[英]How can I display images on a web page via SugarCRM 7 API
I am trying to dynamically retrieve images from Sugar CRM to display on a website. 我正在尝试从Sugar CRM动态检索图像以显示在网站上。 When I am logged in, the images display alright.
登录后,图像显示正常。 When I am logged out, I am also denied access to the images hence the wider public will not see the images.
当我注销后,我也被拒绝访问这些图像,因此广大公众将看不到这些图像。
How can I ensure that a logged in header is sent on the webpage without exposing my username and password? 如何确保在不暴露用户名和密码的情况下在网页上发送登录标头? Or how can I display the image on the webpage?
或者如何在网页上显示图像?
I had to do something like this earlier in the year. 我今年早些时候不得不做这样的事情。 I can't provide all of the code, but my idea was to create a separate Entry Point that did not require authorization.
我无法提供所有代码,但是我的想法是创建一个不需要授权的单独入口点 。 From that Entry Point file I essentially spoofed authentication and called the normal download.php Entry Point.
从本质上讲,我从该入口点文件中欺骗了身份验证,并将其称为普通的download.php入口点。 It went something like this (keep in mind this code was invoked by hitting
index.php?module=MyModule&entryPoint=MyEntryPoint
) 它是这样的(请记住,通过
index.php?module=MyModule&entryPoint=MyEntryPoint
调用此代码)
unset($_REQUEST);
$_REQUEST['entryPoint'] = 'download';
$_REQUEST['id'] = $focus->$field;
$_REQUEST['type'] = 'SugarFieldImage';
$_REQUEST['isTempFile'] = '1';
$_SESSION['authenticated_user_id'] = '1';
require_once('download.php');
One caveat I found there was that I needed to check first for an existing session before setting $_SESSION['authenticated_user_id']
, otherwise an actual Sugar user who used the website would go back to Sugar and find that his/her session had been escalated to an Admin account(!). 我发现有一个警告,我需要在设置
$_SESSION['authenticated_user_id']
之前先检查现有会话,否则使用该网站的实际Sugar用户将回到Sugar并发现他/她的会话已升级到管理员帐户(!)。 So, I added a check before setting it that way, and code to re-set it back to the original value. 因此,在以这种方式设置之前,我添加了一个检查,并通过代码将其重新设置为原始值。 Something like this:
像这样:
if(!empty($_SESSION['authenticated_user_id'])){
$old_session_id = $_SESSION['authenticated_user_id'];
}
$_SESSION['authenticated_user_id'] = '1';
require_once('download.php');
if(isset($old_session_id)){
$_SESSION['authenticated_user_id'] = $old_session_id;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.