[freeside-commits] branch master updated. fe293dc0ca4ea3939de9c2ad28d3aaf7c8980644

Wed Sep 12 20:36:51 PDT 2018

The branch, master has been updated
       via  fe293dc0ca4ea3939de9c2ad28d3aaf7c8980644 (commit)
       via  c7ca3214418c5ccf928d385b9f8ca08ceab87790 (commit)
      from  30fabfe8ce8c9a48fa96c6a50d48b32161b1680f (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit fe293dc0ca4ea3939de9c2ad28d3aaf7c8980644
Author: Mitch Jackson <mitch at freeside.biz>
Date:   Wed Sep 12 23:32:52 2018 -0400

    RT# 80624 Detect and warn for bad MS Edge version

diff --git a/httemplate/elements/header.html b/httemplate/elements/header.html
index c6b10e301..6df45fb07 100644
--- a/httemplate/elements/header.html
+++ b/httemplate/elements/header.html
@@ -4,3 +4,4 @@
 % } else {
 <& header-full.html, @_ &>
 % }
+<& /misc/edge_browser_check-header.html &>
diff --git a/httemplate/misc/edge_browser_check-fail_notice.html b/httemplate/misc/edge_browser_check-fail_notice.html
new file mode 100644
index 000000000..fb42ffe8e
--- /dev/null
+++ b/httemplate/misc/edge_browser_check-fail_notice.html
@@ -0,0 +1,25 @@
+<& /elements/header.html, "Edge browser bug" &>
+
+<div id="edgebug" style="border: solid 1px #888; border-radius: 4px; margin: 5em; max-width: 400px; text-align: left; padding: 0 1em; background-color: #ffe; box-shadow: 2px 2px 4px">
+  <div style="text-align: center; font-size: 3em; color: #933; text-shadow: 1px 1px 2px black;">
+    ⚠
+  </div>
+  <h4 style="border-bottom: solid 1px #888; margin: 1em 0; text-align: center;">
+    Edge Browser Bug
+  </h4>
+  <p>
+    Your copy of Microsoft Edge has a data corrupting bug.
+  </p>
+  <p>
+    Microsoft fixed this bug with the <b>July RS4 Windows 10 Update</b>.
+    Please update your copy of Windows.
+  </p>
+  <p>
+    Alternatively, you may choose to use
+    <a href="https://mozilla.org/en-US/firefox/new/">Mozilla Firefox</a>
+    or <a href="https://chrome.google.com">Google Chrome</a>. They
+    are not affected by this bug.
+  </p>
+</div>
+
+<& /elements/footer.html &>
\ No newline at end of file
diff --git a/httemplate/misc/edge_browser_check-header.html b/httemplate/misc/edge_browser_check-header.html
new file mode 100644
index 000000000..e7666aec4
--- /dev/null
+++ b/httemplate/misc/edge_browser_check-header.html
@@ -0,0 +1,32 @@
+% if ( $force_redirect ) {
+  <script type="text/javascript">
+    if ( <% $DEBUG %> || /Edge\/17\.17134/.test( navigator.userAgent )) {
+      if ( window.location.href.indexOf("fail_notice") == -1 ) {
+        window.location.href = "<% $fsurl %>misc/edge_browser_check-fail_notice.html";
+      }
+    }
+  </script>
+% } elsif ( $do_check ) {
+  <iframe id="edge_browser_check_iframe" style="display:none;"></iframe>
+  <script type="text/javascript">
+    if ( <% $DEBUG %> || /Edge\/17\.17134/.test( navigator.userAgent )) {
+      $("#edge_browser_check_iframe").attr(
+        'src',
+        '<% $fsurl %>misc/edge_browser_check-iframe.html?edge_browser_check=1'
+      );
+    }
+  </script>
+% }
+<%init>
+my $curuser = $FS::CurrentUser::CurrentUser;
+my $cgi = FS::UID::cgi();
+my $DEBUG = 0;
+
+my $do_check = 0;
+$do_check = 1
+  if $curuser
+  && !$cgi->param('edge_browser_check')
+  && $curuser->get_pref('edge_bug_vulnerable') ne 'N';
+
+my $force_redirect = $curuser->get_pref('edge_bug_vulnerable') eq 'Y' ? 1 : 0;
+</%init>
\ No newline at end of file
diff --git a/httemplate/misc/edge_browser_check-iframe.html b/httemplate/misc/edge_browser_check-iframe.html
new file mode 100644
index 000000000..e804fc676
--- /dev/null
+++ b/httemplate/misc/edge_browser_check-iframe.html
@@ -0,0 +1,35 @@
+<form id="canary-form" action="<% $fsurl %>misc/edge_browser_check-iframe.html" method="POST">
+<input type="text" id="canary-result" value="<% scalar $cgi->param('edge_browser_canary') %>">
+<select name="edge_browser_canary">
+  <option>test
+  <option>test
+</select>
+<input id="canary-submit" type="submit">
+</form>
+
+<script type="text/javascript" src="<% $fsurl %>elements/jquery.js"></script>
+<script type="text/javascript">
+  $( function() {
+    if ( ! $("#canary-result").val() ) {
+      $("#canary-form").submit();
+    }
+  });
+</script>
+
+<%init>
+my $cgi = FS::UID::cgi();
+my $curuser = $FS::CurrentUser::CurrentUser;
+
+if ( $curuser ) {
+  my $canary = $cgi->param('edge_browser_canary');
+  $curuser->set_pref(
+    'edge_bug_vulnerable',
+
+    $canary eq 'test' ? 'Y' : 'Y',
+
+    # Don't test this user's session for the next 10m
+    time() + 600,
+  );
+}
+
+</%init>
\ No newline at end of file

