From 8a4dd92ae0d50f84207b3529b24ed5633effef21 Mon Sep 17 00:00:00 2001 From: Nate Date: Wed, 12 Feb 2020 10:44:29 -0700 Subject: [PATCH] Contacts - Import: Button updates, token integration. --- app/contacts/contact_import.php | 293 ++++++++++++++------------------ 1 file changed, 124 insertions(+), 169 deletions(-) diff --git a/app/contacts/contact_import.php b/app/contacts/contact_import.php index f0f2b4cafb..73b7e5f6cf 100644 --- a/app/contacts/contact_import.php +++ b/app/contacts/contact_import.php @@ -17,7 +17,7 @@ The Initial Developer of the Original Code is Mark J Crane - Portions created by the Initial Developer are Copyright (C) 2008-2017 + Portions created by the Initial Developer are Copyright (C) 2008-2020 the Initial Developer. All Rights Reserved. Contributor(s): @@ -25,7 +25,7 @@ */ //includes - include "root.php"; + require_once "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; @@ -43,7 +43,7 @@ $text = $language->get(); //built in str_getcsv requires PHP 5.3 or higher, this function can be used to reproduct the functionality but requirs PHP 5.1.0 or higher - if(!function_exists('str_getcsv')) { + if (!function_exists('str_getcsv')) { function str_getcsv($input, $delimiter = ",", $enclosure = '"', $escape = "\\") { $fp = fopen("php://memory", 'r+'); fputs($fp, $input); @@ -58,12 +58,10 @@ ini_set('max_execution_time',7200); //get the http get values and set them as php variables - $action = check_str($_POST["action"]); - $order_by = check_str($_POST["order_by"]); - $order = check_str($_POST["order"]); - $from_row = check_str($_POST["from_row"]); - $delimiter = check_str($_POST["data_delimiter"]); - $enclosure = check_str($_POST["data_enclosure"]); + $action = $_POST["action"]; + $from_row = $_POST["from_row"]; + $delimiter = $_POST["data_delimiter"]; + $enclosure = $_POST["data_enclosure"]; //save the data to the csv file if (isset($_POST['data'])) { @@ -75,7 +73,7 @@ //copy the csv file //$_POST['submit'] == "Upload" && if ( is_uploaded_file($_FILES['ulfile']['tmp_name']) && permission_exists('contact_upload')) { - if (check_str($_POST['type']) == 'csv') { + if ($_POST['type'] == 'csv') { move_uploaded_file($_FILES['ulfile']['tmp_name'], $_SESSION['server']['temp']['dir'].'/'.$_FILES['ulfile']['name']); $save_msg = "Uploaded file to ".$_SESSION['server']['temp']['dir']."/". htmlentities($_FILES['ulfile']['name']); //system('chmod -R 744 '.$_SESSION['server']['temp']['dir'].'*'); @@ -93,19 +91,19 @@ //get the schema $x = 0; - include ("app/contacts/app_config.php"); + include "app/contacts/app_config.php"; $i = 0; - foreach($apps[0]['db'] as $table) { + foreach ($apps[0]['db'] as $table) { //get the table name and parent name $table_name = $table["table"]['name']; $parent_name = $table["table"]['parent']; //remove the v_ table prefix if (substr($table_name, 0, 2) == 'v_') { - $table_name = substr($table_name, 2); + $table_name = substr($table_name, 2); } if (substr($parent_name, 0, 2) == 'v_') { - $parent_name = substr($parent_name, 2); + $parent_name = substr($parent_name, 2); } //filter for specific tables and build the schema array @@ -115,7 +113,7 @@ $schema[$i]['table'] = $table_name; $schema[$i]['parent'] = $parent_name; - foreach($table['fields'] as $row) { + foreach ($table['fields'] as $row) { if ($row['deprecated'] !== 'true') { if (is_array($row['name'])) { $field_name = $row['name']['text']; @@ -141,46 +139,51 @@ //match the column names to the field names if (strlen($delimiter) > 0 && file_exists($_SESSION['file']) && $action != 'import') { - //form to match the fields to the column names + //validate the token + $token = new token; + if (!$token->validate($_SERVER['PHP_SELF'])) { + message::add($text['message-invalid_token'],'negative'); + header('Location: extension_imports.php'); + exit; + } + + //create token + $object = new token; + $token = $object->create($_SERVER['PHP_SELF']); + + //include header + $document['title'] = $text['title-contacts_import']; require_once "resources/header.php"; - echo "
\n"; + //form to match the fields to the column names + echo "\n"; + + echo "
\n"; + echo "
".$text['header-contacts_import']."
\n"; + echo "
\n"; + echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'style'=>'margin-right: 15px;','link'=>'contact_import.php']); + echo button::create(['type'=>'submit','label'=>$text['button-import'],'icon'=>$_SESSION['theme']['button_icon_import']]); + echo "
\n"; + echo "
\n"; + echo "
\n"; + + echo $text['description-contacts_import']."\n"; + echo "

