Secured WebDAV with Office

I’ve recently implemented a technique of making Office applications save to webdav in a secure way by using tokens in conjunction with mod_security in Apache. This means that MS Word opens a document using a URL such as: https://my.server.com/webdav/my_document.doc?token=12345:03cfd743661f07975fa2f1220c5194cbaff48451 While this works fine over HTTP there’s a problem with HTTPS. Word (or Excel) sends several…


Read More

SugarCRM mvc_utils.php

If you see an error such as the following in your php error log:

the source of the problem is in SugarCRM’s mvc_utils.php. This file contains (poorly) obfuscated code which does a variety of checks to supposedly insure that your copy of Sugar is genuine. De-obfuscating the code is trivial though. It’s so pointless…


Read More

Sugar CETeams modifications

I’ve been working on some improvements to the CETeams module for SugarCRM, as follows: make CETeams cache its config to a file instead of storing it in session data. This makes changes to CETeams config affect all users instantly without requiring them to log out and in again. make CETeams work properly with MS SQL…


Read More