Apologies, since I may not know the terminologies for the salesforce API. I just started programming a connector to interact with salesforce and I am stuck.
I have a requirement, where each time a new entry is added to the Leads section, I will have to retrieve a couple of fields (Firstname and Product Code) and pass it to a different software that makes use of PHP.
<?php
require "conf/config_cleverbridge_connector.inc.php";
require "include/lc_connector.inc.php";
// Start of Main program
// Read basic parameters
if ($LC_Username === "")
{
$LC_Username = readParam("USER");
}
if ($LC_Password === "")
{
$LC_Password = readParam("PASSWORD");
}
$orderID = "";
$customerID = substr(readParam("PURCHASE_ID"), 0, 10);
$comment = readParam("EMAIL")."-".readParam("PURCHASE_ID");
// Create product array
$products = array();
$itemID = readParam("INTERNAL_PRODUCT_ID");
$quantity = 1;
if (!ONCE_PER_PURCHASED_QUANTITY)
{
$quantity = readParam("QUANTITY");
}
// Add product to the product array
$products[] = array (
"itemIdentification" => $itemID,
"quantity" => $quantity,
);
// Create the order
$order = array(
"orderIdentification" => $orderID,
"customerIdentification" => $customerID,
"comment" => $comment,
"product" => $products,
);
// Calling webservice
$ticket = doOrder($LC_Username, $LC_Password, $order);
if ($ticket)
{
Header("HTTP/1.1 200 Ok");
Header("Content-Type: text/plain");
print TICKET_URL.$result->order->ticketIdentification;
exit;
}
else
{
$error = "No result from WSConnector_doOrder";
trigger_error($error, E_USER_WARNING);
printError(500, "Internal Error.");
exit;
}
// End of Main program
?>
Now this is the code that I got and have to work with. And this is hosted on a different remote server.
I am very very new to salesforce and I am not really sure how to trigger calling this php file over a remote site.
The basic idea is:
1. New entry in Lead is created.
2. Immediately 2 fields (custID and prodID) are sent to this PHP file I have pasted above (some of the variables are different)
3. This does its processing and sends 2 fields back to salesforce.
Any help or guidance is appreciated. Even links to read up on is okay as I am completely clueless.
PS: I have another example where it makes use of JSON Messages if that may make any difference.
Thanks
I'll repost the links from my comment :)
https://salesforce.stackexchange.com/questions/23977/is-it-possible-to-get-the-record-id
Web hook in salesforce?
If your PHP endpoint is visible on the open web (not a part of some intranet or just your own localhost) then simplest thing to do would be to send an Outbound Message from Salesforce. No coding required, just some XML document you'll have to parse on the PHP side. Plus it will automatically attempt to resend the messages if the host is unreachable...
If your app can't be accessed from SF servers then I think your PHP app will have to be the "actor". Querying SF every X minutes for new Leads or maybe subscribing to Streaming API... This will mean you'd have to store credentials to SF on your PHP app and remember to either change the password periodically or set on the "integration user"'s profile the "password never expires" checkbox.
So you're getting the notification, you generate your tickets, time to send them back. Will you want to pretend the update of Lead was done by the person that created it or will you want to see "last modified by: Integration User"? Outbound message can contain session id which you can use to act as the person who initiated the action (created the lead and fired the workflow) - at least until they log out or the session timeouts.
For message back you can use SOAP or REST salesforce apis - read the docs to figure out how to send an update command (and if you want to make it clear it was done by special user associated with this PHP app - how to log in to the APIs). I think the user's profile must have "API enabled" ticked before you could reuse somebody's session so maybe it's better to have a dedicated account for integrations like that...
Another thing to keep in mind if it'd be outbound messages is to ignore the messages sent from sandboxes so if somebody makes a test environment you will not call your "production" database of tickets. You can also remember to modify the outbound message and remote site setting every time a sandbox is made so you'll have "prod talking to prod, test talking to test". I know you can include user's session id in the OM - so maybe you can also add organization's id (for production it'll stay the same, every new sandbox will have new id).
