[freeside-commits] branch FREESIDE_3_BRANCH updated. 95e61b65bcf59209181fec43d760210a3846ce26

Thu Sep 20 16:18:31 PDT 2018

The branch, FREESIDE_3_BRANCH has been updated
       via  95e61b65bcf59209181fec43d760210a3846ce26 (commit)
       via  b0371bd62e1963ce29aa3119a9d8c7ac710c911a (commit)
      from  646a070648d2d05cac0a847e2505c45783390c6b (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 95e61b65bcf59209181fec43d760210a3846ce26
Author: Mitch Jackson <mitch at freeside.biz>
Date:   Wed Sep 12 23:32:52 2018 -0400

    RT# 80624 Detect and warn for bad MS Edge version

diff --git a/httemplate/elements/header.html b/httemplate/elements/header.html
index c6b10e301..6df45fb07 100644
--- a/httemplate/elements/header.html
+++ b/httemplate/elements/header.html
@@ -4,3 +4,4 @@
 % } else {
 <& header-full.html, @_ &>
 % }
+<& /misc/edge_browser_check-header.html &>
diff --git a/httemplate/misc/edge_browser_check-fail_notice.html b/httemplate/misc/edge_browser_check-fail_notice.html
new file mode 100644
index 000000000..fb42ffe8e
--- /dev/null
+++ b/httemplate/misc/edge_browser_check-fail_notice.html
@@ -0,0 +1,25 @@
+<& /elements/header.html, "Edge browser bug" &>
+
+<div id="edgebug" style="border: solid 1px #888; border-radius: 4px; margin: 5em; max-width: 400px; text-align: left; padding: 0 1em; background-color: #ffe; box-shadow: 2px 2px 4px">
+  <div style="text-align: center; font-size: 3em; color: #933; text-shadow: 1px 1px 2px black;">
+    ⚠
+  </div>
+  <h4 style="border-bottom: solid 1px #888; margin: 1em 0; text-align: center;">
+    Edge Browser Bug
+  </h4>
+  <p>
+    Your copy of Microsoft Edge has a data corrupting bug.
+  </p>
+  <p>
+    Microsoft fixed this bug with the <b>July RS4 Windows 10 Update</b>.
+    Please update your copy of Windows.
+  </p>
+  <p>
+    Alternatively, you may choose to use
+    <a href="https://mozilla.org/en-US/firefox/new/">Mozilla Firefox</a>
+    or <a href="https://chrome.google.com">Google Chrome</a>. They
+    are not affected by this bug.
+  </p>
+</div>
+
+<& /elements/footer.html &>
\ No newline at end of file
diff --git a/httemplate/misc/edge_browser_check-header.html b/httemplate/misc/edge_browser_check-header.html
new file mode 100644
index 000000000..4d36de598
--- /dev/null
+++ b/httemplate/misc/edge_browser_check-header.html
@@ -0,0 +1,32 @@
+% if ( $force_redirect ) {
+  <script type="text/javascript">
+    if ( <% $DEBUG %> || /Edge\/17\.17134/.test( navigator.userAgent )) {
+      if ( window.location.href.indexOf("fail_notice") == -1 ) {
+        window.location.href = "<% $fsurl %>misc/edge_browser_check-fail_notice.html";
+      }
+    }
+  </script>
+% }
+% if ( $do_check ) {
+  <iframe id="edge_browser_check_iframe" style="display:none;"></iframe>
+  <script type="text/javascript">
+    if ( <% $DEBUG %> || /Edge\/17\.17134/.test( navigator.userAgent )) {
+      $("#edge_browser_check_iframe").attr(
+        'src',
+        '<% $fsurl %>misc/edge_browser_check-iframe.html?edge_browser_check=1'
+      );
+    }
+  </script>
+% }
+<%init>
+my $curuser = $FS::CurrentUser::CurrentUser;
+my $cgi = FS::UID::cgi();
+my $DEBUG = 0;
+
+my $do_check = 0;
+$do_check = 1
+  if $curuser
+  && $curuser->get_pref('edge_bug_vulnerable') ne 'N';
+
+my $force_redirect = $curuser->get_pref('edge_bug_vulnerable') eq 'Y' ? 1 : 0;
+</%init>
\ No newline at end of file
diff --git a/httemplate/misc/edge_browser_check-iframe.html b/httemplate/misc/edge_browser_check-iframe.html
new file mode 100644
index 000000000..da411c69e
--- /dev/null
+++ b/httemplate/misc/edge_browser_check-iframe.html
@@ -0,0 +1,35 @@
+<form id="canary-form" action="<% $fsurl %>misc/edge_browser_check-iframe.html" method="POST">
+<input type="text" id="canary-result" value="<% scalar $cgi->param('edge_browser_canary') %>">
+<select name="edge_browser_canary">
+  <option>test
+  <option>test
+</select>
+<input id="canary-submit" type="submit">
+</form>
+
+<script type="text/javascript" src="<% $fsurl %>elements/jquery.js"></script>
+<script type="text/javascript">
+  $( function() {
+    if ( ! $("#canary-result").val() ) {
+      $("#canary-form").submit();
+    }
+  });
+</script>
+
+<%init>
+my $cgi = FS::UID::cgi();
+my $curuser = $FS::CurrentUser::CurrentUser;
+
+if ( $curuser ) {
+  my $canary = $cgi->param('edge_browser_canary');
+  $curuser->set_pref(
+    'edge_bug_vulnerable',
+
+    $canary eq 'test' ? 'N' : 'Y',
+
+    # Don't test this user's session for the next 5m
+    time() + 300,
+  );
+}
+
+</%init>
\ No newline at end of file

