alert("This application will not support in Internet Explorer(IE).");'; // echo '
This application will not support in Internet Explorer(IE)
'; header("Location:upgradebrowser.php"); exit; } // Create or reestablish the current session if (!is_file('config.inc.php')) { header("Location: install.php"); exit(); } // echo "
";
// die(print_r($_REQUEST));
require_once('config.inc.php');

//session_set_cookie_params(0,$_SERVER['REQUEST_URI']);
//session_name($_SERVER['REQUEST_URI']);

//if (!isset($dbconfig['db_hostname']) || $dbconfig['db_status']=='_DB_STAT_') {
if (!isset($dbconfig['db_server']) || $dbconfig['db_status']=='_DB_STAT_') { 
		header("Location: install.php");
		exit();
}

// load up the config_override.php file.  This is used to provide default user settings
if (is_file('config_override.php')) 
{
	require_once('config_override.php');
}

if(isset($_REQUEST['PHPSESSID']))
{	
	session_id($_REQUEST['PHPSESSID']);
	//Setting the same session id to Forums as in CRM
        $sid=$_REQUEST['PHPSESSID'];
}



if(version_compare(phpversion(), '5.0') < 0) {
        insert_charset_header();
        require_once('phpversionfail.php');
        die();
}


require_once('include/utils/utils.php');

//$firstname = htmlspecialchars($_REQUEST['module']);
// print_r($_SESSION);
// print_r($_PHPSESSID);
require_once('include/dataimport.php');
//ini_set('session.cookie_secure', '1');
 // ini_set('session.cookie_secure','on');
  session_start();
// Security #1 Start
$password_field=$adb->pquery('select * from sify_xpassword_policy where id=1');
$passwordhasing  = $adb->query_result($password_field, 0, 'password_hasing');

if(isset($_POST['MULTI_DISTRIBUTOR_SELECTED_HEADER'])){

    $_SESSION['MULTI_DISTRIBUTOR_SELECTED'] = $_POST['MULTI_DISTRIBUTOR_SELECTED_HEADER'];

    echo json_encode(array('status' => TRUE));
    exit();
 }

// echo "portal".$pp_url;

// die();

$_SESSION['passwordhasing']=$passwordhasing;
$_SESSION['second_auth']=1;

if(empty($_SESSION['secure_key']))
    $_SESSION['secure_key'] = uniqid('', true);
// Security #1 End
// set timeout period in seconds
//TODO : Session timeout , Configurable
$inactive = 86400;
// check to see if $_SESSION['timeout'] is set
if(isset($_SESSION['timeout']) ) {
	$session_life = time() - $_SESSION['timeout'];
	if($session_life > $inactive)
        { 
         $_SESSION["login_error"]='Session Expired ...!';
         header("Location: index.php?module=Users&action=Logout");         
        }
}
$_SESSION['timeout'] = time();

if (version_compare(phpversion(), '5.0') < 0) {
    eval('
    function clone($object) {
      return $object;
    }
    ');
  }

global $currentModule;

 /** Function to  return a string with backslashes stripped off
   * @param $value -- value:: Type string
   * @returns $value -- value:: Type string array
 */
	  
global $adb;
$result = $adb->pquery("select `key`,value,rule_from_stock_type,dist_id from sify_inv_mgt_config WHERE dist_id = 0 and `key` in ('DIST_PAYMENT_DETAIL') ");
$payment_expir_setting =$adb->query_result($result,0,'value');

$id = getDistrIDbyUserID();	

# year end concept code Begin
include 'archive_link.php';
# year end concept code END

if($payment_expir_setting == "1" && count($id)>0 && ($_REQUEST['module']!='Home' && $_REQUEST['module']!='PaymentSku' && $_REQUEST['module']!='PaymentDetail')) {
	
	
	$list_user_sub_sku = "SELECT * FROM
							vtiger_paymentdetail
							INNER JOIN vtiger_paymentsku ON vtiger_paymentdetail.sku=vtiger_paymentsku.paymentskuid AND vtiger_paymentsku.activation_workflow='DMS User Activation'
							WHERE module_name='xDistributor' AND module_id=?
							AND payment_status=3 
							AND DATE(service_startdate) <= DATE(NOW()) 
							AND DATE(service_enddate)>= DATE(NOW())
							AND activation_flag=2
							AND (deactivation_flag is NULL OR deactivation_flag!=2)";
	
	//echo $id;exit;
	$list_user_sub_sku_result = $adb->pquery($list_user_sub_sku,array($id['id']));

	$count_user_sub_sku = $adb->num_rows($list_user_sub_sku_result);

	if($count_user_sub_sku == 0){
		header("Location: distributor.php");
	}
}
 function stripslashes_checkstrings($value){
        if(is_string($value)){
                return stripslashes($value);
        }
        return $value;

 }
 if(get_magic_quotes_gpc() == 1){
        $_REQUEST = array_map("stripslashes_checkstrings", $_REQUEST);
        $_POST = array_map("stripslashes_checkstrings", $_POST);
        $_GET = array_map("stripslashes_checkstrings", $_GET);

}	
/** Function to set, character set in the header, as given in include/language/*_lang.php
 */
function insert_charset_header()
{
 	global $app_strings, $default_charset;
 	$charset = $default_charset;
 	
 	if(isset($app_strings['LBL_CHARSET']))
 	{
 	        $charset = $app_strings['LBL_CHARSET'];
 	}
		header('Content-Type: text/html; charset='. $charset);
}
 	
insert_charset_header();

//require_once 'config.decimal.php';
//require_once 'config.purchaseorder.php';
//require_once 'config.masters.php';
global $adb;
$result = $adb->pquery("select `key`,value,rule_from_stock_type,dist_id from sify_inv_mgt_config WHERE dist_id = 0");
for ($index = 0; $index < $adb->num_rows($result); $index++) {
    $key = $adb->query_result($result, $index, 'key');
    $val = $adb->query_result($result, $index, 'value'); 
    $GLOBALS[$key] = $val;
}
// echo "
";
// die(print_r($GLOBALS));
global $LBL_QUANTITY_DECIMAL,$LBL_CURRENCY_DECIMAL,$LBL_DISPLAY_TAX_FIELDS,$CHECK_VALIDATION;

global $entityDel;
global $display;
global $category;

global $ALLOW_PP_PRIVACY_URL,$ALLOW_PP_PRIVACY_LOGIN,$ALLOW_DP_PRIVACY_LOGIN,$ALLOW_DP_PRIVACY_URL,$ALLOW_CP_PRIVACY_URL,$ALLOW_CP_PRIVACY_LOGIN,$ENABLE_CLEAR_BUTTON;

if($ALLOW_DP_PRIVACY_LOGIN=='True'){

$dp_url_pass= $ALLOW_DP_PRIVACY_URL;
}
else{

  $dp_url_pass= '#';
}


if($ALLOW_PP_PRIVACY_LOGIN=='True'){

$pp_url_pass= $ALLOW_PP_PRIVACY_URL;
}
else{

  $pp_url_pass= '#';
}


if($ALLOW_CP_PRIVACY_LOGIN=='True'){

$cp_url_pass= $ALLOW_CP_PRIVACY_URL;
}
else{

  $cp_url_pass= '#';
} 


/*
    $query = "SELECT iq.* FROM 
	(SELECT vtiger_xsalesorder.buyerid,p.xproductid,p.productname,p.productcode,p.qtyinstock,p.length_of_serial_number,p.type_of_serial_number,p.track_serial_number,p.track_refresh_cycle,p.track_refresh_noofdays,p.uom3,p.uom3_conversion,p.uom4,p.uom4_conversion,p.uom5,p.uom5_conversion,p.uom6,p.uom6_conversion,p.uom7,p.uom7_conversion,p.xproduct_content,p.xproduct_flavour,p.xproductgroupid,p.shotname,p.image_name,p.xproduct_default_purchase_uom,p.xproduct_default_sales_uom,p.xproduct_default_inventory_uom,p.xproduct_available_stock_disp_uom,p.gross_weight,p.xproductpicklist1,p.net_weight,p.xproductpicklist2,p.xproductpicklist3,p.xproductpicklist4,p.xproductpicklist5,p.xproductpicklist6,p.xproductpicklist7,p.deleted,p.hsncode,p.producttaxtype,p.allow_rate_edit,
	 pcf.cf_xproduct_manufacturer,pcf.cf_xproduct_track_batch,pcf.cf_xproduct_track_pkd,pcf.cf_xproduct_ptr,pcf.cf_xproduct_ecp,pcf.cf_xproduct_division,pcf.cf_xproduct_category,pcf.cf_xproduct_vat,pcf.cf_xproduct_pts,pcf.cf_xproduct_mrp,pcf.cf_xproduct_base_uom,pcf.cf_xproduct_reporting_uom,pcf.cf_xproduct_reporting_unit,pcf.cf_xproduct_conversion_unit,pcf.cf_xproduct_conversion_factor,pcf.cf_xproduct_uom1,pcf.cf_xproduct_uom1_conversion,pcf.cf_xproduct_uom2,pcf.cf_xproduct_uom2_conversion,pcf.cf_xproduct_forum_code,pcf.cf_xproduct_contect,pcf.cf_xproduct_pack,pcf.cf_xproduct_flavour,pcf.cf_xproduct_description,pcf.cf_xproduct_active,pcf.cf_xproduct_price_at_uom,pcf.cf_xproduct_reporting_uom_conversion,pcf.cf_xproduct_price_for_margin,pcf.cf_xproduct_status,pcf.cf_xproduct_next_stage_name,pcf.cf_xproduct_minimum_stock_level,pcf.cf_xproduct_maximum_stock_level,pcf.cf_xproduct_re_order_level,pcf.cf_xproduct_order_lot_size,
	 spr.id,spr.productid,spr.productcode as product_code,spr.product_type,spr.sequence_no,spr.quantity,spr.baseqty,spr.dispatchqty,spr.siqty,spr.tuom,spr.listprice,spr.discount_percent,spr.discount_amount,spr.sch_disc_amount,spr.description,spr.lineitem_id,spr.comment,spr.incrementondel,spr.tax1,spr.tax2,spr.tax3,spr.billing_at,spr.created_at,spr.modified_at,spr.xprodhierid, 
	 CASE WHEN sl.productid != '' THEN 'Products' ELSE 'Services' END AS entitytype,
  	 vtiger_uom.uomname as `uomcode`, sl.id as batch_id, IFNULL(sl.batchnumber,'') AS `batchnumber`, sl.pkg, sl.expiry, IFNULL(sl.salable_qty,0.0)-IFNULL(sl.sold_salable_qty,0.0) AS qty_in_stock,
	 sl.pts, sl.ptr, sl.mrp, sl.ecp
	 FROM vtiger_stocklots sl
	 LEFT JOIN vtiger_xproduct p ON p.xproductid = sl.productid
	 LEFT JOIN vtiger_xproductcf pcf ON pcf.xproductid = p.xproductid
	 INNER JOIN vtiger_xsalesorderproductrel spr ON spr.id = 128680 AND spr.xprodhierid = pcf.cf_xproduct_category
	 INNER JOIN vtiger_xsalesorder on vtiger_xsalesorder.salesorderid = spr.id
	 LEFT JOIN vtiger_uom on vtiger_uom.uomid = spr.tuom
	 WHERE sl.productid IN (SELECT pcf_inner.xproductid
						FROM vtiger_xsalesorderproductrel spr_inner
						LEFT JOIN vtiger_xproductcf pcf_inner ON pcf_inner.cf_xproduct_category = spr_inner.xprodhierid 
						WHERE spr_inner.id = 128680
						AND pcf_inner.cf_xproduct_active = 1 AND pcf_inner.deleted = 0 AND spr_inner.product_type = 'Main' 
						AND spr_inner.baseqty > spr_inner.siqty) 
	 AND distributorcode='41994' AND location_id='48127'
     ORDER BY sl.mrp) AS iq WHERE qty_in_stock > 0.0";

