sec(Validations) apply all validations again in PHP on Save

tsolucio · Dec 19, 2021 · f6d5022 · f6d5022
1 parent 77515c9
commit f6d5022
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 24 deletions.
diff --git a/modules/Vtiger/Save.php b/modules/Vtiger/Save.php
@@ -7,6 +7,7 @@
  * Portions created by vtiger are Copyright (C) vtiger.
  * All Rights Reserved.
  ************************************************************************************/
+require_once 'modules/Vtiger/ExecuteFunctionsfromphp.php';
 global $current_user, $currentModule, $singlepane_view;
 
 checkFileAccessForInclusion("modules/$currentModule/$currentModule.php");
@@ -93,6 +94,14 @@
 	}
 }
 list($saveerror,$errormessage,$error_action,$returnvalues) = $focus->preSaveCheck($_REQUEST);
+if (!$saveerror) { // if there is no error we still check the defined validations again
+	$validation = executefunctionsvalidate('ValidationLoad', $currentModule, json_encode(vtlib_purify($_REQUEST)));
+	if ($validation != '%%%OK%%%') {
+		$saveerror = true;
+		$errormessage = $validation;
+		$error_action = '';
+	}
+}
 if ($saveerror) { // there is an error so we go back to EditView.
 	$return_module=$return_id=$return_action='';
 	if (isset($_REQUEST['return_id']) && $_REQUEST['return_id'] != '') {

diff --git a/modules/cbMap/processmap/Validations.php b/modules/cbMap/processmap/Validations.php
@@ -406,6 +406,20 @@ private static function addFieldValidations($mapping, $tabid) {
 		$validationData = getDBValidationData(array(), $tabid);
 		foreach ($validationData as $fname => $finfo) {
 			foreach ($finfo as $fvalidation) {
+				if (substr($fvalidation, 0, 2)=='I~') {
+					if (isset($mapping['fields'][$fname])) {
+						$mapping['fields'][$fname][] = array('rule'=>'integer', 'rst'=>array());
+					} else {
+						$mapping['fields'][$fname] = array(array('rule'=>'integer', 'rst'=>array()));
+					}
+				}
+				if (substr($fvalidation, 0, 2)=='N~') {
+					if (isset($mapping['fields'][$fname])) {
+						$mapping['fields'][$fname][] = array('rule'=>'min', 'rst'=>array(0));
+					} else {
+						$mapping['fields'][$fname] = array(array('rule'=>'min', 'rst'=>array(0)));
+					}
+				}
 				if (strpos($fvalidation, '~M')) {
 					if ($fname=='taxclass') {
 						unset($mapping['fields'][$fname]);
@@ -464,31 +478,13 @@ private static function addFieldValidations($mapping, $tabid) {
 		return $mapping;
 	}
 
+	/**
+	 * We just return true because all modules have some validation now that we are checking them all again
+	 * at the very least they are going to have the MySQL varchar limit check and that is in the case that
+	 * all other validations on the module are deactivated (integer, number, ...)
+	 */
 	public static function ValidationsExist($module) {
-		global $adb, $current_user;
-		$crmEntityTable = CRMEntity::getcrmEntityTableAlias('cbMap');
-		$q = "select 1
-			from vtiger_cbmap
-			inner join ".$crmEntityTable." on vtiger_crmentity.crmid=cbmapid
-			where deleted=0 and maptype=? and targetname=? and mapname like '%_Validations' limit 1";
-		$rs = $adb->pquery($q, array('Validations',$module));
-		if ($rs && $adb->num_rows($rs)==1) {
-			return true;
-		}
-		$crmGvEntityTable = CRMEntity::getcrmEntityTableAlias('GlobalVariable');
-		$q = 'select globalvariableid
-			from vtiger_globalvariable
-			inner join '.$crmGvEntityTable.' on vtiger_crmentity.crmid=globalvariableid
-			where vtiger_crmentity.deleted=0 and gvname=? and module_list=? and bmapid!=0 and bmapid is not null';
-		$rs = $adb->pquery($q, array('BusinessMapping_Validations', $module));
-		if ($rs && $adb->num_rows($rs)>0) {
-			while ($gv = $adb->fetch_array($rs)) {
-				if (GlobalVariable::isAppliable($gv['globalvariableid'], $module, $current_user->id)) {
-					return true;
-				}
-			}
-		}
-		return false;
+		return true;
 	}
 
 	public static function recordIsAssignedToInactiveUser() {