marc
/
CiviProxy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1 from PalanteJon/mosaico-support 

Mosaico support
This commit is contained in:
Edsel Roque Lopez 2017-05-26 10:07:50 +05:30 committed by GitHub
parent b0cf0a93f5 fed7a8ee7a
commit a6cf8db825
4 changed files with 30 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
README.md
View File

@ -34,9 +34,9 @@ DISCLAIMER: This software has not (yet) been audited for security.
The best option to install CiviProxy is a simple managed webspace, that you can rent cheaply from the hoster of your choice. It should have its own IP address, but other than that there are virtually no restrictions. This approach comes with a lot of advantages:
1. Since there are a multitude of clients like you on such a server, the level of security can be expected to be very high, and it should be managed and monitored by professionals 24/7.
2. For the same reason, the bandwith and connectivity of such a server should be very high as well.
### Installation
@ -53,15 +53,16 @@ The installation is as simple as it gets:
There shouldn't be any requirements that any web hoster wouldn't comply with, but here they are:
1. PHP 5.3+
2. Read/write permissions on your webspace
3. Reasonable amount of protection, i.e. only authorised users (you) can upload/download the files
4. Ideally with it's own IP address (makes configuring the VPN easier)
2. PHP PEAR (to install on Debian/Ubunto, run `apt-get install php-pear`).
3. Read/write permissions on your webspace
4. Reasonable amount of protection, i.e. only authorised users (you) can upload/download the files
5. Ideally with it's own IP address (makes configuring the VPN easier)
## Why not an application firewall?
The traditional approach to this problem would be an application firewall / reverse proxy setup. However, CiviCRM can have very complex interactions with other systems (e.g. via the API), and a malicious request can sometimes only be detected by understanding the meaning of the individual parameters.
Creating firewall rules for this level of detail is very complex and is very hard to maintain.
Creating firewall rules for this level of detail is very complex and is very hard to maintain.
For this reason we wanted to take another approach and build a simple "bridgehead" system that *understands* CiviCRM, thus making its configuration and maintenance as easy as possible.

3
de.systopia.civiproxy/CRM/Civiproxy/Mailer.php
View File

@ -55,7 +55,8 @@ class CRM_Civiproxy_Mailer {
// General external functions
$value = preg_replace("#{$system_base}sites/all/modules/civicrm/extern/url.php#i", $proxy_base.'/url.php', $value);
$value = preg_replace("#{$system_base}sites/all/modules/civicrm/extern/open.php#i", $proxy_base.'/open.php', $value);
$value = preg_replace("#{$system_base}sites/default/files/civicrm/persist/#i", $proxy_base.'/file.php?id=', $value);
$value = preg_replace("#{$system_base}sites/default/files/civicrm/persist/#i", $proxy_base.'/file.php?mosaico=0&id=', $value);
$value = preg_replace("#{$system_base}civicrm/mosaico/img\?src=#i", $proxy_base.'/file.php?mosaico=1&id=', $value);
// Mailing related functions
$value = preg_replace("#{$system_base}civicrm/mailing/view#i", $proxy_base.'/mailing/mail.php', $value);

1
proxy/config.php
View File

@ -30,6 +30,7 @@ $target_url = $target_civicrm . '/sites/all/modules/civicrm/extern/url.php
$target_open = $target_civicrm . '/sites/all/modules/civicrm/extern/open.php';
$target_file = $target_civicrm . '/sites/default/files/civicrm/persist/';
$target_mail_view = $target_civicrm . '/civicrm/mailing/view';
$target_mosaico_file = $target_civicrm . '/civicrm/mosaico/img?src=';
// Set api-key for mail subscribe/unsubscribe user
// Set to NULL/FALSE to disable the feature

28
proxy/file.php
View File

@ -6,20 +6,20 @@
| Author: B. Endres (endres -at- systopia.de) |
| http://www.systopia.de/ |
+---------------------------------------------------------*/
require_once "config.php";
require_once "proxy.php";
// basic restraints
$valid_parameters = array( 'id' => 'string', 'mosaico' => 'int' );
$parameters = civiproxy_get_parameters($valid_parameters);
// see if file caching is enabled
if (!$target_file) civiproxy_http_error("Feature disabled", 405);
if ((!$target_file && !$parameters['mosaico']) || (!$target_mosaico_file && $parameters['mosaico'])) {
civiproxy_http_error("Feature disabled", 405);
}
// basic check
civiproxy_security_check('file');
// basic restraints
$valid_parameters = array( 'id' => 'string' );
$parameters = civiproxy_get_parameters($valid_parameters);
// check if id specified
if (empty($parameters['id'])) civiproxy_http_error("Resource not found");
@ -66,9 +66,13 @@ if ($header && $data) {
print $data;
exit();
}
// if we get here, we have a cache miss => load
$url = $target_file . $parameters['id'];
if ($parameters['mosaico'] == 1) {
$url = $target_mosaico_file . $parameters['id'];
}
else {
$url = $target_file . $parameters['id'];
}
// error_log("CACHE MISS. LOADING $url");
$curlSession = curl_init();
@ -92,7 +96,6 @@ if (curl_error($curlSession)) {
error_log(curl_error($curlSession));
civiproxy_http_error(curl_error($curlSession), curl_errno($curlSession));
}
// process the results
$content = explode("\r\n\r\n", $response, 2);
$header = $content[0];
@ -101,6 +104,13 @@ $body = $content[1];
// extract headers
$header_lines = explode(chr(10), $header);
// Remove chunked encoding header
foreach ($header_lines as $k => $header_line) {
if(strpos($header_line,'Transfer-Encoding: chunked') !== FALSE) {
unset($header_lines[$k]);
}
}
// store the information in the cache
$file_cache->save(json_encode($header_lines), $header_key);
$file_cache->save($body, $data_key);