The problem with this approach is that it might not scale. If 1000 leads is inserted in one batch (for example with Data Loader) - you'll get spammed with 1000 outbound messages. Your server must be able to handle such load... but it will also mean you're using 1 API request to send every single update back. You can check the limit of API requests in Setup -> Company Information. Developer Edition will have this limit very low, sandboxes are better, production is best (it also depends how many user licenses have you bought). That's why I've asked about some batching them up.
More coding but also more reliable would be to ask SF for changes every X minutes (Streaming API? Normal query? check the "web hook" answer) and send an update of all these records in one go. SELECT Id, Name FROM Lead WHERE Ticket__c = null (note there's nothing about AND LastModifiedDate >= :lastTimeIChecked)...
Related
I'm building a support chat application. It's built on Laravel Echo through Pusher.js.
There are two sides - support/admin and client. When a client starts a chat, support can accept it and they can chat together. It's working like it should be, but there is one thing. When the client goes offline (close browser, leave site, lost internet connection...) it should wait for about a few seconds (to make sure it was not a mistake) and then close the chat. So when he comes back in about an hour, there would not be any active chat.
I'm checking both sides' online status with presence channel with simple code:
this.presence = Echo.join('chat');
this.presence
.listen('.pusher:subscription_error', (result) => {
if(this.debug) {
console.log(result);
}
})
.listen('.pusher:member_added', (result) => {
if(!!result.info.is_admin) {
this.presence_users.push(result.info);
}
})
.listen('.pusher:member_removed', (result) => {
let found = _.find(this.presence_users, ['id', result.id]);
let index = this.presence_users.indexOf(found);
this.presence_users.splice(index, 1);
})
.here((result) => {
this.presence_users = _.filter(result, ['is_admin', true]);
});
On the support side it's a little different, but still the same logic (also don't worry - user's id is not id from database, but unique md5 identifier).
Presence channel is working good. But I can't find anywhere on the internet, how to set up connection_timeout URL? I just think it could be URL, where Pusher.js will post some data when the user goes offline, or connection is lost - my custom id field, for example. As I noted in the start, it should have some "cooldown", when user goes offline by mistake. This would help to close the chat when the user is not available to respond.
Do you have any experience with a similar problem? If so, how did you solve it? Or - is it even possible to solve it with Pusher.js?
Well, 7 days are gone and no answer here, so I think it's not possible the way I describe. But there can be a "hacky" way:
Create a CRON job which runs every 10 minutes
Script will get all chats from database with flag active or pending
When chat has no recent messages (nothing from last 5-10 minutes), then check if users are online
Get users from presence channel
$response = $pusher->get('/channels/chat/users');
if($response['status'] == 200) {
$users = json_decode($response['body'], true)['users'];
}
If there is at least one of them online, skip, otherwise wait for a short time (5 seconds, just to be sure), check online status again and when they are still offline, close the chat.
Haven't tested it, since it is not required yet. Maybe someone will find this helpful.
I've created an application using PHP and I'm going to sell it to my local market. I will personally be going to their locations to install/configure Apache & MySQL as well as installing my own code.
I would like a security system so that if anyone attempts to copy my code to an unauthorized machine, it won't run.
I know no one can prevent reverse engineering an application. even .exe (binary) files are cracked and with PHP (source code) anyone can do.