\n"; + echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - - //echo "\n"; - //echo "\n"; - //echo "\n"; - //echo "\n"; - //loop through user columns $x = 0; foreach ($line_fields as $line_field) { $line_field = trim(trim($line_field), $enclosure); echo "\n"; - echo "\n"; - echo "\n"; + echo " \n"; - echo " \n"; + echo " \n"; + echo "\n"; $x++; } - echo " \n"; - echo " \n"; - echo " \n"; + echo "
\n"; - echo " ".$text['header-contacts_import']."
\n"; - echo " 		\n"; - echo " \n"; - echo " \n"; - echo "
\n"; - echo " ".$text['description-contacts_import']."\n"; - echo "
".$text['header-contacts_import']."\n"; - //echo " \n"; - //echo "
\n"; + echo " \n"; //echo " ".$text['label-zzz']."\n"; echo $line_field; - echo "\n"; - echo " \n"; + echo " \n"; + echo " \n"; //echo "
\n"; //echo $text['description-zzz']."\n"; - echo "
\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo "
\n"; + echo "

\n"; + + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; - echo " \n"; echo "
\n"; + require_once "resources/footer.php"; //normalize the column names @@ -238,11 +240,16 @@ } } -//upload the contact csv +//upload the csv if (file_exists($_SESSION['file']) && $action == 'import') { - //form to match the fields to the column names - //require_once "resources/header.php"; + //validate the token + $token = new token; + if (!$token->validate($_SERVER['PHP_SELF'])) { + message::add($text['message-invalid_token'],'negative'); + header('Location: extension_imports.php'); + exit; + } //user selected fields $fields = $_POST['fields']; @@ -261,14 +268,14 @@ $parameters['domain_uuid'] = $domain_uuid; $database = new database; $users = $database->select($sql, $parameters, 'all'); - unset($sql); + unset($sql, $parameters); //get the contents of the csv file and convert them into an array $handle = @fopen($_SESSION['file'], "r"); if ($handle) { - //pre-set the numbers - $row_number = 1; + //set the starting identifiers $row_id = 0; + $row_number = 1; //loop through the array while (($line = fgets($handle, 4096)) !== false) { @@ -309,28 +316,28 @@ } if ($field_name == "group_name") { - foreach ($groups as $field) { - if ($field['group_name'] == $result[$key]) { - //$array[$parent][$row_id]['contact_group_uuid'] = uuid(); - $array[$parent][$row_id]['contact_groups'][$y]['domain_uuid'] = $domain_uuid; - //$array['contact_groups'][$x]['contact_uuid'] = $row['contact_uuid']; - $array[$parent][$row_id]['contact_groups'][$y]['group_uuid'] = $field['group_uuid']; - } + foreach ($groups as $field) { + if ($field['group_name'] == $result[$key]) { + //$array[$parent][$row_id]['contact_group_uuid'] = uuid(); + $array[$parent][$row_id]['contact_groups'][$y]['domain_uuid'] = $domain_uuid; + //$array['contact_groups'][$x]['contact_uuid'] = $row['contact_uuid']; + $array[$parent][$row_id]['contact_groups'][$y]['group_uuid'] = $field['group_uuid']; } + } } if ($field_name == "username") { - foreach ($users as $field) { - if ($field['username'] == $result[$key]) { - //$array[$parent][$row_id]['contact_users'][$y]['contact_group_uuid'] = uuid(); - $array[$parent][$row_id]['contact_users'][$y]['domain_uuid'] = $domain_uuid; - //$array['contact_groups'][$x]['contact_uuid'] = $row['contact_uuid']; - $array[$parent][$row_id]['contact_users'][$y]['user_uuid'] = $field['user_uuid']; - } + foreach ($users as $field) { + if ($field['username'] == $result[$key]) { + //$array[$parent][$row_id]['contact_users'][$y]['contact_group_uuid'] = uuid(); + $array[$parent][$row_id]['contact_users'][$y]['domain_uuid'] = $domain_uuid; + //$array['contact_groups'][$x]['contact_uuid'] = $row['contact_uuid']; + $array[$parent][$row_id]['contact_users'][$y]['user_uuid'] = $field['user_uuid']; } + } } - } //if (strlen($table_name) > 0) - } //end foreach + } + } //process a chunk of the array if ($row_id === 1000) { @@ -340,24 +347,19 @@ $database->app_name = 'contacts'; $database->app_uuid = '04481e0e-a478-c559-adad-52bd4174574c'; $database->save($array); + + //clear the array unset($array); //set the row id back to 0 $row_id = 0; } - //increment row id - $row_id++; } //if ($from_row <= $row_number) $row_number++; - } + $row_id++; + } //end while fclose($handle); - - //debug info - //echo "
\n";
-					//print_r($array);
-					//echo "
\n"; - //exit; //save to the data if (is_array($array)) { @@ -372,84 +374,39 @@ header("Location: contacts.php"); exit; } - - //show the header - require_once "resources/header.php"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "
".$text['header-contacts_import']."\n"; - echo " \n"; - echo "
\n"; - echo " ".$text['message-results']."

