Cron Job

You have done a great job with Workflow and all that. But I am using Bitnami on Windows.
The moment I try to run the batch file (scheduler) on Windows it shows the following error

Bad data is passed in; Return to Home

I have followed every single recommendation like removing the brackets from utils.php and also changed the date.timezone to ‘Africa/Cairo’

Have i run out of solutions yet?

As always, your fast reply will be highly appreciated :slight_smile:

This seems to be the relevant code, in utils.php:

function clean_string($str, $filter = 'STANDARD', $dieOnBadData = true)
{
    global $sugar_config;
    $filters = array(
        'STANDARD' => '#[^A-Z0-9\-_\.\@]#i',
        'STANDARDSPACE' => '#[^A-Z0-9\-_\.\@\ ]#i',
        'FILE' => '#[^A-Z0-9\-_\.]#i',
        'NUMBER' => '#[^0-9\-]#i',
        'SQL_COLUMN_LIST' => '#[^A-Z0-9\(\),_\.]#i',
        'PATH_NO_URL' => '#://#i',
        'SAFED_GET' => '#[^A-Z0-9\@\=\&\?\.\/\-_~+]#i', /* range of allowed characters in a GET string */
        'UNIFIED_SEARCH' => '#[\\x00]#', /* cn: bug 3356 & 9236 - MBCS search strings */
        'AUTO_INCREMENT' => '#[^0-9\-,\ ]#i',
        'ALPHANUM' => '#[^A-Z0-9\-]#i',
    );
    if (preg_match($filters[$filter], $str)) {
        if (isset($GLOBALS['log']) && is_object($GLOBALS['log'])) {
            $GLOBALS['log']->fatal("SECURITY[$filter]: bad data passed in; string: {$str}");
        }
        if ($dieOnBadData) {
            die("Bad data passed in; <a href=\"{$sugar_config['site_url']}\">Return to Home</a>");
        }
        return false;
    } else {
        return $str;
    }
}

You can see that apart from the error shown on screen, there is an error in the logs, like this “SECURITY[$filter]: bad data passed in; string: {$str}”. If you look at that log entry, you will know exactly which string is hitting the security filters.

1 Like

Thank you for the quick response.

Now, we are zooming in on the problem, however, i don’t know where those logs are

this is the function that calls the error:

i edited the message to be “I can see bad data” so that i can debug. I don’t know what is wrong… and the debug doesn’t say which variable seems to be wrong

function clean_string($str, $filter = ‘STANDARD’, $dieOnBadData = true)
{
global $sugar_config;

$filters = array(
    'STANDARD' => '#[^A-Z0-9\-_\.\@]#i',
    'STANDARDSPACE' => '#[^A-Z0-9\-_\.\@\ ]#i',
    'FILE' => '#[^A-Z0-9\-_\.]#i',
    'NUMBER' => '#[^0-9\-]#i',
    'SQL_COLUMN_LIST' => '#[^A-Z0-9\(\),_\.]#i',
    'PATH_NO_URL' => '#://#i',
    'SAFED_GET' => '#[^A-Z0-9\@\=\&\?\.\/\-_~+]#i', /* range of allowed characters in a GET string */
    'UNIFIED_SEARCH' => '#[\\x00]#', /* cn: bug 3356 & 9236 - MBCS search strings */
    'AUTO_INCREMENT' => '#[^0-9\-,\ ]#i',
    'ALPHANUM' => '#[^A-Z0-9\-]#i',
);

if (preg_match($filters[$filter], $str)) {
    if (isset($GLOBALS['log']) && is_object($GLOBALS['log'])) {
        $GLOBALS['log']->fatal("SECURITY[$filter]: bad data passed in; string: {$str}");
    }
    if ($dieOnBadData) {
        die("I can see Bad data passed in; <a href=\"{$sugar_config['site_url']}\">Return to Home</a>");
    }

    return false;
} else {
    return $str;
}

}

I seem to have solved it… still need some testing though…

In the variable i removed the brackets [ ] from the function it seemed to work. I wish someone could make use of this, as i spun around this for so long!

