Issues in vCard.php (scrutinizer-code-quality) - Issues in scrutinizer-code-quality - adamjakab/SuiteCRM - Measure and Improve Code Quality continuously with Scrutinizer

Issues (4069)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

include/vCard.php (2 issues)

Labels

Severity

Minor 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
/*********************************************************************************
 * SugarCRM Community Edition is a customer relationship management program developed by
 * SugarCRM, Inc. Copyright (C) 2004-2013 SugarCRM Inc.

 * SuiteCRM is an extension to SugarCRM Community Edition developed by Salesagility Ltd.
 * Copyright (C) 2011 - 2014 Salesagility Ltd.
 *
 * This program is free software; you can redistribute it and/or modify it under
 * the terms of the GNU Affero General Public License version 3 as published by the
 * Free Software Foundation with the addition of the following permission added
 * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
 * IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
 * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 * FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
 * details.
 *
 * You should have received a copy of the GNU Affero General Public License along with
 * this program; if not, see http://www.gnu.org/licenses or write to the Free
 * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
 * 02110-1301 USA.
 *
 * You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
 * SW2-130, Cupertino, CA 95014, USA. or at email address [email protected].
 *
 * The interactive user interfaces in modified source and object code versions
 * of this program must display Appropriate Legal Notices, as required under
 * Section 5 of the GNU Affero General Public License version 3.
 *
 * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
 * these Appropriate Legal Notices must retain the display of the "Powered by
 * SugarCRM" logo and "Supercharged by SuiteCRM" logo. If the display of the logos is not
 * reasonably feasible for  technical reasons, the Appropriate Legal Notices must
 * display the words  "Powered by SugarCRM" and "Supercharged by SuiteCRM".
 ********************************************************************************/

/**
 * vCard implementation
 * @api
 */
class vCard
{
	protected $properties = array();

	protected $name = 'no_name';

	public function clear()
	{
		$this->properties = array();
	}

	function loadContact($contactid, $module='Contacts') {
		global $app_list_strings;

		require_once($GLOBALS['beanFiles'][$GLOBALS['beanList'][$module]]);
		$contact = new $GLOBALS['beanList'][$module]();
		$contact->retrieve($contactid);
		// cn: bug 8504 - CF/LB break Outlook's vCard import
		$bad = array("\n", "\r");
		$good = array("=0A", "=0D");
		$encoding = '';
		if(strpos($contact->primary_address_street, "\n") || strpos($contact->primary_address_street, "\r")) {
			$contact->primary_address_street = str_replace($bad, $good, $contact->primary_address_street);
			$encoding = 'QUOTED-PRINTABLE';
		}

		$this->setName(from_html($contact->first_name), from_html($contact->last_name), $app_list_strings['salutation_dom'][from_html($contact->salutation)]);
		if ( isset($contact->birthdate) )
            $this->setBirthDate(from_html($contact->birthdate));
		$this->setPhoneNumber(from_html($contact->phone_fax), 'FAX');
		$this->setPhoneNumber(from_html($contact->phone_home), 'HOME');
		$this->setPhoneNumber(from_html($contact->phone_mobile), 'CELL');
		$this->setPhoneNumber(from_html($contact->phone_work), 'WORK');
		$this->setEmail(from_html($contact->email1));
		$this->setAddress(from_html($contact->primary_address_street), from_html($contact->primary_address_city), from_html($contact->primary_address_state), from_html($contact->primary_address_postalcode), from_html($contact->primary_address_country), 'WORK', $encoding);
		if ( isset($contact->account_name) )
            $this->setORG(from_html($contact->account_name), from_html($contact->department));
        else
            $this->setORG('', from_html($contact->department));
		$this->setTitle($contact->title);
	}

	function setTitle($title){
		$this->setProperty("TITLE",$title );
	}
	function setORG($org, $dep){
		$this->setProperty("ORG","$org;$dep" );
	}
	function setAddress($address, $city, $state,$postal, $country, $type, $encoding=''){
		if(!empty($encoding)) {
			$encoding = ";ENCODING={$encoding}";
		}
		$this->setProperty("ADR;$type$encoding",";;$address;$city;$state;$postal;$country" );
	}

