795a4cef8c3fbd9e35e6b26cede,1443697598<br><br></code></div><code>this variables comes two times in ajax request<br></code><div><code><br></code><div><br></div></div></div><div class="gmail_extra"><br clear="all"><div><div><br>Regards,<br>Lajeesh<br></div></div>
<br><div class="gmail_quote"><div><div>On Wed, Sep 16, 2015 at 6:07 PM, Manu urs <span dir="ltr"><<a href="mailto:manu.k@vtiger.com" target="_blank">manu.k@vtiger.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div><div dir="ltr">Hi <br><br><div>Having code in <span style="color:rgb(0,0,0);font-variant:normal;letter-spacing:normal;line-height:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="color:rgb(0,0,0);font-family:Helvetica;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="font-weight:normal"><span><span style="font-family:Helvetica;font-style:normal"><span><span><span> end of config.inc.php </span></span></span></span></span></span></span></span> is not a good idea .It would be fine to have a separate config.security.php file and this be included through config.inc.php<br><br></div><div>Regards,<br></div><div>Manu Urs<br></div><div><br></div><br></div><div><div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Sep 15, 2015 at 9:44 PM, Manuel Fernando <span dir="ltr"><<a href="mailto:ptdesigner@gmail.com" target="_blank">ptdesigner@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div><span style="color:rgb(0,0,0);font-variant:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="color:rgb(0,0,0);font-family:Helvetica;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="font-weight:normal"><span><span style="font-family:Helvetica;font-style:normal"><span><span><span>Manu,
</span></span></span></span></span></span></span></span></div><div><span style="color:rgb(0,0,0);font-variant:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="color:rgb(0,0,0);font-family:Helvetica;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="font-weight:normal"><span><span style="font-family:Helvetica;font-style:normal"><span><span><span><br></span></span></span></span></span></span></span></span></div><div><span style="color:rgb(0,0,0);font-variant:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="color:rgb(0,0,0);font-family:Helvetica;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="font-weight:normal"><span><span style="font-family:Helvetica;font-style:normal"><span><span><span>After some days we ran into this error:</span></span></span></span></span></span></span></span></div><div><span style="color:rgb(0,0,0);font-variant:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="color:rgb(0,0,0);font-family:Helvetica;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="font-weight:normal"><span><span style="font-family:Helvetica;font-style:normal"><span><span><span><b>Fatal error</b>: Cannot redeclare csrf_startup() (previously declared in /home/jupix/public_html/vtiger/config.inc.php:213) in <b>/home/jupix/public_html/vtiger/config.inc.php</b> on line <b>224</b></span></span></span></span></span></span></span></span></div><div><span style="color:rgb(0,0,0);font-variant:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="color:rgb(0,0,0);font-family:Helvetica;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="font-weight:normal"><span><span style="font-family:Helvetica;font-style:normal"><span><span><span><br></span></span></span></span></span></span></span></span></div><div><span style="color:rgb(0,0,0);font-variant:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="color:rgb(0,0,0);font-family:Helvetica;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="font-weight:normal"><span><span style="font-family:Helvetica;font-style:normal"><span><span><span>We added the code you suggested to the end of config.inc.php </span></span></span></span></span></span></span></span></div><div>Would make any diference?</div><div>If we add this code to config.php , before line include('config.inc.php’); or after? What do you recommend?</div><div><span style="color:rgb(0,0,0);font-variant:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="color:rgb(0,0,0);font-family:Helvetica;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="font-weight:normal"><span><span style="font-family:Helvetica;font-style:normal"><span><span><span><br></span></span></span></span></span></span></span></span></div><div><br></div><div><span style="color:rgb(0,0,0);font-variant:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="color:rgb(0,0,0);font-family:Helvetica;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:-webkit-auto;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><span style="font-weight:normal"><span><span style="font-family:Helvetica;font-style:normal"><span><span><span><b><br></b></span></span></span></span></span></span></span></span></div>
<br><div><blockquote type="cite"><div><div><div>No dia 13/09/2015, às 20:04, Steve Kenow <<a href="mailto:skenow@rdspos.com" target="_blank">skenow@rdspos.com</a>> escreveu:</div><br></div></div><div><div><div><div dir="ltr">Yeah - any time you edit and save the email, the script is added again. I always view the source before saving and strip out the script completely. 1 will be added back as it is being saved.<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Sep 10, 2015 at 8:15 PM, Richard Hills - Technologywise <span dir="ltr"><<a href="mailto:richard@tw.co.nz" target="_blank">richard@tw.co.nz</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
Can anyone tell me more about this issue?<br>
<br>
I've just set up a workflow to send an email and ideally I don't
want any tracking / html at all. Wondering if there is a way to
force an email for this workflow to exclude all html?<br>
<br>
My issue is mostly however with the javascript included in the mail:<br>
<br>
<blockquote type="cite">
<pre> <script type="text/javascript">if (top != self) {top.location.href = self.location.href;}</script><script type="text/javascript">var csrfMagicToken = "sid:6d69ceadb7e999ee89105b6ec2b7f01790db3bb7,1441924512";var csrfMagicName = "__vtrftk";</script><script src="libraries/csrf-magic/csrf-magic.js" type="text/javascript"></script><script type="text/javascript">if (top != self) {top.location.href = self.location.href;}</script><script type="text/javascript">var csrfMagicToken = "sid:b61c3de7d74cdc94362af7597429f8cdfcb0a05c,1441927628";var csrfMagicName = "__vtrftk";</script><script src="libraries/csrf-magic/csrf-magic.js" type="text/javascript"></script></pre>
</blockquote>
I have attempted to add the patch below, but have a feeling the bug
was causing multiples of the javascript to be sent, whereas one is
actually expected?<br>
<br>
Any advice would be appreciated, worst case I will add a custom
workflow function and use my own mailer calls.<br>
<br>
Thanks<div><div><br>
<br>
<div>On 31/08/15 17:10, Manu urs wrote:<br>
</div>
</div></div><blockquote type="cite"><div><div>
<div dir="ltr">
<div>
<div>
<div>Hi<br>
<br>
</div>
Please add the below patch of code in the config.php file
to solve the issue.<br>
<br>
<blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail_quote">
<pre>/**
* Vtiger specific custom config startup for CSRF
*/
function csrf_startup(){
//Override the default expire time of token
$GLOBALS['csrf']['expires'] = 259200;
/**if an ajax request initiated, then if php serves content with <html> tags
* as a response, then unnecessarily we are injecting csrf magic javascipt
* in the response html at <head> and <body> using csrf_ob_handler().