                $params = array();
                $result = $adb->pquery($query, $params);
                $num_rows = $adb->num_rows($result);
                $result_set = $adb->getResultSet($result);
                //$row_data = $adb->query_result_rowdata($result);
		$log =& LoggerManager::getLogger('index');
                
                $log->debug('Result_field: '.print_r($result_field, true));
                $log->debug('Num_rows: '.print_r($num_rows, true));
                $result_set_modified = array();
                foreach($result_set as $key => $set) {
                    $result_set_modified[$set['xprodhierid']][] = $set;
                }
                $log->debug('Result set modified: '.print_r($result_set_modified, true));
                
                $result_set = array();
                foreach($result_set_modified as $xprodhierid => $set) {
                    
                    $total_qty_in_stock_fld = 0;
                    $baseqty_fld  = $baseqty_fld_temp = $set[0]['baseqty'];
                    $quantity_fld = $quantity_fld_temp = $set[0]['quantity'];
                    $conversion_value = $baseqty_fld / $quantity_fld;
                    for($row = 0;$row < $num_rows; $row++) {

                        $xprodhierid_fld = $set[$row]['xprodhierid'];
                        $qty_in_stock_fld = $set[$row]['qty_in_stock'];
                        $total_qty_in_stock_fld += $qty_in_stock_fld;
                        if($baseqty_fld_temp <= $qty_in_stock_fld) {
                            $set[$row]['baseqty'] = $baseqty_fld_temp;
                            $set[$row]['quantity'] = $quantity_fld_temp;
                        } else {
                            $baseqty_fld_temp -= $qty_in_stock_fld;
                            $quantity_fld_temp -= ($qty_in_stock_fld * $conversion_value);
                            $set[$row]['baseqty'] = $qty_in_stock_fld;
                            $set[$row]['quantity'] = $qty_in_stock_fld;
                        }

                        $result_set[] = $set[$row];
                        if($baseqty_fld <= $total_qty_in_stock_fld) {
                            break;
                        }
                    }
                }
                $log->debug('Final_result: '.print_r($result_set, true));

             $result = $adb->mquery("SELECT si.salesinvoiceid, si.stock_updated, siprel.refid as salesorderid, so.so_lbl_save_pro_cate FROM vtiger_salesinvoice si
                                     INNER JOIN vtiger_siproductrel siprel ON si.salesinvoiceid = siprel.id 
                                     INNER JOIN vtiger_xsalesorder so ON siprel.refid = so.salesorderid WHERE si.salesinvoiceid = '128727'");
             $stock_updated = $adb->query_result($result, 0, 0);
             $so_lbl_save_pro_cate = $adb->query_result($result, 0, 1);
             $salesorderid = $adb->query_result($result, 0, 2);
             $log =& LoggerManager::getLogger('index');
             $log->debug('SO_PRO_CATE_BASED: '.print_r($SO_PRO_CATE_BASED, true));
             $log->debug('So_lbl_save_pro_cate: '.print_r($so_lbl_save_pro_cate, true));
             $log->debug('Stock_updated: '.print_r($stock_updated, true));
                
exit;
*/

//if($_REQUEST['action'] != 'DupCheckAjax'){echo '
';print_r($_REQUEST);die;}
if($maintanace)
     header("Location: Maintanance.php");

if($cacheAlert)
{
    echo'';
}

//echo '
';print_r($_REQUEST);die;

// Allow for the session information to be passed via the URL for printing.

// Create or reestablish the current session
if (!is_file('config.inc.php')) { 
	header("Location: install.php");
	exit();
}

require_once('config.inc.php');
//if (!isset($dbconfig['db_hostname']) || $dbconfig['db_status']=='_DB_STAT_') {
if (!isset($dbconfig['db_server']) || $dbconfig['db_status']=='_DB_STAT_') { 
		header("Location: install.php");
		exit();
}
			
// load up the config_override.php file.  This is used to provide default user settings
if (is_file('config_override.php')) 
{
	require_once('config_override.php');
}

/**
 * Check for vtiger installed version and codebase
 */
require_once('vtigerversion.php');
global $adb, $vtiger_current_version;
if(isset($_SESSION['VTIGER_DB_VERSION']) && isset($_SESSION['authenticated_user_id'])) {
    if(version_compare($_SESSION['VTIGER_DB_VERSION'], $vtiger_current_version, '!=')) { 
        unset($_SESSION['VTIGER_DB_VERSION']);
        header("Location: install.php");
        exit();
    }
}else{
    $result = $adb->query("SELECT * FROM vtiger_version");
    $dbversion = $adb->query_result($result, 0, 'current_version'); 
    if(version_compare($dbversion, $vtiger_current_version, '=')) {
    	$_SESSION['VTIGER_DB_VERSION']= $dbversion;
    }else{
    	header("Location: install.php");
        exit();
    }
	
}

// END
/************ Added for DB Dmup version maintanace *****************/
if(!isset($_SESSION['FORUMNXT_DB_VERSION'])) {
    $result = $adb->query("SELECT * FROM vtiger_version");
    $DB_VERSION = $adb->query_result($result, 0, 'db_version');
	$_SESSION['FORUMNXT_DB_VERSION']= $DB_VERSION;
}
/************ END *****************/



$default_config_values = Array( "allow_exports"=>"all","upload_maxsize"=>"3000000", "listview_max_textlength" => "40", "php_max_execution_time" => "0");

set_default_config($default_config_values);

// Set the default timezone preferred by user
global $default_timezone;
if(isset($default_timezone) && function_exists('date_default_timezone_set')) {
	@date_default_timezone_set($default_timezone);
} 

require_once('include/logging.php');
require_once('modules/Users/Users.php');

global $currentModule;
//if($calculate_response_time) $startTime = microtime();

$logRef = LoggerManager::getLogger('index'); //CL: 3.1.11
$log =& $logRef;

global $seclog;
$seclogRef = LoggerManager::getLogger('SECURITY'); //CL: 3.1.10
$seclog =& $seclogRef;

if (isset($_REQUEST['PHPSESSID'])) $log->debug("****Starting for session ".$_REQUEST['PHPSESSID']);
else $log->debug("****Starting for new session");

// We use the REQUEST_URI later to construct dynamic URLs.  IIS does not pass this field
// to prevent an error, if it is not set, we will assign it to ''
if(!isset($_SERVER['REQUEST_URI']))
{
	$_SERVER['REQUEST_URI'] = '';
}

$action = '';
if($_REQUEST['module'] == 'SalesFunnelReport'){
    
    $action = $_REQUEST['action'];
    $action = explode('_',$action);
    if(count($action) > 1){
        $_REQUEST['action'] = $action[0];
    }
    $_REQUEST['report_type'] = $action[1];
     }




if(isset($_REQUEST['action']))
{
	$action = $_REQUEST['action'];
}
if($action == 'Export')
{
        include ('include/utils/export.php');
}
if($action == 'ExportAjax')
{
        include ('include/utils/ExportAjax.php');
}
// vtlib customization: Module manager export
if($action == 'ModuleManagerExport') {
	include('modules/Settings/ModuleManager/Export.php');
}
// END

//Code added for 'Path Traversal/File Disclosure' security fix - Philip
$is_module = false;
$is_action = false;

if($_SESSION['CHANNEL_BASE_PRICE'] && $_SESSION['CHANNEL_LEVEL']){
    //$_SESSION['channelcheck'] = 1;
    include_once('include/configuration.php');
    checkChannelConfigChanged();
    
}
//if($_REQUEST['module']=='xTally')
//{
//  header("Location: index.php?module=InventoryMgtSettings&action=Tallydatamap&parenttab=Admin");   
//}

if(isset($_REQUEST['module']))
{
	$module = $_REQUEST['module'];	
	$dir = @scandir($root_directory."modules");
	$temp_arr = Array("CVS","Attic");
    $res_arr = @array_intersect($dir,$temp_arr);

	if(count($res_arr) == 0  && !preg_match("/[\/.]/",$module)) {
		if(@in_array($module,$dir))
			$is_module = true;
	}
    $in_dir = @scandir($root_directory."modules/".$module);
    
  // print_r($root_directory); die();
	$res_arr = @array_intersect($in_dir,$temp_arr);
	if(count($res_arr) == 0 && !preg_match("/[\/.]/",$module)) {

        if(@in_array($action.".php",$in_dir))
     
			$is_action = true;
	} 	
  
	if(!$is_module)
	{
    header("Refresh:0; url=index.php");
    return false;
		//die("Module name is missing. Please check the module name.");
//header("Refresh:0");

    }
    
	if(!$is_action)
	{
		header("Refresh:0; url=index.php");

     return false;

	}
}

/*
 *      Code added fot getting default order by.
 *      kami
 */

if(!isset($_REQUEST['order_by']) && ($module!='Administration' && $module!='Users'))
{
   $_REQUEST['order_by']='crmid';
   $_REQUEST['sorder']='desc';
}    

$log->debug($_REQUEST);
$skipHeaders=false;
$skipFooters=false;
$viewAttachment = false;
$skipSecurityCheck= false;


//Code added for 'Multiple SQL Injection Vulnerabilities & XSS issue' fixes - Philip
if(isset($_REQUEST['record']) && !is_numeric($_REQUEST['record']) && $_REQUEST['record']!='')
{
        die("An invalid record number specified to view details.");
}

// Check to see if there is an authenticated user in the session.
$use_current_login = false;
if(isset($_SESSION["authenticated_user_id"]) && (isset($_SESSION["app_unique_key"]) && $_SESSION["app_unique_key"] == $application_unique_key))
{       
        $use_current_login = true;
}
if(!empty($COMPANY_DEFAULT_LOGIN_PAGE))
    $default_module = $COMPANY_DEFAULT_LOGIN_PAGE;
// Prevent loading Login again if there is an authenticated user in the session.
if (isset($_SESSION["authenticated_user_id"]) && $module == 'Users' && $action == 'Login') {

    header("Location: index.php?action=$default_action&module=$default_module");
} 

//print_r($_SESSION);
if($use_current_login){
	/*&Added to prevent fatal error before starting migration(5.0.4. patch ).
	//Start
	$arr=$adb->getColumnNames("vtiger_users");
	if(!in_array("internal_mailer", $arr))
	{
		$adb->pquery("alter table vtiger_users add column internal_mailer int(3) NOT NULL default '1'", array());
		$adb->pquery("alter table vtiger_users add column tagcloud_view int(1) default 1", array());
	}
	//End*/

	//getting the internal_mailer flag
	if(!isset($_SESSION['internal_mailer'])){
		$qry_res = $adb->pquery("select internal_mailer from vtiger_users where id=?", array($_SESSION["authenticated_user_id"]));
		$_SESSION['internal_mailer'] = $adb->query_result($qry_res,0,"internal_mailer");
	}
	$log->debug("We have an authenticated user id: ".$_SESSION["authenticated_user_id"]);
}else if(isset($action) && isset($module) && $action=="Authenticate" && $module=="Users"){
	$log->debug("We are authenticating user now");
}else{
	if($_REQUEST['action'] != 'Logout' && $_REQUEST['action'] != 'Login'){
		$_SESSION['lastpage'] = $_SERVER['argv'];
	}
	$log->debug("The current user does not have a session.  Going to the login page");	
	
        if($_REQUEST['action']=='Login' || $_REQUEST['action']=='CorpLogin'){
            $action = $_REQUEST['action'];
            $_SESSION['logintype']=$_REQUEST['action'];
        }
        else{
            $action = 'Login';
            $_SESSION['logintype']='Login';
        }
        