	function setName($first_name, $last_name, $prefix){
		$this->name = strtr($first_name.'_'.$last_name, ' ' , '_');
		$this->setProperty('N',$last_name.';'.$first_name.';;'.$prefix );
		$this->setProperty('FN',"$prefix $first_name $last_name");
	}

	function setEmail($address){
		$this->setProperty('EMAIL;INTERNET', $address);
	}

	function setPhoneNumber( $number, $type)
	{
		if($type != 'FAX') {
		    $this->setProperty("TEL;$type", $number);
		}
		else {
		    $this->setProperty("TEL;WORK;$type", $number);
		}
	}
	function setBirthDate($date){
			$this->setProperty('BDAY',$date);
	}
	function getProperty($name){
		if(isset($this->properties[$name]))
			return $this->properties[$name];
		return null;
	}

	function setProperty($name, $value){
		$this->properties[$name] = $value;
	}

	function toString(){
	    global $locale;
		$temp = "BEGIN:VCARD\n";
		foreach($this->properties as $key=>$value){
		    if(!empty($value)) {
			    $temp .= $key. ';CHARSET='.strtolower($locale->getExportCharset()).':'.$value."\n";
		    } else {
		        $temp .= $key. ':'.$value."\n";
		    }
		}
		$temp.= "END:VCARD\n";


		return $temp;
	}

	function saveVCard(){
		global $locale;
		$content = $this->toString();
		if ( !defined('SUITE_PHPUNIT_RUNNER') ) {
            header("Content-Disposition: attachment; filename={$this->name}.vcf");
            header("Content-Type: text/x-vcard; charset=".$locale->getExportCharset());
            header("Expires: Mon, 26 Jul 1997 05:00:00 GMT" );
            header("Last-Modified: " . TimeDate::httpTime() );
            header("Cache-Control: max-age=0");
            header("Pragma: public");
            //bug45856 IIS Doesn't like this to be set and it causes the vCard to not get saved
            if (preg_match('/iis/i', $_SERVER['SERVER_SOFTWARE']) === 0) {
                header("Content-Length: ".strlen($content));
            }
        }

		print $locale->translateCharset($content, 'UTF-8', $locale->getExportCharset());
	}

    function importVCard($filename, $module = 'Contacts')
    {
        global $current_user;
        $lines = file($filename);
        $start = false;

        $bean = BeanFactory::getBean($module);
        $bean->assigned_user_id = $current_user->id;
        $email_suffix = 1;

        for ($index = 0; $index < sizeof($lines); $index++)
for ($i=0; $i<count($array); $i++) { // calls count() on each iteration
}

// Better
for ($i=0, $c=count($array); $i<$c; $i++) { // calls count() just once
}
        {
            $line = $lines[$index];

            // check the encoding and change it if needed
            $locale = new Localization();
            $encoding = false;
            //detect charset
            if (preg_match("/CHARSET=([A-Z]+([A-Z0-9]-?)*):/", $line, $matches)) {
                //found charset hint in vcard
                $encoding = $matches[1];
            } else {
                //use locale to detect charset automatically
                $encoding = $locale->detectCharset($line);
            }
            if ( $encoding != $GLOBALS['sugar_config']['default_charset'] )
            {
                $line = $locale->translateCharset($line, $encoding);
            }

            $line = trim($line);
            if ($start)
            {
                //VCARD is done
                if (substr_count(strtoupper($line), 'END:VCARD'))
                {
                    if (!isset($bean->last_name) && !empty($fullname))
                    {
                        $bean->last_name = $fullname;
                    }
                    break;
                }

                $keyvalue = explode(':', $line);
                if (sizeof($keyvalue) == 2)
                {
                    $value = $keyvalue[1];
                    for ($newindex = $index + 1;  $newindex < sizeof($lines), substr_count($lines[$newindex], ':') == 0; $newindex++)
for ($i=0; $i<count($array); $i++) { // calls count() on each iteration
}