commit c7ca3214418c5ccf928d385b9f8ca08ceab87790
Author: Mitch Jackson <mitch at freeside.biz>
Date:   Wed Sep 12 18:56:59 2018 -0400

    RT# 80624 FS::access_user methods for access_user_pref relation

diff --git a/FS/FS/access_user.pm b/FS/FS/access_user.pm
index a9fdf5b1e..f23aa77f9 100644
--- a/FS/FS/access_user.pm
+++ b/FS/FS/access_user.pm
@@ -12,6 +12,7 @@ use FS::Record qw( qsearch qsearchs dbh );
 use FS::agent;
 use FS::cust_main;
 use FS::sales;
+use Carp qw( croak );
 
 $DEBUG = 0;
 $me = '[FS::access_user]';
@@ -814,6 +815,103 @@ sub set_page_pref {
   return $error;
 }
 
+=item get_pref NAME
+
+Fetch the prefvalue column from L<FS::access_user_pref> for prefname NAME
+
+Returns undef when no value has been saved, or when record has expired
+
+=cut
+
+sub get_pref {
+  my ( $self, $prefname ) = @_;
+  croak 'prefname parameter requrired' unless $prefname;
+
+  my $pref_row = $self->get_pref_row( $prefname )
+    or return undef;
+
+  return undef
+    if $pref_row->expiration
+    && $pref_row->expiration < time();
+
+  $pref_row->prefvalue;
+}
+
+=item get_pref_row NAME
+
+Fetch the row object from L<FS::access_user_pref> for prefname NAME
+
+returns undef when no row has been created
+
+=cut
+
+sub get_pref_row {
+  my ( $self, $prefname ) = @_;
+  croak 'prefname parameter required' unless $prefname;
+
+  qsearchs(
+    access_user_pref => {
+      usernum    => $self->usernum,
+      prefname   => $prefname,
+    }
+  );
+}
+
+=item set_pref NAME, VALUE, [EXPIRATION_EPOCH]
+
+Add or update user preference in L<FS::access_user_pref> table
+
+Passing an undefined VALUE will delete the user preference
+
+Returns VALUE
+
+=cut
+
+sub set_pref {
+  my $self = shift;
+  my ( $prefname, $prefvalue, $expiration ) = @_;
+
+  return $self->delete_pref( $prefname )
+    unless defined $prefvalue;
+
+  if ( my $pref_row = $self->get_pref_row( $prefname )) {
+    return $prefvalue
+      if $pref_row->prefvalue eq $prefvalue;
+
+    $pref_row->prefvalue( $prefvalue );
+    $pref_row->expiration( $expiration || '');
+
+    if ( my $error = $pref_row->replace ) { croak $error }
+
+    return $prefvalue;
+  }
+
+  my $pref_row = FS::access_user_pref->new({
+    usernum    => $self->usernum,
+    prefname   => $prefname,
+    prefvalue  => $prefvalue,
+    expiration => $expiration,
+  });
+  if ( my $error = $pref_row->insert ) { croak $error }
+
+  $prefvalue;
+}
+
+=item delete_pref NAME
+
+Delete user preference from L<FS::access_user_pref> table
+
+=cut
+
+sub delete_pref {
+  my ( $self, $prefname ) = @_;
+
+  my $pref_row = $self->get_pref_row( $prefname )
+    or return;
+
+  if ( my $error = $pref_row->delete ) { croak $error }
+}
+
 =back
 
 =head1 BUGS

-----------------------------------------------------------------------

Summary of changes:
 FS/FS/access_user.pm                               | 98 ++++++++++++++++++++++
 httemplate/elements/header.html                    |  1 +
 .../misc/edge_browser_check-fail_notice.html       | 25 ++++++
 httemplate/misc/edge_browser_check-header.html     | 32 +++++++
 httemplate/misc/edge_browser_check-iframe.html     | 35 ++++++++
 5 files changed, 191 insertions(+)
 create mode 100644 httemplate/misc/edge_browser_check-fail_notice.html
 create mode 100644 httemplate/misc/edge_browser_check-header.html
 create mode 100644 httemplate/misc/edge_browser_check-iframe.html