	$module = "Users";
	$skipFooters=true;
}


//echo $module;
//echo $action;die();
$log->info("Module: ".$module);
$log->info("Action: ".$action);
$log->info('$_REQUEST: '.print_r($_REQUEST, true));

if(isset($action) && isset($module))
{
    
	$log->info("About to take action ".$action);
	$log->debug("in $action");
        
    if($_REQUEST['ajax']=='true')
    {
        $skipHeaders=true;$skipFooters=true;
    }    
    else if(preg_match("/^Save/", $action) ||
		preg_match("/^Delete/", $action) ||
		preg_match("/^get_distributors/", $action) ||
		preg_match("/^get_regions/", $action) ||
preg_match("/^get_states/", $action) ||
preg_match("/^get_cities/", $action) ||
preg_match("/^get_distributordata/", $action) ||
preg_match("/^get_products/", $action) ||
preg_match("/^get_distributortickets/", $action) ||
preg_match("/^get_rolesby_bu/", $action) ||
preg_match("/^get_usersby_role/", $action) ||
preg_match("/^get_usersby_role_product/", $action) ||
preg_match("/^get_usersby_role_zones/", $action) ||
preg_match("/^get_userreport/", $action) ||
preg_match("/^get_severityby_pc/", $action) ||
preg_match("/^get_cat_by_module/", $action) ||
preg_match("/^getSerailsRelDtl/", $action) || 
preg_match("/^getSoldSerailKeyList/", $action) ||
preg_match("/^get_modules/", $action) ||
preg_match("/^get_module_by_product/", $action) ||
preg_match("/^get_zone_by_user/", $action) ||
preg_match("/^get_probability/", $action) ||
preg_match("/^get_categoryby_industry/", $action) ||
preg_match("/^Ann_UserUp/", $action) ||
preg_match("/^addressbook/", $action) ||
preg_match("/^get_PO_Amount/", $action) ||
preg_match("/^get_potential_account/", $action) ||
preg_match("/^get_deliveryManager/", $action) ||
preg_match("/^get_MOM_template/", $action) ||
preg_match("/^get_weightagenProgress_validation/", $action) ||
preg_match("/^server/", $action) ||
preg_match("/^subgrid/", $action) ||
preg_match("/^editactualdate/", $action) ||
preg_match("/^potential_amcproject/", $action) ||
preg_match("/^checkreviseddatevalidate/", $action) ||
preg_match("/^get_reviseddateforprojectms/", $action) ||
preg_match("/^getassignedtohistroy/", $action) ||
preg_match("/^getticketsttshistroy/", $action) ||
preg_match("/^chck_milestoneamountexceeds/", $action) ||
preg_match("/^ticketSLACheck/", $action) ||
preg_match("/^getTreeList/", $action) ||
preg_match("/^getCompanyList/", $action) ||
preg_match("/^getAllGodown/", $action) ||
preg_match("/^txnPwdChk/", $action) ||
preg_match("/^DupCheckAjax/", $action) ||
preg_match("/^PwdRules/", $action) ||
preg_match("/^updateStatusAjax/", $action) ||
preg_match("/^ProductsAjax/", $action) ||
preg_match("/^getStockList/", $action) ||
preg_match("/^getEditGrid/", $action) ||
preg_match("/^getEditGridTNS/", $action) ||
preg_match("/^getProductComboList/", $action) ||
preg_match("/^getBatchComboList/", $action) ||
preg_match("/^getDefaultBatchSel/", $action) ||
preg_match("/^getComboList/", $action) ||
preg_match("/^getComboList2/", $action) ||
preg_match("/^getComboListPro/", $action) ||
preg_match("/^getComboEditGrid/", $action) ||
preg_match("/^deleteUserFile/", $action) ||
preg_match("/^getPurchaseInvoiceList/", $action) ||
preg_match("/^checkQtyAjax/", $action) ||
preg_match("/^qtyCheck/", $action) ||
preg_match("/^getSalesInvoiceList/", $action) ||
preg_match("/^getGodownList/", $action) ||
preg_match("/^getCreditTermAjax/", $action) ||
preg_match("/^applySchmeForProduct/", $action) ||
preg_match("/^getHierLevelAjax/", $action) ||     
preg_match("/^loadSelectDataAjax/", $action) ||
preg_match("/^getMJPDateCountAjax/", $action) ||
preg_match("/^DefaultVendorAjax/", $action) ||
preg_match("/^get_input_batch_grid/", $action) ||
preg_match("/^get_input_batch_grid_1/", $action) ||
preg_match("/^get_price_bydate/", $action) ||
preg_match("/^gettrackinventoryAjax/", $action) ||
preg_match("/^getProductListAjax/", $action) ||
preg_match("/^loadDistrAjax/", $action) ||
preg_match("/^getProList/", $action) ||  
preg_match("/^loadSKUAjax/", $action) ||  
preg_match("/^loadValueClassAjax/", $action) ||
preg_match("/^loadcatgroupsAjax/", $action) ||                
preg_match("/^ProdCatGrpAjax/", $action) ||  
preg_match("/^loadcreditdaysAjax/", $action) ||                
preg_match("/^getClusterAjax/", $action) ||               
preg_match("/^ChkRCLAjax/", $action) ||
preg_match("/^ChkRCLProdCatGrpAjax/", $action) ||
preg_match("/^CreditnormchkAjax/", $action) ||                 
preg_match("/^ChkClasterAjax/", $action) || 
preg_match("/^getBatchList/", $action) || 
preg_match("/^getStockTypes/", $action) ||  
preg_match("/^getReasonList/", $action) ||  
preg_match("/^getDistList/", $action) ||            
preg_match("/^getGodownProductList/", $action) ||  
preg_match("/^BulkOrderConversionDataGrid/", $action) ||
preg_match("/^Print/", $action) || preg_match("/^SIBulkPrint/", $action) || // CL: 3.1.108
preg_match("/^BulkPrintGridData/", $action) ||
preg_match("/^loadMasterDataAjax/", $action) ||
preg_match("/^getretailerlist/", $action) ||
preg_match("/^newBatch/", $action) ||
preg_match("/^create_si/", $action) ||  
preg_match("/^ProfileupdateAjax/", $action) ||   
preg_match("/^getsuggestedorderAjax/", $action) ||   
preg_match("/^chequemangementlistAjax/", $action) ||   
preg_match("/^getUomTypes/", $action) ||                
preg_match("/^InventoryTaxAjaxJSON/", $action) || 
preg_match("/^newBatch/", $action) ||
preg_match("/^getStkAvlAjax/", $action) ||
preg_match("/^getdetaillistAjax/", $action) ||  
preg_match("/^ProfileAjax/", $action) || 
preg_match("/^ChkChequenumberAjax/", $action) ||                                 
preg_match("/^showlistAjax/", $action) || 
preg_match("/^collectionlistAjax/", $action) || 
preg_match("/^findBudget/", $action) || 
preg_match("/^loadClaimAjax/", $action) ||  //for claim
preg_match("/^getComboEditGridNorm/", $action) ||  //for claim norm
preg_match("/^SytemClaimHead/", $action) ||  //for system generated claim
preg_match("/^loadClaimNormAjax/", $action) ||  //for system generated claim norm
preg_match("/^loadClaimTopSheetAjax/", $action) ||  //for Transaction claim Topsheet     
preg_match("/^ChkMerchandiseMappingAjax/", $action) ||  //for merchandise mapping cluster   
preg_match("/^checkMerInvDupAjax/", $action) ||
preg_match("/^pointsRedemptionAjax/", $action) ||
preg_match("/^getVanAllocation/", $action) || // Van allocation
preg_match("/^getMerchandiseProducts/", $action) || // merchandise name
preg_match("/^checkPWDBillingAjax/", $action) || //get Salesinvocie pwd configuration
preg_match("/^getSerialNumbersAjax/", $action) || //get Salesinvocie pwd configuration 
preg_match("/^checkPWDfrSICanAmendAjax/", $action) || //get Salesinvocie pwd configuration 
preg_match("/^getSerialnoduplicates/", $action) ||   
preg_match("/^getPTRvalues/", $action) ||      
preg_match("/^deletePTRvalues/", $action) ||                 
preg_match("/^getSerialInfo/", $action) ||         
preg_match("/^getPickList/", $action) || //get Picklist data
preg_match("/^getProductCatHierList/", $action) || //get Product list by prodcategory grp
preg_match("/^getSPByRetailer/", $action) ||  
preg_match("/^DeleteDistributorData/", $action) ||
preg_match("/^serialvalidatecheck/", $action) ||                 
preg_match("/^getExistingSerialKeysForScheme/", $action) ||                 
preg_match("/^xSalesmanMap/", $action) ||                 
preg_match("/^xRetailerMap/", $action) ||                 
preg_match("/^xBeatMap/", $action) ||
        preg_match("/^getProdTrackPkd/", $action) ||                
		preg_match("/^Choose/", $action) ||
		preg_match("/^Popup/", $action) ||
		preg_match("/^ChangePassword/", $action) ||
		preg_match("/^Authenticate/", $action) ||
		preg_match("/^Logout/", $action) ||
		preg_match("/^add2db/", $action) ||
		preg_match("/^result/", $action) ||
		preg_match("/^LeadConvertToEntities/", $action) ||
		preg_match("/^downloadfile/", $action) ||
		preg_match("/^massdelete/", $action) ||
		preg_match("/^updateLeadDBStatus/",$action) ||
		preg_match("/^AddCustomFieldToDB/", $action) ||
		preg_match("/^updateRole/",$action) ||
		preg_match("/^UserInfoUtil/",$action) ||
		preg_match("/^deleteRole/",$action) ||
		preg_match("/^UpdateComboValues/",$action) ||
		preg_match("/^fieldtypes/",$action) ||
		preg_match("/^app_ins/",$action) ||
		preg_match("/^minical/",$action) ||
		preg_match("/^minitimer/",$action) ||
		preg_match("/^app_del/",$action) ||
		preg_match("/^send_mail/",$action) ||
		preg_match("/^populatetemplate/",$action) ||
		preg_match("/^TemplateMerge/",$action) ||
		preg_match("/^testemailtemplateusage/",$action) ||
		preg_match("/^saveemailtemplate/",$action) ||
		preg_match("/^ProcessDuplicates/", $action ) ||
		preg_match("/^lastImport/", $action ) ||
		preg_match("/^lookupemailtemplate/",$action) ||
		preg_match("/^deletewordtemplate/",$action) ||
		preg_match("/^deleteemailtemplate/",$action) ||
		preg_match("/^CurrencyDelete/",$action) ||
		preg_match("/^deleteattachments/",$action) ||
		preg_match("/^MassDeleteUsers/",$action) ||
		preg_match("/^UpdateFieldLevelAccess/",$action) ||
		preg_match("/^UpdateDefaultFieldLevelAccess/",$action) ||
		preg_match("/^UpdateProfile/",$action)  ||
		preg_match("/^updateRelations/",$action) ||
		preg_match("/^updateNotificationSchedulers/",$action) ||
		preg_match("/^Star/",$action) ||
		preg_match("/^addPbProductRelToDB/",$action) ||
		preg_match("/^UpdateListPrice/",$action) ||
		preg_match("/^PriceListPopup/",$action) ||
		preg_match("/^SalesOrderPopup/",$action) ||
		preg_match("/^CreatePDF/",$action) ||
		preg_match("/^CreateSOPDF/",$action) ||
		preg_match("/^CreateCollectionFormatPDF/",$action) ||
		preg_match("/^redirect/",$action) ||
		preg_match("/^webmail/",$action) ||
		preg_match("/^left_main/",$action) ||
		preg_match("/^delete_message/",$action) ||
		preg_match("/^mime/",$action) ||
		preg_match("/^move_messages/",$action) ||
		preg_match("/^folders_create/",$action) ||
		preg_match("/^imap_general/",$action) ||
		preg_match("/^mime/",$action) ||
		preg_match("/^download/",$action) ||
		preg_match("/^about_us/",$action) ||
		preg_match("/^SendMailAction/",$action) ||
		preg_match("/^CreateXL/",$action) ||
		preg_match("/^exportXL/",$action) ||
		preg_match("/^savetermsandconditions/",$action) ||
		preg_match("/^home_rss/",$action) ||
		preg_match("/^ConvertAsFAQ/",$action) ||
		preg_match("/^Tickerdetail/",$action) ||
		preg_match("/^".$module."Ajax/",$action) ||
		preg_match("/^ActivityAjax/",$action) ||
		preg_match("/^chat/",$action) ||
		preg_match("/^vtchat/",$action) ||
		preg_match("/^updateCalendarSharing/",$action) ||
		preg_match("/^disable_sharing/",$action) ||
		preg_match("/^HeadLines/",$action) ||
		preg_match("/^TodoSave/",$action) ||
		preg_match("/^RecalculateSharingRules/",$action) ||
		(preg_match("/^body/",$action) && preg_match("/^Webmails/",$module)) ||
		(preg_match("/^dlAttachments/",$action) && preg_match("/^Webmails/",$module)) ||
		(preg_match("/^DetailView/",$action) && preg_match("/^Webmails/",$module)) ||
		preg_match("/^savewordtemplate/",$action) ||
		preg_match("/^mailmergedownloadfile/",$action) ||
		(preg_match("/^Webmails/",$module) && preg_match("/^get_img/",$action)) ||
		preg_match("/^download/",$action) ||
		preg_match("/^getListOfRecords/", $action) ||
		preg_match("/^AddBlockFieldToDB/", $action) ||
		preg_match("/^AddBlockToDB/", $action)  ||
		preg_match("/^getCreditTermAjax/", $action) ||
		preg_match("/^iCalExport/",$action) || 
		preg_match("/^esneciLxajAkcehc/",$action) ||
		preg_match("/^getRefreshChargingDetails/",$action) ||
		preg_match("/^DownloadDatas/",$action) ||
    preg_match("/^getquotationdownload/",$action) ||
		preg_match("/^DownloadImportFormat/",$action) ||
		preg_match("/^DownImpData/",$action) ||
		preg_match("/^DownImportFormat/",$action) ||
		preg_match("/^DownFailedData/",$action) ||
        preg_match("/^ImportLogDetails/",$action)  ||
		preg_match("/^checkInvStatusAjax/", $action) ||
            preg_match("/^checkOrderStatusAjax/", $action) ||
			preg_match("/^checkSalesmanBeatMapping/", $action) ||
            preg_match("/^checkRetailerCodePrefixAjax/", $action) ||
            preg_match("/^vanAllocationDeliveryStatus/", $action) ||
		preg_match("/^getWarrantyPolicyList/",$action) || 
		preg_match("/^getRetailerProductTax/",$action) ||
        preg_match("/^getset_retaileraddress/",$action) || 
        preg_match("/^getModernComboGridForModuleResults/", $action) ||
        preg_match("/^getModernComboGridForModuleResults/", $action) ||
        preg_match("/^getBillingAtRetailer/", $action) ||    
        preg_match("/^getItemLists/", $action) ||
        preg_match("/^getset_address/", $action) ||
		preg_match("/^chkUser/", $action) ||
		preg_match("/^getDefaultBatchSel/", $action) ||
		preg_match("/^SAPSuccessReport/", $action) ||
        preg_match("/^SAPErrorReport/", $action) ||
        preg_match("/^getclaimheadvalues/", $action) ||
		preg_match("/^SubTable/",$action)||
		preg_match("/^subSalesmanWiseBeatWiseItemWiseSalesReport/",$action)||
		preg_match("/^siAdjustmentAjax/",$action)||
		preg_match("/^ChkRCLProdCatGrpAjax/", $action) ||
		preg_match("/^subRetailerWiseSalesReturnReport/",$action) || 
		preg_match("/^loadRetailerAjax/", $action) ||
		preg_match("/^getset_end_customer/", $action) ||
                preg_match("/^checkCustomerinfoAjax/", $action) ||
				preg_match("/^customerMblNoDublicate/",$action) ||
                preg_match("/^hhsdata/", $action) ||
				preg_match("/^getDistList/", $action) ||
                                preg_match("/^getRetailerOutReport/", $action) ||
                preg_match("/^getSalesEffReport/", $action) ||
                preg_match("/^getPtrFromNetprice/", $action) ||
                preg_match("/^getoutletwisesalesreport/", $action) ||
                preg_match("/^saudadetails/", $action) ||
                preg_match("/^bgsddetails/", $action) ||
                preg_match("/^populatepricedetails/", $action) ||
                preg_match("/^xSalesmanDuplicateAjax/", $action) ||
              //  preg_match("/^Shortcutkey/", $action) ||
				preg_match("/^checkSchemeStatusAjax/", $action)
            
