modules/EmailMan/Save.php

   1 <?php
   2 if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
   3 /*********************************************************************************
   4  * SugarCRM is a customer relationship management program developed by
   5  * SugarCRM, Inc. Copyright (C) 2004-2011 SugarCRM Inc.
   6  *
   7  * This program is free software; you can redistribute it and/or modify it under
   8  * the terms of the GNU Affero General Public License version 3 as published by the
   9  * Free Software Foundation with the addition of the following permission added
  10  * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
  11  * IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
  12  * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
  13  *
  14  * This program is distributed in the hope that it will be useful, but WITHOUT
  15  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  16  * FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
  17  * details.
  18  *
  19  * You should have received a copy of the GNU Affero General Public License along with
  20  * this program; if not, see http://www.gnu.org/licenses or write to the Free
  21  * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  22  * 02110-1301 USA.
  23  *
  24  * You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
  25  * SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
  26  *
  27  * The interactive user interfaces in modified source and object code versions
  28  * of this program must display Appropriate Legal Notices, as required under
  29  * Section 5 of the GNU Affero General Public License version 3.
  30  *
  31  * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
  32  * these Appropriate Legal Notices must retain the display of the "Powered by
  33  * SugarCRM" logo. If the display of the logo is not reasonably feasible for
  34  * technical reasons, the Appropriate Legal Notices must display the words
  35  * "Powered by SugarCRM".
  36  ********************************************************************************/
  37
  38 /*********************************************************************************
  39
  40  * Description:  TODO: To be written.
  41  * Portions created by SugarCRM are Copyright (C) SugarCRM, Inc.
  42  * All Rights Reserved.
  43  * Contributor(s): ______________________________________..
  44  ********************************************************************************/
  45
  46
  47 require_once('include/OutboundEmail/OutboundEmail.php');
  48 global $current_user;
  49 if ( !is_admin($current_user)
  50                 && !is_admin_for_module($GLOBALS['current_user'],'Emails')
  51             && !is_admin_for_module($GLOBALS['current_user'],'Campaigns') ){
  52 sugar_die("Unauthorized access to administration.");
  53 }
  54
  55 //Do not allow users to spoof for sendmail if the config flag is not set.
  56 if( !isset($sugar_config['allow_sendmail_outbound']) || !$sugar_config['allow_sendmail_outbound'])
  57         $_REQUEST['mail_sendtype'] = "SMTP";
  58
  59 // save Outbound settings  #Bug 20033 Ensure data for Outbound email exists before trying to update the system mailer.
  60 if(isset($_REQUEST['mail_sendtype']) && empty($_REQUEST['campaignConfig'])) {
  61         $oe = new OutboundEmail();
  62         $oe->populateFromPost();
  63         $oe->saveSystem();
  64 }
  65
  66 $focus = new Administration();
  67
  68 if(isset($_POST['tracking_entities_location_type'])) {
  69         if ($_POST['tracking_entities_location_type'] != '2') {
  70                 unset($_POST['tracking_entities_location']);
  71                 unset($_POST['tracking_entities_location_type']);
  72         }
  73 }
  74 // cn: handle mail_smtpauth_req checkbox on/off (removing double reference in the form itself
  75 if( !isset($_POST['mail_smtpauth_req']) )
  76 {
  77     $_POST['mail_smtpauth_req'] = 0;
  78     $_POST['notify_allow_default_outbound'] = 0; //If smtp auth is disabled ensure outbound is disabled.
  79 }
  80
  81 if( !empty($_POST['notify_allow_default_outbound']) )
  82 {
  83     $oe = new OutboundEmail();
  84     if( !$oe->isAllowUserAccessToSystemDefaultOutbound() )
  85         $oe->removeUserOverrideAccounts();
  86 }
  87
  88 $focus->saveConfig();
  89
  90 // save User defaults for emails
  91 $sugar_config['email_default_delete_attachments'] = (isset($_REQUEST['email_default_delete_attachments'])) ? true : false;
  92
  93 ///////////////////////////////////////////////////////////////////////////////
  94 ////    SECURITY
  95 $security = array();
  96 if(isset($_REQUEST['applet'])) $security['applet'] = 'applet';
  97 if(isset($_REQUEST['base'])) $security['base'] = 'base';
  98 if(isset($_REQUEST['embed'])) $security['embed'] = 'embed';
  99 if(isset($_REQUEST['form'])) $security['form'] = 'form';
 100 if(isset($_REQUEST['frame'])) $security['frame'] = 'frame';
 101 if(isset($_REQUEST['frameset'])) $security['frameset'] = 'frameset';
 102 if(isset($_REQUEST['iframe'])) $security['iframe'] = 'iframe';
 103 if(isset($_REQUEST['import'])) $security['import'] = '\?import';
 104 if(isset($_REQUEST['layer'])) $security['layer'] = 'layer';
 105 if(isset($_REQUEST['link'])) $security['link'] = 'link';
 106 if(isset($_REQUEST['object'])) $security['object'] = 'object';
 107 if(isset($_REQUEST['style'])) $security['style'] = 'style';
 108 if(isset($_REQUEST['xmp'])) $security['xmp'] = 'xmp';
 109 $security['script'] = 'script';
 110
 111 $sugar_config['email_xss'] = base64_encode(serialize($security));
 112
 113 ////    SECURITY
 114 ///////////////////////////////////////////////////////////////////////////////
 115
 116 ksort($sugar_config);
 117 write_array_to_file('sugar_config', $sugar_config, 'config.php');
 118
 119 header("Location: index.php?action={$_POST['return_action']}&module={$_POST['return_module']}");
 120 ?>