// Better
for ($i=0, $c=count($array); $i<$c; $i++) { // calls count() just once
}
                    {
                        $value .= $lines[$newindex];
                        $index = $newindex;
                    }
                    $values = explode(';', $value);
                    $key = strtoupper($keyvalue[0]);
                    $key = strtr($key, '=', '');
                    $key = strtr($key, ',', ';');
                    $keys = explode(';', $key);

                    if($keys[0] == 'TEL')
                    {
                        if(substr_count($key, 'WORK') > 0)
                        {
                            if(substr_count($key, 'FAX') > 0)
                            {
                                if(!isset($bean->phone_fax))
                                {
                                    $bean->phone_fax = $value;
                                }
                            }
                            else
                            {
                                if(!isset($bean->phone_work))
                                {
                                    $bean->phone_work = $value;
                                }
                            }
                        }

                        if (substr_count($key, 'HOME') > 0)
                        {
                            if (substr_count($key, 'FAX') > 0)
                            {
                                if (!isset($bean->phone_fax))
                                {
                                    $bean->phone_fax = $value;
                                }
                            }
                            else
                            {
                                if (!isset($bean->phone_home))
                                {
                                    $bean->phone_home = $value;
                                }
                            }
                        }
                        if (substr_count($key, 'CELL') > 0)
                        {
                            if (!isset($bean->phone_mobile))
                            {
                                $bean->phone_mobile = $value;
                            }
                        }
                        if (substr_count($key, 'FAX') > 0)
                        {
                            if (!isset($bean->phone_fax))
                            {
                                $bean->phone_fax = $value;
                            }
                        }
                    }

                    if ($keys[0] == 'N')
                    {
                        if (sizeof($values) > 0)
                        {
                            $bean->last_name = $values[0];
                        }
                        if (sizeof($values) > 1)
                        {
                            $bean->first_name = $values[1];
                        }
                        if (sizeof($values) > 2)
                        {
                            $bean->salutation = $values[2];
                        }
                    }

                    if ($keys[0] == 'FN')
                    {
                        $fullname = $value;
                    }
                }

                if ($keys[0] == 'ADR')
                {
                    if (substr_count($key, 'WORK') > 0 && (substr_count($key, 'POSTAL') > 0|| substr_count($key, 'PARCEL') == 0))
                    {
                        if (!isset($bean->primary_address_street) && sizeof($values) > 2)
                        {
                            $textBreaks = array("\n", "\r");
                            $vcardBreaks = array("=0A", "=0D");
                            $bean->primary_address_street = str_replace($vcardBreaks, $textBreaks, $values[2]);
                        }
                        if (!isset($bean->primary_address_city) && sizeof($values) > 3)
                        {
                            $bean->primary_address_city = $values[3];
                        }
                        if (!isset($bean->primary_address_state) && sizeof($values) > 4)
                        {
                            $bean->primary_address_state = $values[4];
                        }
                        if (!isset($bean->primary_address_postalcode) && sizeof($values) > 5)
                        {
                            $bean->primary_address_postalcode = $values[5];
                        }
                        if (!isset($bean->primary_address_country) && sizeof($values) > 6)
                        {
                            $bean->primary_address_country = $values[6];
                        }
                    }
                }

                if ($keys[0] == 'TITLE')
                {
                    $bean->title = $value;
                }
                if ($keys[0] == 'EMAIL')
                {
                    $field = 'email' . $email_suffix;
                    if (!isset($bean->$field))
                    {
                        $bean->$field = $value;
                    }
                    if ($email_suffix == 1)
                    {
                        $_REQUEST['email1'] = $value;
                    }
                    $email_suffix++;
                }