                        
		)
	{
		$skipHeaders=true;
		//skip headers for all these invocations as they are mostly popups
		if(preg_match("/^Popup/", $action) ||
			preg_match("/^ChangePassword/", $action) ||
preg_match("/^get_distributors/", $action) ||
preg_match("/^get_regions/", $action) ||
preg_match("/^get_states/", $action) ||
preg_match("/^get_cities/", $action) ||
preg_match("/^get_distributordata/", $action) ||
preg_match("/^get_products/", $action) ||
preg_match("/^get_distributortickets/", $action) ||			
preg_match("/^get_rolesby_bu/", $action) ||	
preg_match("/^get_usersby_role/", $action) ||	
preg_match("/^get_usersby_role_product/", $action) ||	
preg_match("/^get_usersby_role_zones/", $action) ||	
preg_match("/^get_userreport/", $action) ||	
preg_match("/^get_severityby_pc/", $action) ||
preg_match("/^get_modules/", $action) ||
preg_match("/^get_cat_by_module/", $action) ||
preg_match("/^getSerailsRelDtl/", $action) ||
preg_match("/^getSoldSerailKeyList/", $action) ||
preg_match("/^get_module_by_product/", $action) ||	
preg_match("/^get_zone_by_user/", $action) ||	
preg_match("/^get_probability/", $action) ||	
preg_match("/^get_categoryby_industry/", $action) ||	
preg_match("/^Ann_UserUp/", $action) ||	
preg_match("/^addressbook/", $action) ||	
preg_match("/^get_PO_Amount/", $action) ||	
preg_match("/^get_potential_account/", $action) ||	
preg_match("/^get_deliveryManager/", $action) ||	
preg_match("/^get_MOM_template/", $action) ||	
preg_match("/^get_weightagenProgress_validation/", $action) ||	
preg_match("/^server/", $action) ||	
preg_match("/^subgrid/", $action) ||	
preg_match("/^editactualdate/", $action) ||	
preg_match("/^potential_amcproject/", $action) ||	
preg_match("/^checkreviseddatevalidate/", $action) ||	
preg_match("/^get_reviseddateforprojectms/", $action) ||	
preg_match("/^getassignedtohistroy/", $action) ||	
preg_match("/^getticketsttshistroy/", $action) ||	
preg_match("/^chck_milestoneamountexceeds/", $action) ||	
preg_match("/^ticketSLACheck/", $action) ||	
preg_match("/^getTreeList/", $action) ||	
preg_match("/^getCompanyList/", $action) ||
preg_match("/^getAllGodown/", $action) ||
preg_match("/^txnPwdChk/", $action) ||                        
preg_match("/^DupCheckAjax/", $action) ||
preg_match("/^PwdRules/", $action) ||
preg_match("/^updateStatusAjax/", $action) ||
preg_match("/^getSalesInvoiceList/", $action) ||
preg_match("/^getGodownList/", $action) ||
preg_match("/^getStockList/", $action) ||
preg_match("/^getEditGrid/", $action) ||
preg_match("/^getEditGridTNS/", $action) ||
preg_match("/^getProductComboList/", $action) ||
preg_match("/^getBatchComboList/", $action) ||
preg_match("/^getDefaultBatchSel/", $action) ||
preg_match("/^getComboList/", $action) ||
preg_match("/^getComboList2/", $action) ||
preg_match("/^getComboListPro/", $action) ||
preg_match("/^getComboEditGrid/", $action) ||
preg_match("/^deleteUserFile/", $action) ||                        
preg_match("/^qtyCheck/", $action) ||
preg_match("/^getPurchaseInvoiceList/", $action) ||
preg_match("/^checkQtyAjax/", $action) ||
preg_match("/^qtyCheck/", $action) ||
preg_match("/^getSalesInvoiceList/", $action) ||
preg_match("/^getCreditTermAjax/", $action) ||
preg_match("/^applySchmeForProduct/", $action) ||
preg_match("/^getHierLevelAjax/", $action) ||
preg_match("/^loadSelectDataAjax/", $action) ||
preg_match("/^getMJPDateCountAjax/", $action) ||
preg_match("/^DefaultVendorAjax/", $action) ||
preg_match("/^get_input_batch_grid/", $action) || 
preg_match("/^get_input_batch_grid_1/", $action) ||
preg_match("/^get_price_bydate/", $action) ||
preg_match("/^gettrackinventoryAjax/", $action) ||
preg_match("/^getProductListAjax/", $action) ||
preg_match("/^loadDistrAjax/", $action) ||
preg_match("/^getProList/", $action) ||       
preg_match("/^loadSKUAjax/", $action) ||  
preg_match("/^loadValueClassAjax/", $action) ||
preg_match("/^loadcatgroupsAjax/", $action) ||                        
preg_match("/^ProdCatGrpAjax/", $action) || 
preg_match("/^loadcreditdaysAjax/", $action) ||   
preg_match("/^getClusterAjax/", $action) ||      
preg_match("/^ChkRCLAjax/", $action) ||  
preg_match("/^ChkRCLProdCatGrpAjax/", $action) ||
preg_match("/^CreditnormchkAjax/", $action) ||                        
preg_match("/^ChkClasterAjax/", $action) ||  
preg_match("/^getBatchList/", $action) || 
preg_match("/^getStockTypes/", $action) ||   
preg_match("/^getReasonList/", $action) ||  
preg_match("/^getDistList/", $action) ||                          
preg_match("/^getGodownProductList/", $action) ||  
preg_match("/^BulkOrderConversionDataGrid/", $action) ||
//preg_match("/^Shortcutkey/", $action) ||
preg_match("/^Print/", $action) || preg_match("/^SIBulkPrint/", $action) ||
preg_match("/^BulkPrintGridData/", $action) ||                        
preg_match("/^loadMasterDataAjax/", $action) ||
preg_match("/^getretailerlist/", $action) ||
preg_match("/^newBatch/", $action) ||
preg_match("/^create_si/", $action) ||                     
preg_match("/^getUomTypes/", $action) ||  
preg_match("/^getdetaillistAjax/", $action) ||                        
preg_match("/^InventoryTaxAjaxJSON/", $action) ||
preg_match("/^getStkAvlAjax/", $action) ||         
preg_match("/^ProfileAjax/", $action) || 
preg_match("/^newBatch/", $action) ||
preg_match("/^ProfileupdateAjax/", $action) ||  
preg_match("/^getsuggestedorderAjax/", $action) ||  
preg_match("/^showlistAjax/", $action) ||  
preg_match("/^collectionlistAjax/", $action) ||                         
preg_match("/^getStkAvlAjax/", $action) ||  
preg_match("/^findBudget/", $action) ||                         
preg_match("/^loadClaimAjax/", $action) ||  //for claim
preg_match("/^getComboEditGridNorm/", $action) ||  //for claim norm
preg_match("/^SytemClaimHead/", $action) ||  //for system generated claim
preg_match("/^loadClaimNormAjax/", $action) ||  //for system generated claim norm
preg_match("/^loadClaimTopSheetAjax/", $action) ||                        
preg_match("/^ChkMerchandiseMappingAjax/", $action) ||  //for merchandise mapping cluster 
preg_match("/^checkMerInvDupAjax/", $action) ||  //for merchandise receipt invoice duplicate    
preg_match("/^chequemangementlistAjax/", $action) ||                      
preg_match("/^getVanAllocation/", $action) || // Van allocation   
preg_match("/^getMerchandiseProducts/", $action) || // merchandise name      
preg_match("/^checkPWDBillingAjax/", $action) || //get Salesinvocie pwd configuration
preg_match("/^checkPWDfrSICanAmendAjax/", $action) || //get Salesinvocie pwd configuration 
preg_match("/^pointsRedemptionAjax/", $action) ||  
preg_match("/^getSerialNumbersAjax/", $action) ||  
preg_match("/^getSerialnoduplicates/", $action) ||     
preg_match("/^getPTRvalues/", $action) || 
preg_match("/^deletePTRvalues/", $action) ||
preg_match("/^getSerialInfo/", $action) ||
preg_match("/^getSPByRetailer/", $action) ||
preg_match("/^DeleteDistributorData/", $action) ||
preg_match("/^getProductCatHierList/", $action) ||//get Product list by prodcategory grp
preg_match("/^getProdTrackPkd/", $action) ||
preg_match("/^getPickList/", $action) || //get Picklist data  
preg_match("/^serialvalidatecheck/", $action) ||
preg_match("/^getExistingSerialKeysForScheme/", $action) ||
preg_match("/^xSalesmanMap/", $action) ||
preg_match("/^xRetailerMap/", $action) ||
preg_match("/^getModernComboGridForModuleResults/", $action) ||
preg_match("/^getModernComboGridForModuleResults/", $action) ||                        
preg_match("/^getset_retaileraddress/", $action) ||
preg_match("/^xBeatMap/", $action) ||
		//preg_match("/^Export/", $action) ||
			preg_match("/^downloadfile/", $action) ||
			preg_match("/^fieldtypes/",$action) ||
			preg_match("/^lookupemailtemplate/",$action) ||
			preg_match("/^about_us/",$action) ||
			preg_match("/^home_rss/",$action) ||
			preg_match("/^".$module."Ajax/",$action) ||
			preg_match("/^chat/",$action) ||
			preg_match("/^vtchat/",$action) ||
			preg_match("/^massdelete/", $action) ||
			preg_match("/^mailmergedownloadfile/",$action) || 	preg_match("/^get_img/",$action) ||
			preg_match("/^download/",$action) ||
			preg_match("/^ProcessDuplicates/", $action ) ||
			preg_match("/^lastImport/", $action ) ||
			preg_match("/^massdelete/", $action ) ||
			preg_match("/^getListOfRecords/", $action) ||
			preg_match("/^MassEditSave/", $action) ||
			preg_match("/^iCalExport/",$action) ||
			preg_match("/^esneciLxajAkcehc/",$action) ||
			preg_match("/^getRefreshChargingDetails/",$action) ||
            preg_match("/^DownloadDatas/",$action) ||
            preg_match("/^DownloadImportFormat/",$action) ||
            preg_match("/^ImportLogDetails/",$action) ||
			preg_match("/^getWarrantyPolicyList/",$action) ||
			preg_match("/^getRetailerProductTax/",$action) ||
			preg_match("/^getItemLists/", $action) ||
			preg_match("/^getDefaultBatchSel/", $action) ||
			preg_match("/^chkUser/", $action) ||
			preg_match("/^getclaimheadvalues/", $action) ||
			preg_match("/^SubTable/",$action)||
			preg_match("/^subSalesmanWiseBeatWiseItemWiseSalesReport/",$action)||
			preg_match("/^siAdjustmentAjax/",$action)||
			preg_match("/^ChkRCLProdCatGrpAjax/", $action) ||
			preg_match("/^loadRetailerAjax/", $action) ||
                        preg_match("/^getRetailerOutReport/", $action) ||
                        preg_match("/^getSalesEffReport/", $action)   ||
			preg_match("/^subRetailerWiseSalesReturnReport/",$action) ||
                        preg_match("/^xSalesmanDuplicateAjax/", $action)
			)
			$skipFooters=true;
                