In my country those reverse engineers are really hard to find, so I would like to propose minimal security options like:
1) Create class (say, Navigation) which identifies system information like CPU ID, Computer name or any combination of hardware ID to make a UNIQUE_ID and matches with my given UNIQUE_ID (to the individual to whom I sold the application). If it's valid, it returns the navigation menu. Otherwise it will simply destroy the database and halt the execution by throwing an exception, maybe like:
class Navigation {
public function d() {
return current system UNIQUE_ID;
}
public function get() {
$a = file_get_contents('hash');
$c = $this->d();
if (crypt($c) != $a) {
//destory database
throw new Exception('');
} else {
return "<ul><li><a>home</a></li></ul>"; //navigation menu
}
}
}
2) Then during the installation process I'll change system UNIQUE_ID in "hash" file, create an object, and save it into a file (nav.obj):
(install.php)
<?php
$a=new Navigation;
$out=serialize($a);
file_put_contents('nav.obj', $out);
3) in header.php (which gets included in every file):
<?php
$menu=file_get_contents('nav.obj');
$menu=unserialize($a);
echo $menu->get();
?>
I know this method isn't full proof, but I'm pretty sure that around 60% of PHP developers won't be able to crack it!
Now I only need to get current system UNIQUE_ID.
I have created this function to get an unique ID based on hardware (Hard disk UUID). It is possible to use different resources like machine names, domains or even hard disk size to get a better approach depending on your needs.
function UniqueMachineID($salt = "") {
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
$temp = sys_get_temp_dir().DIRECTORY_SEPARATOR."diskpartscript.txt";
if(!file_exists($temp) && !is_file($temp)) file_put_contents($temp, "select disk 0\ndetail disk");
$output = shell_exec("diskpart /s ".$temp);
$lines = explode("\n",$output);
$result = array_filter($lines,function($line) {
return stripos($line,"ID:")!==false;
});
if(count($result)>0) {
$result = array_shift(array_values($result));
$result = explode(":",$result);
$result = trim(end($result));
} else $result = $output;
} else {
$result = shell_exec("blkid -o value -s UUID");
if(stripos($result,"blkid")!==false) {
$result = $_SERVER['HTTP_HOST'];
}
}
return md5($salt.md5($result));
}
echo UniqueMachineID();
As per http://man7.org/linux/man-pages/man5/machine-id.5.html
$machineId = trim(shell_exec('cat /etc/machine-id 2>/dev/null'));
EDIT for Tito:
[ekerner#**** ~]$ ls -l /etc/machine-id
-r--r--r--. 1 root root 33 Jul 8 2016 /etc/machine-id
EDIT 2 for Tito: Some things to consider and scenarios:
Is the user allowed to get a new machine? Id guess yes.
Or run on multiple devices?
Sounds like the machine could be irrelevant in your case?
If its user only (no machine restrictions) then Id go for a licencing service (relies on network).
There are many services for this:
Google Play (for Android apps) is a good example: https://developer.android.com/google/play/licensing/index.html
MS and Apple have similar services.
However just search the web for the term "Software Licensing Service" or "Cloud Based Software Licensing Service".
If its user + single device, then youll need to pass up the device id to whatever service you use or make, then allow the machine id to be updated, but not allow revert to previous machine id (would mean multiple devices).
However said services will give you the client code which should take care of that if its a requirement.
Two scenarios from experience:
1: User on any device: we simply made an API in the cloud (in a website) and a login screen in the app, when the user logged in it authenticated via the API and kept a token, and whenever the device was connected to the net the app would query the API and update the login and/or token.
You could alternatively have the login screen in the purchase (like maybe they already logged into a site to purchase), generate a key and pack it with or bind it into the app.
2: User plus machine:
Same thing except when the API is queried the machine id is passed up. The machine ID can change as many times as the user updates their device, but we kept a record of machine ids and made to ban rule on: if we saw an old (previously used) machine id then a certain amount of time had to have passed. Thus allowed the user to break their machine and pull out an old one.
Also to consider if you make one, how will you stop the app from working? Ppl are pretty clever it will need to be core compiled.
However that all being said, the various licensing services are pro at this and can cater for most needs. Plus in their experience theyve already overcome the security pitfalls. Id name one that I like except its yours to search out.
Nice if you can come on back with and positive or negative outcomes from your trails.
function getMachineId() {
$fingerprint = [php_uname(), disk_total_space('.'), filectime('/'), phpversion()];
return hash('sha256', json_encode($fingerprint));
}
This will get a probably-unique id based on a hash of:
The server's OS, OS version, hostname, and architecture.