                if ($keys[0] == 'ORG')
                {
                    $GLOBALS['log']->debug('I found a company name');
                    if (!empty($value))
                    {
                        $GLOBALS['log']->debug('I found a company name (fer real)');
                        if ( is_a($bean,"Contact") || is_a($bean,"Lead") )
                        {
                            $GLOBALS['log']->debug('And Im dealing with a person!');
                            $accountBean = BeanFactory::getBean('Accounts');
                            // It's a contact, we better try and match up an account
                            $full_company_name = trim($values[0]);
                            // Do we have a full company name match?
                            $result = $accountBean->retrieve_by_string_fields(array('name' => $full_company_name, 'deleted' => 0));
                            if ( ! isset($result->id) )
                            {
                                // Try to trim the full company name down, see if we get some other matches
                                $vCardTrimStrings = array('/ltd\.*/i'=>'',
                                                            '/llc\.*/i'=>'',
                                                            '/gmbh\.*/i'=>'',
                                                            '/inc\.*/i'=>'',
                                                            '/\.com/i'=>'',
                                                    );
                                // Allow users to override the trimming strings
                                if ( file_exists('custom/include/vCardTrimStrings.php') )
                                {
                                    require_once('custom/include/vCardTrimStrings.php');
                                }
                                $short_company_name = trim(preg_replace(array_keys($vCardTrimStrings), $vCardTrimStrings,$full_company_name), " ,.");

                                $GLOBALS['log']->debug('Trying an extended search for: ' . $short_company_name);
                                $result = $accountBean->retrieve_by_string_fields(array('name' => $short_company_name, 'deleted' => 0));
                            }

                            if (  is_a($bean, "Lead") || ! isset($result->id) )
                            {
                                // We could not find a parent account, or this is a lead so only copy the name, no linking
                                $GLOBALS['log']->debug("Did not find a matching company ($full_company_name)");
                                $bean->account_id = '';
                                $bean->account_name = $full_company_name;
                            }
                            else
                            {
                                $GLOBALS['log']->debug("Found a matching company: " . $result->name);
                                $bean->account_id = $result->id;
                                $bean->account_name = $result->name;
                            }
                            $bean->department = $values[1];
                        }
                        else
                        {
                            $bean->department = $value;
                        }
                    }

                }

            }

            //FOUND THE BEGINING OF THE VCARD
            if (!$start && substr_count(strtoupper($line), 'BEGIN:VCARD'))
            {
                $start = true;
            }
        }

        foreach ($bean->get_import_required_fields() as $key => $value)
        {
            if (empty($bean->$key))
            {
                $GLOBALS['log']->error("Cannot import vCard, required field is not set: $key");
                return;
            }
        }

        if ( is_a($bean, "Contact") && empty($bean->account_id) && !empty($bean->account_name) )
        {
            $GLOBALS['log']->debug("Look ma! I'm creating a new account: " . $bean->account_name);
            // We need to create a new account
            $accountBean = BeanFactory::getBean('Accounts');
            // Populate the newly created account with all of the contact information
            foreach ( $bean->field_defs as $field_name => $field_def )
            {
                if ( !empty($bean->$field_name) )
                {
                    $accountBean->$field_name = $bean->$field_name;
                }
            }
            $accountBean->name = $bean->account_name;
            $accountBean->save();
            $bean->account_id = $accountBean->id;
        }