* So, to overwride above rewriting we need following config.
*/
if(isAjax()) {
$GLOBALS['csrf']['frame-breaker'] = false;
$GLOBALS['csrf']['rewrite-js'] = null;
}
}
function isAjax() {
if (!empty($_SERVER['HTTP_X_PJAX']) && $_SERVER['HTTP_X_PJAX'] == true) {
return true;
} elseif (!empty($_SERVER['HTTP_X_REQUESTED_WITH'])) {
return true;
}
return false;
}</pre>
</blockquote>
<br>
</div>
Regards,<br>
</div>
Manu Urs<br>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Sun, Aug 30, 2015 at 11:42 AM,
Stacey Johnson <span dir="ltr"><<a href="mailto:stacey.johnson110@gmail.com" target="_blank">stacey.johnson110@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div>What about below reported bug?<br>
</div>
What time frame "soon" should normally cover?<br>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Sat, May 9, 2015 at 12:46 AM,
Uma S <span dir="ltr"><<a href="mailto:uma.s@vtiger.com" target="_blank">uma.s@vtiger.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Hi,
<div><br>
</div>
<div>We are in between different project development
work, will get back soon.</div>
</div>
<div class="gmail_extra">
<div>
<div><br>
<div class="gmail_quote">On Fri, May 8, 2015 at
9:33 PM, Alan Lord <span dir="ltr"><<a href="mailto:alanslists@gmail.com" target="_blank"></a><a href="mailto:alanslists@gmail.com" target="_blank">alanslists@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span>On
08/05/15 16:39, Manuel Fernando wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Uma S,<br>
<br>
I know you could reproduce this error.
Great, but any fix soon or plans<br>
to update us?<br>
</blockquote>
<br>
</span>
+1<br>
<br>
<br>
_______________________________________________<br>
<a href="http://www.vtiger.com/" target="_blank">http://www.vtiger.com/</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
</div>
</div>
<span>-- <br>
<div>
<div dir="ltr">With<br>
Best Regards<br>
Uma.S<br>
<div>Vtiger Team</div>
</div>
</div>
</span></div>
<br>
_______________________________________________<br>
<a href="http://www.vtiger.com/" rel="noreferrer" target="_blank">http://www.vtiger.com/</a><br>
</blockquote>
</div>
<br>
</div>
<br>
_______________________________________________<br>
<a href="http://www.vtiger.com/" rel="noreferrer" target="_blank">http://www.vtiger.com/</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
<div>
<div dir="ltr">
<div>Regards,<br>
</div>
Manu<br>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</div></div><pre>_______________________________________________
<a href="http://www.vtiger.com/" target="_blank">http://www.vtiger.com/</a></pre><span><font color="#888888">
</font></span></blockquote><span><font color="#888888">
<br>
<pre cols="72">--
Richard Hills
TechnologyWise Ltd, Tauranga, NZ
<a href="mailto:richard@tw.co.nz" target="_blank">richard@tw.co.nz</a>
<a href="http://www.technologywise.co.nz/" target="_blank">www.technologywise.co.nz</a>
ph: <a href="tel:%2B64%20%280%297%20571%201060" value="+6475711060" target="_blank">+64 (0)7 571 1060</a>
fax: <a href="tel:%2B64%20%280%297%20571%201061" value="+6475711061" target="_blank">+64 (0)7 571 1061</a></pre>
</font></span></div>
<br>_______________________________________________<br>
<a href="http://www.vtiger.com/" rel="noreferrer" target="_blank">http://www.vtiger.com/</a><br></blockquote></div><br><br clear="all"><br>-- <br><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><i><b>Steve Kenow</b></i><br></div><div>Retail Data Systems of Minnesota<br></div>Manager, Service Desk and End User Support<br><div>Direct: 952.392.2686</div><div>Office: 952.934.4002</div><div><a href="mailto:skenow@rdspos.com" target="_blank">skenow@rdspos.com</a></div><div><br><img src="http://rdspos.com/Portals/0/Web-RDS-Logo.jpg" height="39" width="96"><br><br><br></div></div></div></div></div></div></div></div></div>
</div></div></div>
_______________________________________________<br><a href="http://www.vtiger.com/" target="_blank">http://www.vtiger.com/</a></div></blockquote></div><br></div><br>_______________________________________________<br>
<a href="http://www.vtiger.com/" rel="noreferrer" target="_blank">http://www.vtiger.com/</a><br></blockquote></div><br><br clear="all"><br>-- <br><div><div dir="ltr"><div>Regards,<br></div>Manu<br></div></div>
</div>
</div></div><br></div></div>_______________________________________________<br>
<a href="http://www.vtiger.com/" rel="noreferrer" target="_blank">http://www.vtiger.com/</a><br></blockquote></div><br></div>
</blockquote></div><br></div></div></div>
<br>_______________________________________________<br>
<a href="http://www.vtiger.com/" rel="noreferrer" target="_blank">http://www.vtiger.com/</a><br></blockquote></div><br></div>