		//skip footers for all these invocations as they are mostly popups
		if(preg_match("/^downloadfile/", $action)
		|| preg_match("/^exportXL/",$action)
		|| preg_match("/^fieldtypes/",$action)
		|| preg_match("/^mailmergedownloadfile/",$action)
		|| preg_match("/^get_img/",$action)
		|| preg_match("/^MergeFieldLeads/", $action)
		|| preg_match("/^MergeFieldContacts/", $action )
		|| preg_match("/^MergeFieldAccounts/", $action )
		|| preg_match("/^MergeFieldProducts/", $action )
		|| preg_match("/^MergeFieldHelpDesk/", $action )
		|| preg_match("/^MergeFieldPotentials/", $action )
		|| preg_match("/^MergeFieldVendors/", $action )
		|| preg_match("/^dlAttachments/", $action )
		|| preg_match("/^iCalExport/", $action)
		|| preg_match("/^checkInvStatusAjax/", $action)
                || preg_match("/^checkOrderStatusAjax/", $action) 
				|| preg_match("/^checkSalesmanBeatMapping/", $action) 
                || preg_match("/^checkRetailerCodePrefixAjax/", $action) 
                || preg_match("/^vanAllocationDeliveryStatus/", $action)        
		|| preg_match("/^getItemLists/", $action)
		|| preg_match("/^getset_address/", $action)
		|| preg_match("/^getBillingAtRetailer/", $action)
		|| preg_match("/^getset_end_customer/", $action)
                || preg_match("/^checkCustomerinfoAjax/", $action) 
		|| preg_match("/^customerMblNoDublicate/",$action) 
                || preg_match("/^hhsdata/", $action) 
                || preg_match("/^getDistList/", $action)
                || preg_match("/^getRetailerOutReport/", $action)
                || preg_match("/^getSalesEffReport/", $action)        
                || preg_match("/^getPtrFromNetprice/", $action)        
                || preg_match("/^getoutletwisesalesreport/", $action)
                || preg_match("/^saudadetails/", $action)      
                || preg_match("/^bgsddetails/", $action)  
                || preg_match("/^populatepricedetails/", $action)
                || preg_match("/^xSalesmanDuplicateAjax/", $action)
		)
		{
			$viewAttachment = true;
		}
		if(($action == ' Delete ') && (!$entityDel))
		{
			$skipHeaders=false;
		}
	}
	
	if($action == 'Save')
	{
 	         header( "Expires: Mon, 20 Dec 1998 01:00:00 GMT" );
 	         header( "Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT" );
 	         header( "Cache-Control: no-cache, must-revalidate" );
 	         header( "Pragma: no-cache" );        
 	}
//if(($action == ' Delete ') && (!$entityDel))
        if(($module == 'Users' || $module == 'Home' || $module == 'uploads') && $_REQUEST['parenttab'] != 'Settings')
        {
          $skipSecurityCheck=true;
        }        
    if($action == 'UnifiedSearch') {
    	$currentModuleFile = 'modules/Home/'.$action.'.php';
    } else {        
            $currentModuleFile = 'modules/'.$module.'/'.$action.'.php';
	}
	$currentModule = $module;
	
      	
}
elseif(isset($module))
{
	
	$currentModule = $module;
	$currentModuleFile = $moduleDefaultFile[$currentModule];
}
else {
    // use $default_module and $default_action as set in config.php
    // Redirect to the correct module with the correct action.  We need the URI to include these fields.
    $CURRENT_LOGIN_TYPE = $_SESSION['logintype'];
	if($CURRENT_LOGIN_TYPE != 'CorpLogin')
        { 

          global $disclaimer_content,$disclaimer_title;
          if($LBL_SHOW_AFTER_LOGIN_DISCLAIMER=='True')
          {
            $dist=getDistrIDbyUserID();

            $chk_disclaimer_qry = "SELECT acceptance FROM sify_disclaimer_acceptance WHERE xdistributorid=".$dist['id'];
            $chk_disclaimer_res = $adb->query($chk_disclaimer_qry,array());
            if($adb->num_rows($chk_disclaimer_res) > 0){
              $disclaimer_status = $adb->query_result($chk_disclaimer_res, 0, 'acceptance');
              $cuoption = "&cuoption=update";
            }else{
              $disclaimer_status = 0;
              $cuoption = "&cuoption=create";
            }                
            if($disclaimer_status == 0){ $update_url = "&disc=yes".$cuoption;}else{ $update_url = "&disc=yes".$cuoption; }
            
            if($disclaimer_status == 0 || $LBL_SHOW_AFTER_LOGIN_DISCLAIMER_EVERTIME == 'True')
            {
                ?>
                
                
                
                
                

                
                info("current page is $currentModuleFile");	
$log->info("current module is $currentModule ");	

/*
 *   CFRF Logic By Kami   
 */

if($use_current_login)
{
    //echo "F1";
    //exit;
    
    if($_SESSION['second_auth']==1)
    {    
        // Create a new CSRF token.
        if (! isset($_SESSION['fnxt_auth'])) {
            $_SESSION['fnxt_auth'] = base64_encode(rand());
        }
        
        
        if($_SERVER['REQUEST_METHOD'] === 'POST' && preg_match("/^Save/", $action))
        {
            //echo "Inside";
            // Check a POST is valid.
           if (isset($_POST['fnxt_auth']) && $_POST['fnxt_auth'] === $_SESSION['fnxt_auth']) {
              //echo "From Post".$_POST['fnxt_auth'];
              //echo "From Session".$_SESSION['fnxt_auth'];
              //exit;
               // POST data is valid.
               
               unset($_SESSION['fnxt_auth']);
           }
           else
            {
                //Take Action
                $_SESSION["login_error"]='Invalid Post Data. Contact Admin';
                header("Location: index.php?module=Users&action=Logout");exit;
                //print_r($_POST);
            }
        }
        else {
            // Get Operation
        }
        
    }
}


// for printing
$module = (isset($_REQUEST['module'])) ? vtlib_purify($_REQUEST['module']) : "";
$action = (isset($_REQUEST['action'])) ? vtlib_purify($_REQUEST['action']) : "";
$record = (isset($_REQUEST['record'])) ? vtlib_purify($_REQUEST['record']) : "";
$lang_crm = (isset($_SESSION['authenticated_user_language'])) ? $_SESSION['authenticated_user_language'] : "";
$GLOBALS['request_string'] = "&module=$module&action=$action&record=$record&lang_crm=$lang_crm";

$current_user = new Users();


$current_user_role ='';
$current_user_role_name ='';
$current_user_role_depth ='';

if($use_current_login)
{
	//$result = $current_user->retrieve($_SESSION['authenticated_user_id']);
	//getting the current user info from flat file
	$result = $current_user->retrieveCurrentUserInfoFromFile($_SESSION['authenticated_user_id']);

	if($result == null)
	{
            session_destroy();
	    header("Location: index.php?action=Login&module=Users");
	}

	$moduleList = getPermittedModuleNames();

        foreach ($moduleList as $mod) {
                $moduleDefaultFile[$mod] = "modules/".$currentModule."/index.php";
        }

	//auditing

	require_once('user_privileges/audit_trail.php');
	
	if($audit_trail == 'true')
	{
		if($record == '')
			$auditrecord = '';						
		else
			$auditrecord = $record;	