Before:

    'SAFED_GET' => '#[^A-Z0-9\@\=\&\?\.\/\-_~+]#i', /* 

After:

    'SAFED_GET' => '#^A-Z0-9\@\=\&\?\.\/\-_~+#i', /*

Hi.

Here are a few loose comments…

Firtst of all, google about suitecrm.log, you should really know about that, it’s a basic element of your survival with this project.

Then, your edited function is not correct - you would need to print out the $str before the “die” statement. It’s worth trying so we know exactly which string is causing trouble.

And your change of the brackets may solve your problem for now, but it’s not an appropriate fix. You should leave that string as it is because it’s doing a security check, you just bypassed it.

Your real problem is elsewhere, you should investigate further.

Also, remember that these changes directly on core files may get overriden whenever you upgrade.

Thanks for urging me to leave my comfort zone. My old me didn’t feel like googling the location of the log file.

Now, am all confused, you are saying i made a security preach without offering any further help.

Although I am a developer, I can’t even debug this code, so please help me out!

thank you

Just give us the string, change that die command to print it out:

die($str);

That might give us a clue.

ok i will
may you please type the syntax of “print it out” is it “echo” ??? I am an MS developer :slight_smile: sorry

To keep you out of your comfort zone: go get your glasses. I typed the command there for you in my previous post.

alright cowboy here you go

C:\Bitnami\wampstack-5.6.23-1\apps\suitecrm\htdocs\cron.php

that is all it produced after re-adding the brackets and putting the code you kindly provided me with

Hhmm I don’t know the specifics of that code, but probably you shouldn’t be seeing a DOS path there (in a HTTP GET command), you should probably have a web server path (perhaps simply “cron.php”), since it is on the root directory of the site.

That all boils down to this question: how to correctly configure schedulers on WIndows with Bitnami?

I see other people have had this issue in the past:
https://community.bitnami.com/t/sugarcrm-batch-file-to-run-cron-php-error/6658

But that thread ended mysteriously.

Then there is this one that provides a workaround:
https://suitecrm.com/forum/suitecrm-7-0-discussion/6019-advanced-opendiscovery-cron-job-error

Good luck!

I have already read those posts, nothing doing.

please inform me of the implications of removing the brackets??? a " ’ " may be passed??

am i going to cause a security preach if that server finally goes online?

If you remove the brackets you’re just breaking the regex expression to make it meaningless. Then anybody can build URL’s against your site using illegal characters. I don’t know what tricks that allows for, but it does not seem like a good idea at all.

And most importantly, I can’t believe that your schedulers are working, they don’t seem properly configured. You might get past the error, but will it work?

You could reply in that post in the Bitnami forums, that guy who promised a solution could try getting you one.

alright, well actually the cronjob works !

i will post their with bitnami and see if they have any solution for this

I’m curious about this: what exactly are you doing to get this error? If you’re seeing the “die” error on screen then you’re not inside a scheduler, are you? Scheduler jobs don’t open browser Windows.

Can you please explain step-by-step what you do to get the error showing?

I run this command against the scheduler from command line:

C:\Bitnami\wampstack-5.6.23-1\php>php.exe -f C:\Bitnami\wampstack-5.6.23-1\apps
suitecrm\htdocs\cron.php

Oh, I see, then you get the error printed it on the Dos window.

You could try this instead… Change to this directory first:

C:\Bitnami\wampstack-5.6.23-1\apps\suitecrm\htdocs\

Then call

C:\Bitnami\wampstack-5.6.23-1\php\php.exe -f cron.php

That way the weird characters don’t get sent as part of the url.

That solved it and i added the brackets too!
Thank you so much pgr !!

:whistle: :whistle: :whistle: :whistle:

one last thing pgr

now, the scheduler / workflow is running super fine…

Can we solve that last problem?

I seem to get two emails for the same meeting and each email has a different date format as follows

Email 1 (from a template we have created for the purpose)

Hi Kazan Shagen !

You have been assigned a meeting on: 2016-11-24

Email 2 (from a template we have created for the purpose)

Hi Kazan Shagen !

You have been assigned a meeting on: 24-11-2016

=========================

Notice here pgr the difference in date format and why are they coming in twice?