\n"; - echo "
\n"; - - //show the results - echo "\n"; - echo "\n"; - echo " \n"; - echo " \n"; - //echo " \n"; - echo " \n"; - echo "\n"; - if ($results) { - foreach($results as $row) { - echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo "\n"; - } - } - echo "
".$text['label-contact_name']."".$text['label-contact_organization']."".$text['label-contact_email']."".$text['label-contact_url']."
\n"; - echo escape($row['FirstName'])." ".escape($row['LastName']); - echo " \n"; - echo escape($row['Company'])." \n"; - echo " \n"; - echo escape($row['EmailAddress'])." \n"; - echo " \n"; - echo escape($row['Web Page'])." \n"; - echo "
\n"; - - //include the footer - require_once "resources/footer.php"; - exit; } +//create token + $object = new token; + $token = $object->create($_SERVER['PHP_SELF']); + //include the header + $document['title'] = $text['title-contacts_import']; require_once "resources/header.php"; -//begin the content - echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo "
\n"; - echo " ".$text['header-contacts_import']."
\n"; - echo " ".$text['description-contacts_import']."\n"; - echo " 		\n"; - echo " \n"; - //echo " \n"; - echo "
"; +//show content + echo "
\n"; - echo "
\n"; + echo "
\n"; + echo "
".$text['header-contacts_import']."
\n"; + echo "
\n"; + echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'style'=>'margin-right: 15px;','link'=>'contacts.php']); + echo button::create(['type'=>'submit','label'=>$text['button-continue'],'icon'=>$_SESSION['theme']['button_icon_upload']]); + echo "
\n"; + echo "
\n"; + echo "
\n"; - echo "\n"; - echo " \n"; + echo $text['description-contacts_import']."\n"; + echo "

\n"; + + echo "
\n"; echo "\n"; - echo "\n"; - echo "\n"; @@ -511,23 +468,21 @@ echo "\n"; echo "\n"; - echo " \n"; - echo "
\n"; + echo "\n"; echo " ".$text['label-import_data']."\n"; echo "\n"; - echo " \n"; + echo "\n"; + echo " \n"; echo "
\n"; echo $text['description-import_data']."\n"; echo "
\n"; + echo "
\n"; + echo "
\n"; + if (function_exists('curl_version') && $_SESSION['contact']['google_oauth_client_id']['text'] != '' && $_SESSION['contact']['google_oauth_client_secret']['text'] != '') { - echo " ".$text['header-contacts_import_google']."\n"; + echo "".$text['header-contacts_import_google']."\n"; } - echo " \n"; - echo " \n"; - echo " \n"; - echo "
\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo "

"; + + echo "
\n"; + + echo "\n"; + echo "\n"; + echo "
"; //include the footer require_once "resources/footer.php"; -?> +?> \ No newline at end of file