[freeside-commits] branch FREESIDE_4_BRANCH updated. 54cfc5a8423cce81b8d5b9e01f82b078bf43ae5d

Mitch Jackson mitch at freeside.biz
Thu Sep 20 14:21:41 PDT 2018 

The branch, FREESIDE_4_BRANCH has been updated
       via  54cfc5a8423cce81b8d5b9e01f82b078bf43ae5d (commit)
       via  8a8e73270785100f2abc1242148a935d09f976ea (commit)
       via  eb325ea015eae90458a5a3e892795bb445ecd8b0 (commit)
      from  af172030b12bc994d91e02b12883d2e67151996c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 54cfc5a8423cce81b8d5b9e01f82b078bf43ae5d
Author: Mitch Jackson <mitch at freeside.biz>
Date:   Thu Sep 13 00:44:54 2018 -0400

    RT# 80624 Browser check repeats if session changes

diff --git a/httemplate/misc/edge_browser_check-header.html b/httemplate/misc/edge_browser_check-header.html
index e7666aec4..a88962be9 100644
--- a/httemplate/misc/edge_browser_check-header.html
+++ b/httemplate/misc/edge_browser_check-header.html
@@ -18,7 +18,10 @@
   </script>
 % }
 <%init>
-my $curuser = $FS::CurrentUser::CurrentUser;
+my $curuser    = $FS::CurrentUser::CurrentUser;
+my $session    = $FS::CurrentUser::CurrentSession;
+my $sessionkey = $session->sessionkey if $session;
+
 my $cgi = FS::UID::cgi();
 my $DEBUG = 0;
 
@@ -26,7 +29,8 @@ my $do_check = 0;
 $do_check = 1
   if $curuser
   && !$cgi->param('edge_browser_check')
-  && $curuser->get_pref('edge_bug_vulnerable') ne 'N';
+  && $sessionkey
+  && $curuser->get_pref('edge_bug_vulnerable') ne $sessionkey;
 
 my $force_redirect = $curuser->get_pref('edge_bug_vulnerable') eq 'Y' ? 1 : 0;
-</%init>
\ No newline at end of file
+</%init>
diff --git a/httemplate/misc/edge_browser_check-iframe.html b/httemplate/misc/edge_browser_check-iframe.html
index e804fc676..61ae9a0bd 100644
--- a/httemplate/misc/edge_browser_check-iframe.html
+++ b/httemplate/misc/edge_browser_check-iframe.html
@@ -19,16 +19,15 @@
 <%init>
 my $cgi = FS::UID::cgi();
 my $curuser = $FS::CurrentUser::CurrentUser;
+my $session = $FS::CurrentUser::CurrentSession;
+my $sessionkey = $session->sessionkey if $session;
 
 if ( $curuser ) {
   my $canary = $cgi->param('edge_browser_canary');
   $curuser->set_pref(
     'edge_bug_vulnerable',
 
-    $canary eq 'test' ? 'Y' : 'Y',
-
-    # Don't test this user's session for the next 10m
-    time() + 600,
+    $canary eq 'test' ? $sessionkey : 'Y',
   );
 }
 

commit 8a8e73270785100f2abc1242148a935d09f976ea
Author: Mitch Jackson <mitch at freeside.biz>
Date:   Wed Sep 12 23:32:52 2018 -0400