commit b0371bd62e1963ce29aa3119a9d8c7ac710c911a
Author: Mitch Jackson <mitch at freeside.biz>
Date:   Wed Sep 12 18:56:59 2018 -0400

    RT# 80624 FS::access_user methods for access_user_pref relation

diff --git a/FS/FS/access_user.pm b/FS/FS/access_user.pm
index 366ae7ee8..37871c552 100644
--- a/FS/FS/access_user.pm
+++ b/FS/FS/access_user.pm
@@ -12,6 +12,7 @@ use FS::agent;
 use FS::cust_main;
 use FS::sales;
 use FS::sched_item;
+use Carp qw( croak );
 
 $DEBUG = 0;
 $me = '[FS::access_user]';
@@ -838,6 +839,103 @@ sub saved_search {
   qsearch('saved_search', { 'usernum' => $self->usernum });
 }
 
+=item get_pref NAME
+
+Fetch the prefvalue column from L<FS::access_user_pref> for prefname NAME
+
+Returns undef when no value has been saved, or when record has expired
+
+=cut
+
+sub get_pref {
+  my ( $self, $prefname ) = @_;
+  croak 'prefname parameter requrired' unless $prefname;
+
+  my $pref_row = $self->get_pref_row( $prefname )
+    or return undef;
+
+  return undef
+    if $pref_row->expiration
+    && $pref_row->expiration < time();
+
+  $pref_row->prefvalue;
+}
+
+=item get_pref_row NAME
+
+Fetch the row object from L<FS::access_user_pref> for prefname NAME
+
+returns undef when no row has been created
+
+=cut
+
+sub get_pref_row {
+  my ( $self, $prefname ) = @_;
+  croak 'prefname parameter required' unless $prefname;
+
+  qsearchs(
+    access_user_pref => {
+      usernum    => $self->usernum,
+      prefname   => $prefname,
+    }
+  );
+}
+
+=item set_pref NAME, VALUE, [EXPIRATION_EPOCH]
+
+Add or update user preference in L<FS::access_user_pref> table
+
+Passing an undefined VALUE will delete the user preference
+
+Returns VALUE
+
+=cut
+
+sub set_pref {
+  my $self = shift;
+  my ( $prefname, $prefvalue, $expiration ) = @_;
+
+  return $self->delete_pref( $prefname )
+    unless defined $prefvalue;
+
+  if ( my $pref_row = $self->get_pref_row( $prefname )) {
+    return $prefvalue
+      if $pref_row->prefvalue eq $prefvalue;
+
+    $pref_row->prefvalue( $prefvalue );
+    $pref_row->expiration( $expiration || '');
+
+    if ( my $error = $pref_row->replace ) { croak $error }
+
+    return $prefvalue;
+  }
+
+  my $pref_row = FS::access_user_pref->new({
+    usernum    => $self->usernum,
+    prefname   => $prefname,
+    prefvalue  => $prefvalue,
+    expiration => $expiration,
+  });
+  if ( my $error = $pref_row->insert ) { croak $error }
+
+  $prefvalue;
+}
+
+=item delete_pref NAME
+
+Delete user preference from L<FS::access_user_pref> table
+
+=cut
+
+sub delete_pref {
+  my ( $self, $prefname ) = @_;
+
+  my $pref_row = $self->get_pref_row( $prefname )
+    or return;
+
+  if ( my $error = $pref_row->delete ) { croak $error }
+}
+
 =back
 
 =head1 BUGS

-----------------------------------------------------------------------

Summary of changes:
 FS/FS/access_user.pm                               | 98 ++++++++++++++++++++++
 httemplate/elements/header.html                    |  1 +
 .../misc/edge_browser_check-fail_notice.html       | 25 ++++++
 httemplate/misc/edge_browser_check-header.html     | 32 +++++++
 httemplate/misc/edge_browser_check-iframe.html     | 35 ++++++++
 5 files changed, 191 insertions(+)
 create mode 100644 httemplate/misc/edge_browser_check-fail_notice.html
 create mode 100644 httemplate/misc/edge_browser_check-header.html
 create mode 100644 httemplate/misc/edge_browser_check-iframe.html