The total space (not free space) on the drive where the php script is.
The Unix timestamp creation time of the computer's root file system.
The currently installed PHP version.
Unlike the other answers it doesn't depend on shell_exec() being enabled.
Hoping some of you out there are great with php!
Basically the guy who made this is MIA so I can't ask him what I need to do to fix the problem we are having.
Background:
We are a locksmith company that uses a custom web app to inform our locksmiths on the road when they have a new job. This web app also does a few extra things like providing gps location, time taken at the job and the ability to have save signature from the client upon work completion.
Problem:
The app works by picking up an email sent from our account management application called E3, the email (example: http://cl.ly/image/2E433O330T0N) is read by this web app, parsed into both an email and a web page and sent to the locksmith to view his new job. When the locksmith arrives at the web page on his phone (example: http://cl.ly/image/0P1I0R0h0O3K), he can see the job details including the Name, address and contact details for the client. The problem is though, because Job Notes isn't assigned a heading in the original email the code has to work out where Job Notes is located, this is the part that has the problem as the web app is no longer showing the data in Job Notes. Job Notes is important because it tells the locksmith what he needs to fix. This worked previously but has now just stopped working and we aren't sure why.
How the data is transferred to the web app is very interesting, instead of having a database to store data to, it is put in the address bar and then the webpage interprets the code and formats it into the page.
For example, this is how the current link looks (data taken out, replaced with xxxxxxx):
http://www.xxxxxxx.com/apps/xxxxxx/on-my-way?client=xxxxxx&company=xxxxxx&mobile=xxxxxxx&phone=xxxxxxx&contact=xxxxxxxx&addressData=Array&addressIndex=3&streetAddress=xxxxxxxxx&addressLocality=xxxxxxxx&postcode=xxxxxxx&city=xxxxxxx&clientEmail=&jobDate=11/22/2012&jobTime=1:30:00%20PM&jobID=xxxxxx&jobAMPM=PM&adminEmail=xxxxxxx&noreplyEmail=xxxxxxxxxx&companyPhone=xxxxxxxx&staffEmail=xxxxxxxx&staffName=xxxxxxx&staffPhone=xxxxxxxx
Previously, when working, this link had a jobNotes field added:
http://www.xxxxxxxx.com/apps/xxxxxxxx/on-my-way?client=xxxxxxxx&company=xxxxxxxx&mobile=xxxxxxxx&phone=&contact=xxxxxxxx&addressData=Array&addressIndex=4&streetAddress=xxxxxxxx&addressLocality=xxxxxxxx&postcode=xxxxxxxx&city=xxxxxxxx&clientEmail=xxxxxxxx&jobNotes=Quote%20on%20installing%20new%20keying%20system%0A%0AAlso%20would%20like%20a%20Quote%20on%20Install%20CCTV%0A%0ASub%20Total%3A%202%2C236.36%0AGST%3A%20223.64%0ATotal%3A%202%2C460.00%0A%0AMISC&*jobDate=11/19/2012*&jobTime=2:00:00%20PM&jobID=xxxxxxxx&jobAMPM=PM&adminEmail=xxxxxxxx&noreplyEmail=xxxxxxxx&companyPhone=xxxxxxxx&staffEmail=xxxxxxxx&staffName=xxxxxxxx&staffPhone=xxxxxxxx
The code:
This is an extract from e3-parser.php, the main file that translates the data from the e3 email to the web app.