        $beanId = $bean->save();
        return $beanId;
	}
}

?>


1		<?php
2	1	if(!defined('sugarEntry') \|\| !sugarEntry) die('Not A Valid Entry Point');
3		/*********************************************************************************
4		* SugarCRM Community Edition is a customer relationship management program developed by
5		* SugarCRM, Inc. Copyright (C) 2004-2013 SugarCRM Inc.
6
7		* SuiteCRM is an extension to SugarCRM Community Edition developed by Salesagility Ltd.
8		* Copyright (C) 2011 - 2014 Salesagility Ltd.
9		*
10		* This program is free software; you can redistribute it and/or modify it under
11		* the terms of the GNU Affero General Public License version 3 as published by the
12		* Free Software Foundation with the addition of the following permission added
13		* to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
14		* IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
15		* OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
16		*
17		* This program is distributed in the hope that it will be useful, but WITHOUT
18		* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
19		* FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
20		* details.
21		*
22		* You should have received a copy of the GNU Affero General Public License along with
23		* this program; if not, see http://www.gnu.org/licenses or write to the Free
24		* Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
25		* 02110-1301 USA.
26		*
27		* You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
28		* SW2-130, Cupertino, CA 95014, USA. or at email address [email protected].
29		*
30		* The interactive user interfaces in modified source and object code versions
31		* of this program must display Appropriate Legal Notices, as required under
32		* Section 5 of the GNU Affero General Public License version 3.
33		*
34		* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
35		* these Appropriate Legal Notices must retain the display of the "Powered by
36		* SugarCRM" logo and "Supercharged by SuiteCRM" logo. If the display of the logos is not
37		* reasonably feasible for technical reasons, the Appropriate Legal Notices must
38		* display the words "Powered by SugarCRM" and "Supercharged by SuiteCRM".
39		********************************************************************************/
40
41		/**
42		* vCard implementation
43		* @api
44		*/
45		class vCard
46		{
47		protected $properties = array();
48
49		protected $name = 'no_name';
50
51		public function clear()
52		{
53		$this->properties = array();
54		}
55
56	1	function loadContact($contactid, $module='Contacts') {
57	1	global $app_list_strings;
58
59	1	require_once($GLOBALS['beanFiles'][$GLOBALS['beanList'][$module]]);
60	1	$contact = new $GLOBALS['beanList'][$module]();
61	1	$contact->retrieve($contactid);
62		// cn: bug 8504 - CF/LB break Outlook's vCard import
63	1	$bad = array("\n", "\r");
64	1	$good = array("=0A", "=0D");
65	1	$encoding = '';
66	1	if(strpos($contact->primary_address_street, "\n") \|\| strpos($contact->primary_address_street, "\r")) {
67		$contact->primary_address_street = str_replace($bad, $good, $contact->primary_address_street);
68		$encoding = 'QUOTED-PRINTABLE';
69		}
70
71	1	$this->setName(from_html($contact->first_name), from_html($contact->last_name), $app_list_strings['salutation_dom'][from_html($contact->salutation)]);
72	1	if ( isset($contact->birthdate) )
73		$this->setBirthDate(from_html($contact->birthdate));
74	1	$this->setPhoneNumber(from_html($contact->phone_fax), 'FAX');
75	1	$this->setPhoneNumber(from_html($contact->phone_home), 'HOME');
76	1	$this->setPhoneNumber(from_html($contact->phone_mobile), 'CELL');
77	1	$this->setPhoneNumber(from_html($contact->phone_work), 'WORK');
78	1	$this->setEmail(from_html($contact->email1));