		/* Skip audit trial log for special request types */
		$skip_auditing = false;
		if($action == 'chat') { 
			$skip_auditing = true;		
		} else if(($action == 'ActivityReminderCallbackAjax' || $_REQUEST['file'] == 'ActivityReminderCallbackAjax') && $module == 'Calendar') {
			$skip_auditing = true;
		} else if(($action == 'TraceIncomingCall' || $_REQUEST['file'] == 'TraceIncomingCall') && $module == 'PBXManager') {
			$skip_auditing = true;
		}
		/* END */
		if (!$skip_auditing) {
			$date_var = $adb->formatDate(date('Y-m-d H:i:s'), true);
                        if($auditrecord == '')
                            $auditrecord = 0;
                       // if($MS_LBL_ALLOW_AUDIT_LOG == 'True'){
                        //$arr = new importmig();
                        //$uid = $arr->getTriallogId()+1;
			$query = "insert into vtiger_audit_trial (userid,module,action,recordid,actiondate) values(?,?,?,?,?)";
			$qparams = array($current_user->id, $module, $action, $auditrecord, $date_var);
                        $adb->pquery($query, $qparams);
                        //}
		}	
	}	



 $cur_role_query=$adb->pquery("SELECT vtiger_role.roleid,vtiger_role.rolename,vtiger_role.depth from vtiger_user2role left join vtiger_role on vtiger_user2role.roleid=vtiger_role.roleid where vtiger_user2role.userid=$current_user->id","");

        $claimAlertShow=0;
        if(isset($_REQUEST['claimalert'])){
            $_SESSION['claimIndex']=1;       
        }
        if($adb->num_rows($cur_role_query)>0)
        {
            $current_user_role=$adb->query_result($cur_role_query,0,"roleid");
            $current_user_role_name=$adb->query_result($cur_role_query,0,"rolename");
            $_SESSION['current_user_role_id'] = $current_user_role;
            $_SESSION['current_user_role_name'] = $current_user_role_name;
             //gst migration logic for stock migration start
            if(str_replace(' ','',strtolower($current_user_role_name))=='distributoradmin' || str_replace(' ','',strtolower($current_user_role_name))=='distributor' || str_replace(' ','',strtolower($current_user_role_name))=='viewonly'){

                 $distuserid=getDistrIDbyUserID();
                 $redirect=0;
               if($_REQUEST['module']=="Home"){
               $redirect=1; } 
                // Pending Claim Alert Start
                $claimOverDay=$adb->pquery("SELECT value from sify_inv_mgt_config where `key`='CLAIM_OVERDUE_DAYS' and value>0");
                if($adb->num_rows($claimOverDay)>0 && !isset($_SESSION['claimIndex'])){
                   $claimDisId = $distuserid['id'];
                    $claimAlertExist=$adb->pquery("SELECT * from vtiger_claim_alert_log  where dist_id=$claimDisId and created_at=DATE(NOW())");
                    $claimOverAlert=$adb->pquery("SELECT value from sify_inv_mgt_config where `key`='CLAIM_OVERDUE_ALERT' and value>0");
                    if($adb->num_rows($claimOverAlert)>0){
                        $claimOverAlertValue=$adb->query_result($claimOverAlert,0,"value");
                    }
                    if($adb->num_rows($claimAlertExist)==0 ||($adb->num_rows($claimAlertExist)>0 && $claimOverAlertValue=='1')){                                   
                        $claimOverDayValue=$adb->query_result($claimOverDay,0,"value");
                        $calimOverDate = date('Y-m-d',strtotime("-$claimOverDayValue days"));
                        $claimOverType=$adb->pquery("SELECT from_stock_type,to_stock_type from sify_inv_mgt_config where `key`='CLAIM_CLASS' and value>0");
                        $claimOverTypeCnt = $adb->num_rows($claimOverType);
                        if($claimOverTypeCnt>0){
                            $claimOverTypeQryTop = " and (";
                            $claimOverTypeQrySch = " and (";
                            for ($co = 0; $co < $claimOverTypeCnt; $co++) {
                                $claim_from_stock_type = $adb->query_result($claimOverType,$co, 'from_stock_type');
                                $claim_to_stock_type = $adb->query_result($claimOverType,$co, 'to_stock_type');
                                $claimOverTypeQryTop .= " vtiger_xclaimtopsheet.claim_type='$claim_from_stock_type' and vtiger_xclaimtopsheet.next_stage_name = '$claim_to_stock_type' or";
                                $claimOverTypeQrySch .= " vtiger_xclaimscheme.claim_type='$claim_from_stock_type' and vtiger_xclaimscheme.next_stage_name = '$claim_to_stock_type' or";
                            }
                            $claimOverTypeQryTop = rtrim($claimOverTypeQryTop,'or')." )";
                            $claimOverTypeQrySch = rtrim($claimOverTypeQrySch,'or')." )";
                            $claimOverTypeChk = "SELECT count(*) as cntclaim FROM (
    SELECT 	vtiger_xclaimtopsheet.xclaimtopsheetid as 'claim_id',vtiger_xclaimtopsheet.claim_type as 'claimtype',vtiger_xclaimtopsheet.claim_topsheet_reference_no as 'claim_ref_no', 	vtiger_xclaimtopsheet.claim_date as 'claim_date', 	vtiger_xclaimtopsheet.next_stage_name as 'next_stage_name',  	vtiger_xclaimtopsheet.status as 'status' 	
    FROM vtiger_xclaimtopsheet INNER JOIN vtiger_crmentity ON vtiger_xclaimtopsheet.xclaimtopsheetid = vtiger_crmentity.crmid 	
    WHERE vtiger_crmentity.deleted=0 AND vtiger_xclaimtopsheet.xdistributorid=$claimDisId  and vtiger_xclaimtopsheet.claim_date < '$calimOverDate' $claimOverTypeQryTop
    GROUP BY vtiger_xclaimtopsheet.xclaimtopsheetid,vtiger_xclaimtopsheet.xdistributorid 	
    UNION 	
    SELECT 	vtiger_xclaimscheme.xclaimschemeid  as 'claim_id',	vtiger_xclaimscheme.claim_type as 'claimtype',vtiger_xclaimscheme.scheme_claim_reference_no as 'claim_ref_no',	vtiger_xclaimscheme.scheme_claim_date as 'claim_date',vtiger_xclaimscheme.next_stage_name as 'next_stage_name',	vtiger_xclaimscheme.status as 'status'	
    FROM vtiger_xclaimscheme INNER JOIN vtiger_crmentity ON vtiger_xclaimscheme.xclaimschemeid = vtiger_crmentity.crmid 	
    WHERE vtiger_crmentity.deleted=0 and vtiger_xclaimscheme.xdistributorid=$claimDisId  and vtiger_xclaimscheme.scheme_claim_date < '$calimOverDate' $claimOverTypeQrySch
    GROUP BY vtiger_xclaimscheme.xclaimschemeid,vtiger_xclaimscheme.xdistributorid
    ) as claimalloverday
    ";
                            $claimOverDayValue=$adb->pquery($claimOverTypeChk);
                                $claimPendingcnt = $adb->query_result($claimOverDayValue,0, 'cntclaim');
                                if($claimPendingcnt>0){
                                    $claimAlertShow = $claimPendingcnt;                             
                                }                                                                    
                        }
                    }                    
                }
                // Pending Claim Alert End
                 if($_REQUEST['action']!="migrationconfig_ajax"){
               $migrationcheckq="select migration_status from sify_migration_log where xdistributorid=?";
               $hidemenu=0;
               $hidemenu2=0;
               
               if($rcheckes=$adb->pquery($migrationcheckq,array($distuserid['id']))){
                   $migrationstatus=$adb->query_result($rcheckes,0,'migration_status');
                   if($adb->num_rows($rcheckes)> 0 ){
                   if($migrationstatus !=7  ){
                      $hidemenu=1; 
                      if($migrationstatus >= 1 && $migrationstatus < 7){
                        $hidemenu2=1;  
                      }
                      }
                   }
               
                   }
               } 
            }
            //gst migration logic for stock migration Ended 
            /*if (strpos(strtolower($current_user_role_name),'distributor') !== false) {
               if(strtolower($current_user_role_name) != 'distributor admin'){
                   $current_user_role_name='Distributor';
               }
            }*/
            $current_user_role_depth=$adb->query_result($cur_role_query,0,"depth");
        }
        
	$log->debug('Current user is: '.$current_user->user_name);
}

if(!empty($LBL_THEME_FORUMNXT_APP) && file_exists('themes/'.$LBL_THEME_FORUMNXT_APP)){
      $theme = $LBL_THEME_FORUMNXT_APP;          
}
elseif(isset($_SESSION['vtiger_authenticated_user_theme']) && $_SESSION['vtiger_authenticated_user_theme'] != '')
{
	$theme = $_SESSION['vtiger_authenticated_user_theme'];
}
else 
{
	$theme = $default_theme;
}
$log->debug('Current theme is: '.$theme);

//Used for current record focus
$focus = "";

// if the language is not set yet, then set it to the default language.
if(isset($_SESSION['authenticated_user_language']) && $_SESSION['authenticated_user_language'] != '')
{
	$current_language = $_SESSION['authenticated_user_language'];
}
else 
{
	$current_language = $default_language;
}
$log->debug('current_language is: '.$current_language);

//set module and application string arrays based upon selected language
$app_currency_strings = return_app_currency_strings_language($current_language);
$app_strings = return_application_language($current_language);
$app_list_strings = return_app_list_strings_language($current_language);
$mod_strings = return_module_language($current_language, $currentModule);
if(isset($_SESSION['authenticated_user_id']) && $_SESSION['authenticated_user_id']!='')
getprintconfig();
//If DetailView, set focus to record passed in
if($action == "DetailView")
{
	if(!isset($_REQUEST['record']))
		die("A record number must be specified to view details.");

	// If we are going to a detail form, load up the record now.
	// Use the record to track the viewing.
	// todo - Have a record of modules and thier primary object names.
	//Getting the actual module
	switch($currentModule)
	{
		case 'Webmails':
			//No need to create a webmail object here
			break;
		default:
			$focus = CRMEntity::getInstance($currentModule);
			break;
		}
	
	if(isset($_REQUEST['record']) && $_REQUEST['record']!='' && $_REQUEST["module"] != "Webmails" && $_REQUEST["module"] != "Masters" && $current_user->id != '')
        {
                // Only track a viewing if the record was retrieved.
                $focus->track_view($current_user->id, $currentModule,$_REQUEST['record']);
        }
        echo "";
        
}	

// set user, theme and language cookies so that login screen defaults to last values
if (isset($_SESSION['authenticated_user_id'])) {


        $log->debug("setting cookie ck_login_id_vtiger to ".$_SESSION['authenticated_user_id']);
        setcookie('ck_login_id_vtiger', $_SESSION['authenticated_user_id']);
      //  print_r($_SESSION);

       // $sess_name = session_name();

    setcookie('ck_login_id_vtiger', $_SESSION['authenticated_user_id'], null, '/', null, null, true);

    // session_set_cookie_params('3600', $_SESSION['authenticated_user_id'], (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')? true : false, true);
    //print_r($_SESSION);


       // print_r($_SESSION);
      
}
if (isset($_SESSION['vtiger_authenticated_user_theme'])) {
        $log->debug("setting cookie ck_login_theme_vtiger to ".$_SESSION['vtiger_authenticated_user_theme']);
        setcookie('ck_login_theme_vtiger', $_SESSION['vtiger_authenticated_user_theme']);

       // $sess_name = session_name();

    setcookie('ck_login_theme_vtiger', $_SESSION['vtiger_authenticated_user_theme'], null, '/', null, null, true,true);

          // session_set_cookie_params('3600', $_SESSION['vtiger_authenticated_user_theme'], (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')? true : false, true);
}
if (isset($_SESSION['authenticated_user_language'])) {
        $log->debug("setting cookie ck_login_language_vtiger to ".$_SESSION['authenticated_user_language']);
        setcookie('ck_login_language_vtiger', $_SESSION['authenticated_user_language']);

      //  $sess_name = session_name();

    setcookie('ck_login_language_vtiger', $_SESSION['authenticated_user_language'], null, '/', null, null, true,true);
    // session_set_cookie_params('3600', $_SESSION['authenticated_user_language'], (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')? true : false, true);