// Job notes
if ($this->clientEmail) {
// REMOVED NOW THAT EMAIL IS BEING PUT ON THIRD LINE OF ADDRESS
// // If customer email present grab everything after it save it as job notes
// preg_match("/$this->clientEmail[^-]+/",$e3Output,$matches);
// $result = implode("",$matches);
// $notes = trim(str_replace($this->clientEmail,'',$result));
// $this->jobNotes = rawurlencode($notes);
// } else {
// Fall back to grabbing everything after the time
preg_match("/AM[^-]+/",$e3Output,$matchesAM);
preg_match("/PM[^-]+/",$e3Output,$matchesPM);
$resultAM = implode("",$matchesAM);
$resultPM = implode("",$matchesPM);
$notes = trim(str_replace('AM','',$resultAM) . str_replace('PM','',$resultPM));
$this->jobNotes = rawurlencode($notes);
}
Question here is, does it successfully grab the data listed after the Required Time field? (example email that it's reading from: http://cl.ly/image/2E433O330T0N)
Here is the code that places the parsed data into the web page:
// Create job link
$url = $e3->create_job_url('http://www.prvgroup.com.au/apps/jobbook/on-my-way?');
$linkName = "View job details";
$href = '<a class="btn btn-small" href="' . $url . '&staffEmail=' . $staff- >staffEmail . '&staffName=' . $staff->staffName . '&staffPhone=' . $staff->staffPhone . '">' . $linkName . '</a>';
This is sent to the locksmith via email informing him of his new job on the clickable link "View job details". The link is impregnated with the data needed. However from the looks of it the data for jobNotes isn't there. My backups of this code display the exact same thing here when the code was displaying jobNotes so I'm not exactly sure how it is putting that field in.
If you got this far, well done! I hope I was clear enough with what the issue is but if you need anymore clarification, just ask!
Cheers,
Marc
After looking through your code you are only running the preg_match if there is a clientEmail. From the sample emails above it does not look like you are ever executing this code because there is no client email or it is not found using the preg_match. The specific location to look into is on line 113 of the e3-parser.php file. You will see this:
if($this->clientEmail)
{
//matching code here.
}
on line 109 and 110 you are looking for an email address and either not finding one or it is looking in the wrong location. At any rate, you should execute this code regardless of whether there is an email address or not. The notes must be set for later use, right now nothing is being set. Removing this if statement should resolve your issue.
I have somewhat of a knowledge of the PHP coding language and I would like to connect the Campaign Monitor API(Link) with my website, so that when the user enters something into the form on my site it will add it to the database on the Campaign Monitor servers. I found the PHP code example zip file, but it contains like 30 files, and I have no idea where to begin.
Does anyone know of a tutorial anywhere that explains how to connect to the API in a step-by-step manner? The code files by themselves include to much code that I may not need for simply connecting to the database and adding and deleting users, since I only want to give the user the power to add and delete users from the Mailing List.
This actually looks pretty straightforward. In order to use the API, you simply need to include() the CMBase.php file that is in that zip file.
Once you've included that file, you can create a CampaignMonitor object, and use it to access the API functions. I took this example out of one of the code files in there:
require_once('CMBase.php');
$api_key = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
$client_id = null;
$campaign_id = null;
$list_id = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
$cm = new CampaignMonitor( $api_key, $client_id, $campaign_id, $list_id );
//This is the actual call to the method, passing email address, name.
$result = $cm->subscriberAdd('joe#notarealdomain.com', 'Joe Smith');
You can check the result of the call like this (again taken from their code examples):
if($result['Result']['Code'] == 0)
echo 'Success';
else
echo 'Error : ' . $result['Result']['Message'];
Since you're only interested in adding a deleting users from a mailing list, I think the only two API calls you need to worry about are subscriberAdd() and subscriberUnsubscribe():
$result = $cm->subscriberAdd('joe#notarealdomain.com', 'Joe Smith');
$result = $cm->subscriberUnsubscribe('joe#notarealdomain.com');
Hope that helps. The example files that are included in that download are all singular examples of an individual API method call, and the files are named in a decent manner, so you should be able to look at any file for an example of the corresponding API method.
I have a problem with the following implementation of hook_cron in Drupal 6.1.3.
The script below runs exactly as expected: it sends a welcome letter to new members, and updates a hidden field in their profile to designate that the letter has been sent. There are no errors in the letter, all new members are accounted for, etc.