79	1	$this->setAddress(from_html($contact->primary_address_street), from_html($contact->primary_address_city), from_html($contact->primary_address_state), from_html($contact->primary_address_postalcode), from_html($contact->primary_address_country), 'WORK', $encoding);
80	1	if ( isset($contact->account_name) )
81		$this->setORG(from_html($contact->account_name), from_html($contact->department));
82		else
83	1	$this->setORG('', from_html($contact->department));
84	1	$this->setTitle($contact->title);
85	1	}
86
87	1	function setTitle($title){
88	1	$this->setProperty("TITLE",$title );
89	1	}
90	1	function setORG($org, $dep){
91	1	$this->setProperty("ORG","$org;$dep" );
92	1	}
93	1	function setAddress($address, $city, $state,$postal, $country, $type, $encoding=''){
94	1	if(!empty($encoding)) {
95		$encoding = ";ENCODING={$encoding}";
96		}
97	1	$this->setProperty("ADR;$type$encoding",";;$address;$city;$state;$postal;$country" );
98	1	}
99
100	1	function setName($first_name, $last_name, $prefix){
101	1	$this->name = strtr($first_name.'_'.$last_name, ' ' , '_');
102	1	$this->setProperty('N',$last_name.';'.$first_name.';;'.$prefix );
103	1	$this->setProperty('FN',"$prefix $first_name $last_name");
104	1	}
105
106	1	function setEmail($address){
107	1	$this->setProperty('EMAIL;INTERNET', $address);
108	1	}
109
110	1	function setPhoneNumber( $number, $type)
111		{
112	1	if($type != 'FAX') {
113	1	$this->setProperty("TEL;$type", $number);
114		}
115		else {
116	1	$this->setProperty("TEL;WORK;$type", $number);
117		}
118	1	}
119		function setBirthDate($date){
120		$this->setProperty('BDAY',$date);
121		}
122		function getProperty($name){
123		if(isset($this->properties[$name]))
124		return $this->properties[$name];
125		return null;
126		}
127
128	1	function setProperty($name, $value){
129	1	$this->properties[$name] = $value;
130	1	}
131
132	1	function toString(){
133	1	global $locale;
134	1	$temp = "BEGIN:VCARD\n";
135	1	foreach($this->properties as $key=>$value){
136	1	if(!empty($value)) {
137	1	$temp .= $key. ';CHARSET='.strtolower($locale->getExportCharset()).':'.$value."\n";
138		} else {
139	1	$temp .= $key. ':'.$value."\n";
140		}
141		}
142	1	$temp.= "END:VCARD\n";
143
144
145	1	return $temp;
146		}
147
148	1	function saveVCard(){
149	1	global $locale;
150	1	$content = $this->toString();
151	1	if ( !defined('SUITE_PHPUNIT_RUNNER') ) {
152		header("Content-Disposition: attachment; filename={$this->name}.vcf");
153		header("Content-Type: text/x-vcard; charset=".$locale->getExportCharset());
154		header("Expires: Mon, 26 Jul 1997 05:00:00 GMT" );
155		header("Last-Modified: " . TimeDate::httpTime() );
156		header("Cache-Control: max-age=0");
157		header("Pragma: public");
158		//bug45856 IIS Doesn't like this to be set and it causes the vCard to not get saved
159		if (preg_match('/iis/i', $_SERVER['SERVER_SOFTWARE']) === 0) {
160		header("Content-Length: ".strlen($content));
161		}
162		}
163
164	1	print $locale->translateCharset($content, 'UTF-8', $locale->getExportCharset());
165	1	}
166
167		function importVCard($filename, $module = 'Contacts')
168		{
169		global $current_user;
170		$lines = file($filename);
171		$start = false;
172
173		$bean = BeanFactory::getBean($module);
174		$bean->assigned_user_id = $current_user->id;
175		$email_suffix = 1;
176
177		for ($index = 0; $index < sizeof($lines); $index++)
		0 ignored issues – show Performance Best Practice introduced 2016-03-07 17:58 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are calling the size function `sizeof()` as part of the test condition. You might want to compute the size beforehand, and not on each iteration. If the size of the collection does not change during the iteration, it is generally a good practice to compute it beforehand, and not on each iteration: for ($i=0; $i<count($array); $i++) { // calls count() on each iteration } // Better for ($i=0, $c=count($array); $i<$c; $i++) { // calls count() just once } Loading history...
178		{
179		$line = $lines[$index];
180
