PHPXRef 0.7.1 : vtigercrm-6.1.0 : /modules/Settings/Vtiger/actions/CompanyDetailsSave.php source

[Summary view] [Print] [Text view]
   1  <?php
   2  
   3  /* +**********************************************************************************
   4   * The contents of this file are subject to the vtiger CRM Public License Version 1.1
   5   * ("License"); You may not use this file except in compliance with the License
   6   * The Original Code is:  vtiger CRM Open Source
   7   * The Initial Developer of the Original Code is vtiger.
   8   * Portions created by vtiger are Copyright (C) vtiger.
   9   * All Rights Reserved.
  10   * ********************************************************************************** */
  11  
  12  class Settings_Vtiger_CompanyDetailsSave_Action extends Settings_Vtiger_Basic_Action {
  13  
  14  	public function process(Vtiger_Request $request) {
  15          $qualifiedModuleName = $request->getModule(false);
  16          $moduleModel = Settings_Vtiger_CompanyDetails_Model::getInstance();
  17          $status = false;
  18  
  19          if ($request->get('organizationname')) {
  20              $saveLogo = $status = true;
  21              if(!empty($_FILES['logo']['name'])) {
  22                  $logoDetails = $_FILES['logo'];
  23                  $fileType = explode('/', $logoDetails['type']);
  24                  $fileType = $fileType[1];
  25  
  26                  if (!$logoDetails['size'] || !in_array($fileType, Settings_Vtiger_CompanyDetails_Model::$logoSupportedFormats)) {
  27                      $saveLogo = false;
  28                  }
  29                  // Check for php code injection
  30                  $imageContents = file_get_contents($_FILES["logo"]["tmp_name"]);
  31                  if (preg_match('/(<\?php?(.*?))/i', $imageContents) == 1) {
  32                      $saveLogo = false;
  33                  }
  34                  if ($saveLogo) {
  35                      $moduleModel->saveLogo();
  36                  }
  37              }else{
  38                  $saveLogo = true;
  39              }
  40              $fields = $moduleModel->getFields();
  41              foreach ($fields as $fieldName => $fieldType) {
  42                  $fieldValue = $request->get($fieldName);
  43                  if ($fieldName === 'logoname') {
  44                      if (!empty($logoDetails['name'])) {
  45                          $fieldValue = ltrim(basename(" " . $logoDetails['name']));
  46                      } else {
  47                          $fieldValue = $moduleModel->get($fieldName);
  48                      }
  49                  }
  50                  $moduleModel->set($fieldName, $fieldValue);
  51              }
  52              $moduleModel->save();
  53          }
  54  
  55          $reloadUrl = $moduleModel->getIndexViewUrl();
  56          if ($saveLogo && $status) {
  57  
  58          } else if (!$saveLogo) {
  59              $reloadUrl .= '&error=LBL_INVALID_IMAGE';
  60          } else {
  61              $reloadUrl = $moduleModel->getEditViewUrl() . '&error=LBL_FIELDS_INFO_IS_EMPTY';
  62          }
  63          header('Location: ' . $reloadUrl);
  64      }
  65  
  66          public function validateRequest(Vtiger_Request $request) { 
  67              $request->validateWriteAccess(); 
  68          } 
  69  }
PHP Cross Reference of vtigercrm-6.1.0

/modules/Settings/Vtiger/actions/ -> CompanyDetailsSave.php (source)