    RT# 80624 Detect and warn for bad MS Edge version

diff --git a/httemplate/elements/header.html b/httemplate/elements/header.html
index c6b10e301..6df45fb07 100644
--- a/httemplate/elements/header.html
+++ b/httemplate/elements/header.html
@@ -4,3 +4,4 @@
 % } else {
 <& header-full.html, @_ &>
 % }
+<& /misc/edge_browser_check-header.html &>
diff --git a/httemplate/misc/edge_browser_check-fail_notice.html b/httemplate/misc/edge_browser_check-fail_notice.html
new file mode 100644
index 000000000..fb42ffe8e
--- /dev/null
+++ b/httemplate/misc/edge_browser_check-fail_notice.html
@@ -0,0 +1,25 @@
+<& /elements/header.html, "Edge browser bug" &>
+
+<div id="edgebug" style="border: solid 1px #888; border-radius: 4px; margin: 5em; max-width: 400px; text-align: left; padding: 0 1em; background-color: #ffe; box-shadow: 2px 2px 4px">
+  <div style="text-align: center; font-size: 3em; color: #933; text-shadow: 1px 1px 2px black;">
+    ⚠
+  </div>
+  <h4 style="border-bottom: solid 1px #888; margin: 1em 0; text-align: center;">
+    Edge Browser Bug
+  </h4>
+  <p>
+    Your copy of Microsoft Edge has a data corrupting bug.
+  </p>
+  <p>
+    Microsoft fixed this bug with the <b>July RS4 Windows 10 Update</b>.
+    Please update your copy of Windows.
+  </p>
+  <p>
+    Alternatively, you may choose to use
+    <a href="https://mozilla.org/en-US/firefox/new/">Mozilla Firefox</a>
+    or <a href="https://chrome.google.com">Google Chrome</a>. They
+    are not affected by this bug.
+  </p>
+</div>
+
+<& /elements/footer.html &>
\ No newline at end of file
diff --git a/httemplate/misc/edge_browser_check-header.html b/httemplate/misc/edge_browser_check-header.html
new file mode 100644
index 000000000..e7666aec4
--- /dev/null
+++ b/httemplate/misc/edge_browser_check-header.html
@@ -0,0 +1,32 @@
+% if ( $force_redirect ) {
+  <script type="text/javascript">
+    if ( <% $DEBUG %> || /Edge\/17\.17134/.test( navigator.userAgent )) {
+      if ( window.location.href.indexOf("fail_notice") == -1 ) {
+        window.location.href = "<% $fsurl %>misc/edge_browser_check-fail_notice.html";
+      }
+    }
+  </script>
+% } elsif ( $do_check ) {
+  <iframe id="edge_browser_check_iframe" style="display:none;"></iframe>
+  <script type="text/javascript">
+    if ( <% $DEBUG %> || /Edge\/17\.17134/.test( navigator.userAgent )) {
+      $("#edge_browser_check_iframe").attr(
+        'src',
+        '<% $fsurl %>misc/edge_browser_check-iframe.html?edge_browser_check=1'
+      );
+    }
+  </script>
+% }
+<%init>
+my $curuser = $FS::CurrentUser::CurrentUser;
+my $cgi = FS::UID::cgi();
+my $DEBUG = 0;
+
+my $do_check = 0;
+$do_check = 1
+  if $curuser
+  && !$cgi->param('edge_browser_check')
+  && $curuser->get_pref('edge_bug_vulnerable') ne 'N';
+
+my $force_redirect = $curuser->get_pref('edge_bug_vulnerable') eq 'Y' ? 1 : 0;
+</%init>
\ No newline at end of file
diff --git a/httemplate/misc/edge_browser_check-iframe.html b/httemplate/misc/edge_browser_check-iframe.html
new file mode 100644
index 000000000..e804fc676
--- /dev/null
+++ b/httemplate/misc/edge_browser_check-iframe.html
@@ -0,0 +1,35 @@
+<form id="canary-form" action="<% $fsurl %>misc/edge_browser_check-iframe.html" method="POST">
+<input type="text" id="canary-result" value="<% scalar $cgi->param('edge_browser_canary') %>">
+<select name="edge_browser_canary">
+  <option>test
+  <option>test
+</select>
+<input id="canary-submit" type="submit">
+</form>
+
+<script type="text/javascript" src="<% $fsurl %>elements/jquery.js"></script>
+<script type="text/javascript">
+  $( function() {
+    if ( ! $("#canary-result").val() ) {
+      $("#canary-form").submit();
+    }
+  });
+</script>
+
+<%init>
+my $cgi = FS::UID::cgi();
+my $curuser = $FS::CurrentUser::CurrentUser;
+
+if ( $curuser ) {
+  my $canary = $cgi->param('edge_browser_canary');
+  $curuser->set_pref(
+    'edge_bug_vulnerable',
+
+    $canary eq 'test' ? 'Y' : 'Y',
+
+    # Don't test this user's session for the next 10m
+    time() + 600,
+  );
+}
+
+</%init>
\ No newline at end of file

commit eb325ea015eae90458a5a3e892795bb445ecd8b0
Author: Mitch Jackson <mitch at freeside.biz>
Date:   Wed Sep 12 18:56:59 2018 -0400