}

if($_REQUEST['module'] == 'Documents' && $action == 'DownloadFile')
{
	include('modules/Documents/DownloadFile.php');
	exit;
}
//echo $_REQUEST['action'];exit;
if($_REQUEST['action']=='PrintConfig'){
$skipHeaders = false;
}

//skip headers for popups, deleting, saving, importing and other actions
if(!$skipHeaders) {
	$log->debug("including headers");
	if($use_current_login)
	{
		if(isset($_REQUEST['category']) && $_REQUEST['category'] !='')
		{
			$category = vtlib_purify($_REQUEST['category']);
		}
		else
		{
			$category = getParentTabFromModule($currentModule);
		}

		include('themes/'.$theme.'/header.php'); 
	}
	else 
		include('themes/'.$theme.'/loginheader.php');
	
	if(isset($_SESSION['administrator_error']))
	{
		// only print DB errors once otherwise they will still look broken after they are fixed.
		// Only print the errors for admin users.
		if(is_admin($current_user)) 
			echo $_SESSION['administrator_error'];
		unset($_SESSION['administrator_error']);
	}

	echo "";
	
	?>


query($conQuery);
$config_data = array();
for ($mc = 0; $mc < $adb->num_rows($config_query); $mc++) {
    $config_data[] = $adb->raw_query_result_rowdata($config_query,$mc);  
}


    foreach($config_data as $key => $configData){
        $$configData['lablename'] = $configData['lablevalue'];
        $lablename = $configData['lablename'];
        $$lablename = $configData['lablevalue'];	
      
        if($$lablename == 1){ 
          ?>            
 

     $j(document).ready(function(){ 
		   $j("#Shortcutkeys").hide(); 
       });
       
       
	   $j("script").each(function() {
		var obj = $j(this);
	 if (obj.attr("src") == "include/jQuery/shortcutKeys.js") {
		 obj.attr("src","");
		}
	   });
	   '; 
	 
   }
   

   if($$lablename == 0){ 
    echo ''; 
 }


   if(!is_admin($current_user))
   {

    
    if($$lablename == 1){ 
       echo ''; 
    }


   }
    }

?>






 




















      

  
	debug("skipping headers");
}

 if(!$skipHeaders){
 //include_once 'modules/Utilities/CityStarePop.php';
}


//fetch the permission set from session and search it for the requisite data
if(!empty($LBL_THEME_FORUMNXT_APP) && file_exists('themes/'.$LBL_THEME_FORUMNXT_APP)){
      $theme = $LBL_THEME_FORUMNXT_APP;          
}
elseif(isset($_SESSION['vtiger_authenticated_user_theme']) && $_SESSION['vtiger_authenticated_user_theme'] != '')
{
	$theme = $_SESSION['vtiger_authenticated_user_theme'];
}
else 
{
	$theme = $default_theme;
}
// for report buttons 
  if($_REQUEST['module'] == 'SalesFunnelReport'){    
                   $reportbuttons="select * from vtiger_report where vtiger_report.reporttype in ('STATIC','tabular','summary') AND vtiger_report.reportid=?";
                   $reportbu=$adb->pquery($reportbuttons,array($_REQUEST['repid']));
                   $reportbnres = $adb->query_result_rowdata($reportbu,0);
                  // echo $reportbnres;
				   //print_r($reportbnres['populate']);die;
                   if($reportbnres['populate'] !='' && $reportbnres['populate']== 0){
                    echo ''; 
                     }  
                     if($reportbnres['generatedownload'] !='' && $reportbnres['generatedownload']== 0){
                      echo ''; 
                      echo ''; 
                     }
                     if($reportbnres['exporttoexcel'] !='' && $reportbnres['exporttoexcel']== 0){
                    echo ''; 
                     }
                      if( $reportbnres['printreport'] !='' && $reportbnres['printreport']== 0){
                    echo ''; 
                     }
                     if($reportbnres['exporttocsv'] !='' && $reportbnres['exporttocsv']== 0){
                         $exporttocsv="'Export to CSV'";
                    echo ''; 
                     }
                     if( $reportbnres['exporttotext'] !='' && $reportbnres['exporttotext']== 0){
                         $exporttotxt="'Export to TEXT'";
                    echo ''; 
                     }
					 if( $reportbnres['finalgrandtotal'] !='' && $reportbnres['finalgrandtotal']== 0){ 
                          echo '';
                     }
					if(isset($reportbnres['filterparamtocsv'])){
						 echo ''; 
                     }
					 $query_str_url = parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY);
                  }
				  if(isset($_REQUEST['filterparam']) && $_REQUEST['module'] == 'SalesFunnelReport'){
					//  echo GenerateFilterParam();
				  }
//logging the security Information
$seclog->debug('########  Module -->  '.$module.'  :: Action --> '.$action.' ::  UserID --> '.$current_user->id.' :: RecordID --> '.$record.' #######');

if(!$skipSecurityCheck)
{
	require_once('include/utils/UserInfoUtil.php');
	if(preg_match('/Ajax/',$action)) {
		if($_REQUEST['ajxaction'] == 'LOADRELATEDLIST'){
			$now_action = 'DetailView';
		} else {
			$now_action=vtlib_purify($_REQUEST['file']);
                        
		}
	} else {
		$now_action=$action;
	}
    if(isset($_REQUEST['record']) && $_REQUEST['record'] != '' && !isset($_REQUEST['convertmode']) && $_REQUEST['convertmode'] == '')
    {
        if($module=='Products')
        {
            if($_REQUEST['return_module']!='Products')
            {
                $display = 'Yes';
            }
            else
            {
                $display = isPermitted($module,$now_action,$_REQUEST['record']);
            }
        }
        else
        {
            $display = isPermitted($module,$now_action,$_REQUEST['record']);
        }
    }
    else
    {
        $display = isPermitted($module,$now_action);
    }	
	$seclog->debug('########### Pemitted ---> '.$display.'  ##############');
}
else
{
	$seclog->debug('########### Pemitted ---> yes  ##############');
}
if($super==true)
{
    $display="yes";
}
if($display == "no")
{
    //header("Location: index.php?module=$module&action=index");
    echo "";	
	echo "
";
	echo "

		

		

		
		$app_strings[LBL_PERMISSION]
		

		

					   	
        $app_strings[LBL_GO_BACK]

        		
		

		
 
		
";
	echo "
";
} 
// vtlib customization: Check if module has been de-activated
else if(!vtlib_isModuleActive($currentModule)) {
	echo "";	
	echo "
";
	echo "


		

		

		
		$currentModule $app_strings[VTLIB_MOD_NOT_ACTIVE]
		

		

					   	
		$app_strings[LBL_GO_BACK]
								   						     		
		

		
 
		
";
	echo "
";
}
// END
else
{
    if($module!='Users' && $module!='' && !$skipHeaders && $current_user_role!="")
    {
        //include_once 'modules/Utilities/Ann_users_validation.php';
    }
    
    if($module!='Users' && $module!='' && !$skipHeaders && $current_user_role!="")
        include_once 'modules/Utilities/Maintenance_validation.php';
       
    
    /*
     *  Users Last Activity Update & Current Session Validate
     */
   
    //echo "123";
    //print_r($_SESSION['sso']);
    
    if(isset($_SESSION['sso']) && $_SESSION['sso']=='TRUE')
    {
        $last_login_ip='';
        $last_login_session='';
        
        $ip = $_SERVER['REMOTE_ADDR'];
        $currentSession = session_id();
        
        $userRes=$adb->mquery("SELECT last_login_ip,last_login_session FROM vtiger_users WHERE id=?",array($current_user->id));
        if($adb->num_rows($userRes)>0)
        {
            $last_login_ip=$adb->query_result($userRes,0,'last_login_ip');            
            $last_login_session=$adb->query_result($userRes,0,'last_login_session');
        }
        
        //print_r(array($last_login_ip,$last_login_session,$ip,$currentSession));
        
        if($last_login_ip!='' && $last_login_session!='')
        {
            if($last_login_ip!=$ip && 1==0)
            {
                session_destroy();
                unset($_COOKIE['PHPSESSID']);
                //session_regenerate_id(true);
                //$_SESSION['logintype']='';
                $_SESSION['login_error']='You already logged in another machine with IP : `' .$last_login_ip.'`, if forgot to LOGOUT there.. Please contact ADMIN to login';
                                
                header("Location: index.php?action=".$_SESSION['logintype']."&module=Users&error=".$_SESSION['login_error']);exit;
            }
            else
            {
                if($last_login_session!=$currentSession)
                {
                    session_destroy();
                    unset($_COOKIE['PHPSESSID']);
                    //session_regenerate_id(true);
                    //$_SESSION['logintype']='';
                    $_SESSION['login_error']='You already logged in different browser in the same machine, if forgot to LOGOUT there.. Please contact ADMIN to login';
                                
                    header("Location: index.php?action=".$_SESSION['logintype']."&module=Users&error=".$_SESSION['login_error']);exit;                    
                }
            }
                
        }
		else if($last_login_ip=='' && $last_login_session=='KILLED')
		{
				session_destroy();
				unset($_COOKIE['PHPSESSID']); 
				$_SESSION['login_error']='Your session was FORCE KILLED by ADMIN, Please contact ADMIN'; 
				header("Location: index.php?action=".$_SESSION['logintype']."&module=Users&error=".$_SESSION['login_error']);exit;
		}
    }
    
    if($_SESSION['authenticated_user_id']>0)
    {
        $adb->mquery("UPDATE vtiger_users SET last_access_time=NOW() WHERE id=?",array($_SESSION['authenticated_user_id']));
    }
    
    include($currentModuleFile);
}

	if(!$skipFooters && (!$viewAttachment) && (!$viewAttachment && $action != 'home_rss' && $action != $module."Ajax" && $action != "chat" && $action != 'massdelete' && $action != "body" && $action != "get_distributordata") )
	{
		echo "";
	}
//echo "	";

//added to get the theme . This is a bad fix as we need to know where the problem lies yet
if(!empty($LBL_THEME_FORUMNXT_APP) && file_exists('themes/'.$LBL_THEME_FORUMNXT_APP) ){
      $theme = $LBL_THEME_FORUMNXT_APP;          
}        
elseif(isset($_SESSION['vtiger_authenticated_user_theme']) && $_SESSION['vtiger_authenticated_user_theme'] != '')
{
        $theme = $_SESSION['vtiger_authenticated_user_theme'];
}
else
{
        $theme = $default_theme;
}

$Ajx_module= $module;
if($module == 'Events')
	$Ajx_module = 'Calendar';
if((!$viewAttachment) && (!$viewAttachment && $action != 'home_rss') && $action != 'Tickerdetail' && $action != $Ajx_module."Ajax" && $action != "chat" && $action != "HeadLines" && $action != 'massdelete'  &&  $action != "DashboardAjax" && $action != "ActivityAjax")
{
	// Under the SPL you do not have the right to remove this copyright statement.	
	$copyrightstatement="

	";

        // Pending Claim Alert Start
        if($claimAlertShow>0 & $_REQUEST['module']=='Home' && $_REQUEST['action']=='index'){
            ?>   

            
          

              

                  Claims pending with you for submission. Please submit immediately
              

              

              
                  Remind me later
                  Submit Claim
              
              

          

       pquery("insert into vtiger_claim_alert_log (dist_id,created_at) values($claimDisId,DATE(NOW())) ON DUPLICATE KEY UPDATE created_at = DATE(NOW())");
}
        // Pending Claim Alert End