The problem is that the last line -- updating the profile -- doesn't seem to work when Drupal cron is invoked by the 'real' cron on the server.
When I run cron manually (such as via /admin/reports/status/run-cron) the profile fields get updated as expected.
Any suggestions as to what might be causing this?
(Note, since someone will suggest it: members join by means outside of Drupal, and are uploaded to Drupal nightly, so Drupal's built-in welcome letters won't work (I think).)
<?php
function foo_cron() {
// Find users who have not received the new member letter,
// and send them a welcome email
// Get users who have not recd a message, as per the profile value setting
$pending_count_sql = "SELECT COUNT(*) FROM {profile_values} v
WHERE (v.value = 0) AND (v.fid = 7)"; //fid 7 is the profile field for profile_intro_email_sent
if (db_result(db_query($pending_count_sql))) {
// Load the message template, since we
// know we have users to feed into it.
$email_template_file = "/home/foo/public_html/drupal/" .
drupal_get_path('module', 'foo') .
"/emails/foo-new-member-email-template.txt";
$email_template_data = file_get_contents($email_template_file);
fclose($email_template_fh);
//We'll just pull the uid, since we have to run user_load anyway
$query = "SELECT v.uid FROM {profile_values} v
WHERE (v.value = 0) AND (v.fid = 7)";
$result = db_query(($query));
// Loop through the uids, loading profiles so as to access string replacement variables
while ($item = db_fetch_object($result)) {
$new_member = user_load($item->uid);
$translation_key = array(
// ... code that generates the string replacement array ...
);
// Compose the email component of the message, and send to user
$email_text = t($email_template_data, $translation_key);
$language = user_preferred_language($new_member); // use member's language preference
$params['subject'] = 'New Member Benefits - Welcome to FOO!';
$params['content-type'] = 'text/plain; charset=UTF-8; format=flowed;';
$params['content'] = $email_text;
drupal_mail('foo', 'welcome_letter', $new_member->mail, $language, $params, 'webmaster#foo.org');
// Mark the user's profile to indicate that the message was sent
$change = array(
// Rebuild all of the profile fields in this category,
// since they'll be deleted otherwise
'profile_first_name' => $new_member->profile_first_name,
'profile_last_name' => $new_member->profile_last_name,
'profile_intro_email_sent' => 1);
profile_save_profile($change, $new_member, "Membership Data");
}
}
}
To safely switch users
http://api.drupal.org/api/function/session_save_session/6
<?php
global $user;
$original_user = $user;
session_save_session(FALSE); // D7: use drupal_save_session(FALSE);
$user = user_load(array('uid' => 1)); // D7: use user_load(1);
// Take your action here where you pretend to be the user with UID = 1 (typically the admin user on a site)
// If your code fails, it's not a problem because the session will not be saved
$user = $original_user;
session_save_session(TRUE); // // D7: use drupal_save_session(TRUE);
// From here on the $user is back to normal so it's OK for the session to be saved
?>
Taken from here:
drupal dot org/node/218104
yes i confirm drupal cron user profile is "anonymous" so you have to add the permission de manager user for the "anonymous" user which is not very good in term of security ..
Not quite a random guess ... but close ...
When "real" cron runs code, it runs it as a particular user.
Similarly, when you run the Drupal cron code manually, the code will also be running as a particular user.
My suspicion is that the two users are different, with different permissions, and that's causing the failure.
Does the cron job's user have access to write the database, or read only?
Are there any log files generated by the cron job?
Update: By 'user' above, I'm referring to the user accounts on the host server, not Drupal accounts. For example, on a sandbox system I use for testing Drupal changes, Apache runs under the noone account.
profile_save_profile dosn't check for permissions or as far as I can see do 'global $user' so I don't know if this is the real issue.
$new_member = user_load($item->uid);
This looks wrong user_load should take an array not a uid (unless you are using Drupal7), but if that didn't work the rest of the code would fail too.