    RT# 80624 FS::access_user methods for access_user_pref relation

diff --git a/FS/FS/access_user.pm b/FS/FS/access_user.pm
index a9fdf5b1e..f23aa77f9 100644
--- a/FS/FS/access_user.pm
+++ b/FS/FS/access_user.pm
@@ -12,6 +12,7 @@ use FS::Record qw( qsearch qsearchs dbh );
 use FS::agent;
 use FS::cust_main;
 use FS::sales;
+use Carp qw( croak );
 
 $DEBUG = 0;
 $me = '[FS::access_user]';
@@ -814,6 +815,103 @@ sub set_page_pref {
   return $error;
 }
 
+=item get_pref NAME
+
+Fetch the prefvalue column from L<FS::access_user_pref> for prefname NAME
+
+Returns undef when no value has been saved, or when record has expired
+
+=cut
+
+sub get_pref {
+  my ( $self, $prefname ) = @_;
+  croak 'prefname parameter requrired' unless $prefname;
+
+  my $pref_row = $self->get_pref_row( $prefname )
+    or return undef;
+
+  return undef
+    if $pref_row->expiration
+    && $pref_row->expiration < time();
+
+  $pref_row->prefvalue;
+}
+
+=item get_pref_row NAME
+
+Fetch the row object from L<FS::access_user_pref> for prefname NAME
+
+returns undef when no row has been created
+
+=cut
+
+sub get_pref_row {
+  my ( $self, $prefname ) = @_;
+  croak 'prefname parameter required' unless $prefname;
+
+  qsearchs(
+    access_user_pref => {
+      usernum    => $self->usernum,
+      prefname   => $prefname,
+    }
+  );
+}
+
+=item set_pref NAME, VALUE, [EXPIRATION_EPOCH]
+
+Add or update user preference in L<FS::access_user_pref> table
+
+Passing an undefined VALUE will delete the user preference
+
+Returns VALUE
+
+=cut
+
+sub set_pref {
+  my $self = shift;
+  my ( $prefname, $prefvalue, $expiration ) = @_;
+
+  return $self->delete_pref( $prefname )
+    unless defined $prefvalue;
+
+  if ( my $pref_row = $self->get_pref_row( $prefname )) {
+    return $prefvalue
+      if $pref_row->prefvalue eq $prefvalue;
+
+    $pref_row->prefvalue( $prefvalue );
+    $pref_row->expiration( $expiration || '');
+
+    if ( my $error = $pref_row->replace ) { croak $error }
+
+    return $prefvalue;
+  }
+
+  my $pref_row = FS::access_user_pref->new({
+    usernum    => $self->usernum,
+    prefname   => $prefname,
+    prefvalue  => $prefvalue,
+    expiration => $expiration,
+  });
+  if ( my $error = $pref_row->insert ) { croak $error }
+
+  $prefvalue;
+}
+
+=item delete_pref NAME
+
+Delete user preference from L<FS::access_user_pref> table
+
+=cut
+
+sub delete_pref {
+  my ( $self, $prefname ) = @_;
+
+  my $pref_row = $self->get_pref_row( $prefname )
+    or return;
+
+  if ( my $error = $pref_row->delete ) { croak $error }
+}
+
 =back
 
 =head1 BUGS

-----------------------------------------------------------------------

Summary of changes:
 FS/FS/access_user.pm                               | 98 ++++++++++++++++++++++
 httemplate/elements/header.html                    |  1 +
 .../misc/edge_browser_check-fail_notice.html       | 25 ++++++
 httemplate/misc/edge_browser_check-header.html     | 36 ++++++++
 httemplate/misc/edge_browser_check-iframe.html     | 34 ++++++++
 5 files changed, 194 insertions(+)
 create mode 100644 httemplate/misc/edge_browser_check-fail_notice.html
 create mode 100644 httemplate/misc/edge_browser_check-header.html
 create mode 100644 httemplate/misc/edge_browser_check-iframe.html

More information about the freeside-commits mailing list