   //gst migration logic for stock migration start
     if($hidemenu==1){
         //print_r($_REQUEST);
          if($_REQUEST['action']=='migrationconfig' || ($_REQUEST['module']=='Home' && $_REQUEST['action']=='index')|| $_REQUEST['parenttab']=='Masters' || $_REQUEST['parenttab']=='PurchaseManagement' || $_REQUEST['parenttab']=='InventoryManagement' || $_REQUEST['parenttab']=='Admin' || $_REQUEST['parenttab']=='Reports' || ($_REQUEST['module'] == 'SalesFunnelReport' && $_REQUEST['action'] != 'loadSelectDataAjax' && $_REQUEST['ajax'] !='true')  || $_REQUEST['parenttab']=='MobileIntegration'  ){
             // if(){
           ?> 
        
            
                Click Here For GST Migration Process";
    }  
   
        }
 //         }   
   }
   //gst migration logic for stock migration Ended
	if((!$skipFooters) && $action != "about_us" && $action != "vtchat" && $action != "ChangePassword" && $action != "body" && $action != $module."Ajax" && $action!='Popup' && $action != 'ImportStep3' && $action != 'ActivityAjax' && $action != 'getListOfRecords'){
            if(($action == "EditView" || ($_GET['module'] == "xClaimNorm" && $_GET['action'] != "EditView")) && $CHECK_VALIDATION == 'True'){ ?>
                
                 
                    
               
                
                
                        
               id)) {
			global $disable_stats_tracking;
			if(isset($disable_stats_tracking) && !empty($disable_stats_tracking)) {
				$statimage = "";
			} else {
//				$statimage = "|";
                                $statimage = "";
			}
		}
                             
		// END

		/* 
		echo "";
		echo "


";
		echo "";
		echo "
sify CRM $vtiger_current_version© 2004-".date('Y')." sify.com | ".$app_strings['LNK_READ_LICENSE']." | ".getTranslatedString('LNK_PRIVACY_POLICY')." $statimage
";

 */		
		?>
		
                
                        
                 
		
		
		
	
                
                
				
		";
		// Under the Sugar Public License referenced above, you are required to leave in all copyright statements
		// in both the code and end-user application.
	//	if($calculate_response_time)
	//	{
	//		$endTime = microtime();

	//		$deltaTime = microtime_diff($startTime, $endTime);
	//		echo(' Server response time: '.$deltaTime.' seconds.');
	//	}
	//	echo "\n";
	}
	if(!$skipFooters && ($action != 'mytkt_rss') && ($action != 'home_rss') && ($action != $module."Ajax") && ($action != "body") && ($action != 'ActivityAjax') && ($action != 'get_distributordata'))
	{
            
	?>
		

id!=NULL && isPermitted('Calendar','index') == 'yes' &&
				vtlib_isModuleActive('Calendar')) {
			echo "";
		}
		
		?>
		
		

    


mquery("SELECT COUNT(*) as inv_cnt FROM `vtiger_xrpi` PI  "
            . "INNER JOIN vtiger_xrpicf PIC ON PI.xrpiid=PIC.xrpiid "
            . "INNER JOIN vtiger_crmentity CRM ON PI.xrpiid = CRM.crmid WHERE PIC.cf_purchaseinvoice_buyer_id=? "
            . "AND PI.status IN ('Draft','Created') AND (CRM.deleted=0 OR PI.deleted=0)", array($distID));
    $getCount = $adb->query_result($getRPI_Qry, 0, 'inv_cnt');
    unset($_SESSION['rpi_count']);
    $_SESSION['rpi_count'] = $getCount;  
}
    
if($_REQUEST['action']=='EditView'){
?>



pquery("SELECT maxnumofdays FROM vtiger_report where `reportid`='".$_GET['repid']."'");
    $maxDays = 0;
    if($adb->num_rows($maxD) > 0 ){
        $maxDays = $adb->query_result($maxD,0,'maxnumofdays');
    }
?>





mquery("SELECT COUNT(*) as inv_cnt FROM `vtiger_xrpi` PI  "
            . "INNER JOIN vtiger_xrpicf PIC ON PI.xrpiid=PIC.xrpiid "
            . "INNER JOIN vtiger_crmentity CRM ON PI.xrpiid = CRM.crmid WHERE PIC.cf_purchaseinvoice_buyer_id=? "
            . "AND PI.status IN ('Draft','Created') AND (CRM.deleted=0 OR PI.deleted=0)", array($distID));
    $getCount = $adb->query_result($getRPI_Qry, 0, 'inv_cnt');
    unset($_SESSION['rpi_count']);
    $_SESSION['rpi_count'] = $getCount;  
}
    
if($_REQUEST['action']=='EditView'){
?>



pquery("SELECT maxnumofdays FROM vtiger_report where `reportid`='".$_GET['repid']."'");
    $maxDays = 0;
    if($adb->num_rows($maxD) > 0 ){
        $maxDays = $adb->query_result($maxD,0,'maxnumofdays');
    }
?>





pquery("SELECT value from sify_inv_mgt_config where `key`='AUTO_SUBMISSION_STATUS'");
if($adb->num_rows($autostatus)>0){
    $autostatus=$adb->query_result($autostatus,0,"value");
}



$autosub=$adb->pquery("SELECT value from sify_inv_mgt_config where `key`='AUTO_SUBMISSION'");
if($adb->num_rows($autosub)>0){
    $AUTO_SUBMISSION_SQL=$adb->query_result($autosub,0,"value");
}



$distuserid=getDistrIDbyUserID();


if($distuserid['id'] !='' && $AUTO_SUBMISSION_SQL == '1' )
{
$mastqry="SELECT * FROM ( 
	SELECT 
	vtiger_crmentity.crmid  as 'crmid',
	'OC' as 'modset',
	vtiger_xclaimtopsheet.xclaimtopsheetid as 'claim_id',
	vtiger_xclaimtopsheet.claim_type as 'claimtype',
	SUBSTRING_INDEX(SUBSTRING_INDEX(vtiger_xorganisationhiercf.cf_xorganisationhier_organisation_hierarchy_path,' - ',2),' - ',-1) as 'region',		
	SUBSTRING_INDEX(SUBSTRING_INDEX(vtiger_xorganisationhiercf.cf_xorganisationhier_organisation_hierarchy_path,' - ',4),' - ',-1) as 'trade',
	vtiger_xdistributor.distributorcode, 
	vtiger_xdistributor.distributorname,
	vtiger_xclaimtopsheet.claim_topsheet_reference_no as 'claim_ref_no', 
	MIN(vtiger_xclaimtopsheet.claim_date) as 'claim_date', 
	vtiger_xclaimtopsheet.claim_period_from as 'claim_from', 
	vtiger_xclaimtopsheet.claim_period_to as 'claim_to', 
	vtiger_xclaimtopsheet.claim_topsheet_description as 'claim_desc', 
	FORMAT(vtiger_xclaimtopsheet.amount, 2) as 'amount',  
	vtiger_xclaimtopsheet.next_stage_name as 'next_stage_name',  
	vtiger_xclaimtopsheet.status as 'status' 
	FROM vtiger_xclaimtopsheet 
	INNER JOIN vtiger_crmentity ON vtiger_xclaimtopsheet.xclaimtopsheetid = vtiger_crmentity.crmid 
	INNER JOIN vtiger_xdistributor  ON  vtiger_xdistributor.xdistributorid=vtiger_xclaimtopsheet.xdistributorid
	INNER JOIN vtiger_xdistributorusermappingcf on vtiger_xdistributorusermappingcf.cf_xdistributorusermapping_distributor=vtiger_xclaimtopsheet.xdistributorid
	INNER JOIN vtiger_users on vtiger_users.id=vtiger_xdistributorusermappingcf.cf_xdistributorusermapping_supporting_staff
	LEFT JOIN vtiger_xorganisationhier on vtiger_xorganisationhier.xorganisationhierid=vtiger_users.organisation_hierarchy	
	LEFT JOIN vtiger_xorganisationhiercf on vtiger_xorganisationhiercf.xorganisationhierid=vtiger_xorganisationhier.xorganisationhierid
	WHERE vtiger_crmentity.deleted=0 AND vtiger_xclaimtopsheet.xdistributorid=? ".$Stages['CTS'].$conditions['CTS'].$conditions['TSRC']['CTS']."  GROUP BY vtiger_xclaimtopsheet.xdistributorid 
	UNION 
	SELECT 
	vtiger_crmentity.crmid  as 'crmid',
	'SC' as 'modset',
	vtiger_xclaimscheme.xclaimschemeid  as 'claim_id',
	vtiger_xclaimscheme.claim_type as 'claimtype',
	SUBSTRING_INDEX(SUBSTRING_INDEX(vtiger_xorganisationhiercf.cf_xorganisationhier_organisation_hierarchy_path,' - ',2),' - ',-1) as 'region',
	SUBSTRING_INDEX(SUBSTRING_INDEX(vtiger_xorganisationhiercf.cf_xorganisationhier_organisation_hierarchy_path,' - ',4),' - ',-1) as 'trade',
	vtiger_xdistributor.distributorcode, 
	vtiger_xdistributor.distributorname, 
	vtiger_xclaimscheme.scheme_claim_reference_no as 'claim_ref_no',
	MIN(vtiger_xclaimscheme.scheme_claim_date) as 'claim_date',
	vtiger_xclaimscheme.scheme_claim_period_from as 'claim_from',
	vtiger_xclaimscheme.scheme_claim_period_to as 'claim_to',
	vtiger_xclaimscheme.scheme_claim_description as 'claim_desc',
	FORMAT(vtiger_xclaimscheme.amount, 2) as 'amount',
	vtiger_xclaimscheme.next_stage_name as 'next_stage_name',
	vtiger_xclaimscheme.status as 'status'
	FROM vtiger_xclaimscheme 
	INNER JOIN vtiger_crmentity ON vtiger_xclaimscheme.xclaimschemeid = vtiger_crmentity.crmid 
	INNER JOIN vtiger_xdistributor ON  vtiger_xdistributor.xdistributorid=vtiger_xclaimscheme.xdistributorid
	INNER JOIN vtiger_xdistributorusermappingcf on vtiger_xdistributorusermappingcf.cf_xdistributorusermapping_distributor=vtiger_xclaimscheme.xdistributorid
	INNER JOIN vtiger_users on vtiger_users.id=vtiger_xdistributorusermappingcf.cf_xdistributorusermapping_supporting_staff
	LEFT JOIN vtiger_xorganisationhier on vtiger_xorganisationhier.xorganisationhierid=vtiger_users.organisation_hierarchy	
	LEFT JOIN vtiger_xorganisationhiercf on vtiger_xorganisationhiercf.xorganisationhierid=vtiger_xorganisationhier.xorganisationhierid 
	WHERE vtiger_crmentity.deleted=0 and vtiger_xclaimscheme.xdistributorid=? ".$Stages['SCL'].$conditions['SCL'].$conditions['TSRC']['SCL']." GROUP BY vtiger_xclaimscheme.xdistributorid
	) AS alls  WHERE alls.status = '".$autostatus."'  ORDER BY alls.crmid DESC ".$limit;

    
	$msvl=array($distuserid['id'],$distuserid['id']);
	


function getQuery($query,$values=array()) {
	global $adb;
	if(count($values) > 0){
		$result = $adb->pquery($query,$values);
	}else{
		$result = $adb->pquery($query,array());
	}
    $ret = array();
    if($result){
	    for ($index = 0; $index < $adb->num_rows($result); $index++) {
	        $ret[$index] = $adb->raw_query_result_rowdata($result,$index);
	    }
	}
	return $ret;
} 

    $claimresponce =	array(
		'QSTATUS'=>True,
		'QMSG'=>$msg,
		'QROLE'=>$role,
		'QRES'=>array(		
			'MRES'=>getQuery($mastqry,$msvl), 
			'NEG'=>getQuery($qry,$nevl)
				)
	);  
		
}
else {
	$claimresponce = 0;
}


if(isset($_REQUEST['claimalertsubmission'])){
    $_SESSION['claimIndexsubmission']=1;       
}
?>