181		// check the encoding and change it if needed
182		$locale = new Localization();
183		$encoding = false;
184		//detect charset
185		if (preg_match("/CHARSET=([A-Z]+([A-Z0-9]-?)*):/", $line, $matches)) {
186		//found charset hint in vcard
187		$encoding = $matches[1];
188		} else {
189		//use locale to detect charset automatically
190		$encoding = $locale->detectCharset($line);
191		}
192		if ( $encoding != $GLOBALS['sugar_config']['default_charset'] )
193		{
194		$line = $locale->translateCharset($line, $encoding);
195		}
196
197		$line = trim($line);
198		if ($start)
199		{
200		//VCARD is done
201		if (substr_count(strtoupper($line), 'END:VCARD'))
202		{
203		if (!isset($bean->last_name) && !empty($fullname))
204		{
205		$bean->last_name = $fullname;
206		}
207		break;
208		}
209
210		$keyvalue = explode(':', $line);
211		if (sizeof($keyvalue) == 2)
212		{
213		$value = $keyvalue[1];
214		for ($newindex = $index + 1; $newindex < sizeof($lines), substr_count($lines[$newindex], ':') == 0; $newindex++)
		0 ignored issues – show Performance Best Practice introduced 2016-03-07 17:58 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like you are calling the size function `sizeof()` as part of the test condition. You might want to compute the size beforehand, and not on each iteration. If the size of the collection does not change during the iteration, it is generally a good practice to compute it beforehand, and not on each iteration: for ($i=0; $i<count($array); $i++) { // calls count() on each iteration } // Better for ($i=0, $c=count($array); $i<$c; $i++) { // calls count() just once } Loading history...
215		{
216		$value .= $lines[$newindex];
217		$index = $newindex;
218		}
219		$values = explode(';', $value);
220		$key = strtoupper($keyvalue[0]);
221		$key = strtr($key, '=', '');
222		$key = strtr($key, ',', ';');
223		$keys = explode(';', $key);
224
225		if($keys[0] == 'TEL')
226		{
227		if(substr_count($key, 'WORK') > 0)
228		{
229		if(substr_count($key, 'FAX') > 0)
230		{
231		if(!isset($bean->phone_fax))
232		{
233		$bean->phone_fax = $value;
234		}
235		}
236		else
237		{
238		if(!isset($bean->phone_work))
239		{
240		$bean->phone_work = $value;
241		}
242		}
243		}
244
245		if (substr_count($key, 'HOME') > 0)
246		{
247		if (substr_count($key, 'FAX') > 0)
248		{
249		if (!isset($bean->phone_fax))
250		{
251		$bean->phone_fax = $value;
252		}
253		}
254		else
255		{
256		if (!isset($bean->phone_home))
257		{
258		$bean->phone_home = $value;
259		}
260		}
261		}
262		if (substr_count($key, 'CELL') > 0)
263		{
264		if (!isset($bean->phone_mobile))
265		{
266		$bean->phone_mobile = $value;
267		}
268		}
269		if (substr_count($key, 'FAX') > 0)
270		{
271		if (!isset($bean->phone_fax))
272		{
273		$bean->phone_fax = $value;
274		}
275		}
276		}
277
278		if ($keys[0] == 'N')
279		{
280		if (sizeof($values) > 0)
281		{
282		$bean->last_name = $values[0];
283		}
284		if (sizeof($values) > 1)
285		{
286		$bean->first_name = $values[1];
287		}
288		if (sizeof($values) > 2)
289		{
290		$bean->salutation = $values[2];
291		}
292		}
293
294		if ($keys[0] == 'FN')
295		{
296		$fullname = $value;
297		}
298		}
299
300		if ($keys[0] == 'ADR')
301		{
302		if (substr_count($key, 'WORK') > 0 && (substr_count($key, 'POSTAL') > 0\|\| substr_count($key, 'PARCEL') == 0))
303		{
304		if (!isset($bean->primary_address_street) && sizeof($values) > 2)
305		{
306		$textBreaks = array("\n", "\r");
307		$vcardBreaks = array("=0A", "=0D");
308		$bean->primary_address_street = str_replace($vcardBreaks, $textBreaks, $values[2]);
309		}
310		if (!isset($bean->primary_address_city) && sizeof($values) > 3)
311		{
312		$bean->primary_address_city = $values[3];
313		}
314		if (!isset($bean->primary_address_state) && sizeof($values) > 4)
315		{
316		$bean->primary_address_state = $values[4];
317		}
318		if (!isset($bean->primary_address_postalcode) && sizeof($values) > 5)
319		{
320		$bean->primary_address_postalcode = $values[5];
321		}
322		if (!isset($bean->primary_address_country) && sizeof($values) > 6)
323		{
324		$bean->primary_address_country = $values[6];
325		}
326		}
327		}
328
329		if ($keys[0] == 'TITLE')
330		{
331		$bean->title = $value;
332		}
333		if ($keys[0] == 'EMAIL')
334		{
335		$field = 'email' . $email_suffix;
336		if (!isset($bean->$field))
337		{
338		$bean->$field = $value;
339		}
340		if ($email_suffix == 1)
341		{
342		$_REQUEST['email1'] = $value;
343		}
344		$email_suffix++;
345		}
346
347		if ($keys[0] == 'ORG')
348		{
349		$GLOBALS['log']->debug('I found a company name');
350		if (!empty($value))
351		{
352		$GLOBALS['log']->debug('I found a company name (fer real)');
353		if ( is_a($bean,"Contact") \|\| is_a($bean,"Lead") )
354		{
355		$GLOBALS['log']->debug('And Im dealing with a person!');
356		$accountBean = BeanFactory::getBean('Accounts');
357		// It's a contact, we better try and match up an account
358		$full_company_name = trim($values[0]);
359		// Do we have a full company name match?
360		$result = $accountBean->retrieve_by_string_fields(array('name' => $full_company_name, 'deleted' => 0));
361		if ( ! isset($result->id) )
362		{
363		// Try to trim the full company name down, see if we get some other matches
364		$vCardTrimStrings = array('/ltd\.*/i'=>'',
365		'/llc\.*/i'=>'',
366		'/gmbh\.*/i'=>'',
367		'/inc\.*/i'=>'',
368		'/\.com/i'=>'',
369		);
370		// Allow users to override the trimming strings
371		if ( file_exists('custom/include/vCardTrimStrings.php') )
372		{
373		require_once('custom/include/vCardTrimStrings.php');
374		}
375		$short_company_name = trim(preg_replace(array_keys($vCardTrimStrings), $vCardTrimStrings,$full_company_name), " ,.");
376
377		$GLOBALS['log']->debug('Trying an extended search for: ' . $short_company_name);
378		$result = $accountBean->retrieve_by_string_fields(array('name' => $short_company_name, 'deleted' => 0));
379		}
380
381		if ( is_a($bean, "Lead") \|\| ! isset($result->id) )
382		{
383		// We could not find a parent account, or this is a lead so only copy the name, no linking
384		$GLOBALS['log']->debug("Did not find a matching company ($full_company_name)");
385		$bean->account_id = '';
386		$bean->account_name = $full_company_name;
387		}
388		else
389		{
390		$GLOBALS['log']->debug("Found a matching company: " . $result->name);
391		$bean->account_id = $result->id;
392		$bean->account_name = $result->name;
393		}
394		$bean->department = $values[1];
395		}
396		else
397		{
398		$bean->department = $value;
399		}
400		}
401
402		}
403
404		}
405
406		//FOUND THE BEGINING OF THE VCARD
407		if (!$start && substr_count(strtoupper($line), 'BEGIN:VCARD'))
408		{
409		$start = true;
410		}
411		}
412
413		foreach ($bean->get_import_required_fields() as $key => $value)
414		{
415		if (empty($bean->$key))
416		{
417		$GLOBALS['log']->error("Cannot import vCard, required field is not set: $key");
418		return;
419		}
420		}
421
422		if ( is_a($bean, "Contact") && empty($bean->account_id) && !empty($bean->account_name) )
423		{
424		$GLOBALS['log']->debug("Look ma! I'm creating a new account: " . $bean->account_name);
425		// We need to create a new account
426		$accountBean = BeanFactory::getBean('Accounts');
427		// Populate the newly created account with all of the contact information
428		foreach ( $bean->field_defs as $field_name => $field_def )
429		{
430		if ( !empty($bean->$field_name) )
431		{
432		$accountBean->$field_name = $bean->$field_name;
433		}
434		}
435		$accountBean->name = $bean->account_name;
436		$accountBean->save();
437		$bean->account_id = $accountBean->id;
438		}
439
440		$beanId = $bean->save();
441		return $beanId;
442		}
443		}
444
445		?>
446

adamjakab / SuiteCRM

Issues (4069)

Security Analysis not enabled

include/vCard.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like