Insideview banner advertisement popping out

deekerman commented

2026-02-20 16:16:05 -05:00

Owner

Originally created by @francescor on GitHub (Jun 5, 2020).

We just notices an advertisement while surfing our private hosted SuiteCRM installation.

The advert promote: http://www.insideview.com where at the terms of use at http://www.insideview.com/cat-terms-use.html I read something very serious (and bad):

"You hereby grant InsideView a non-exclusive, royalty-free, worldwide license to use the Customer Data as may be reasonable or necessary for InsideView to provide the Services to You."

The advert is at center of a page while viewing a customer (our customer!) data, and the banner says: if click you agree (!!)

we are willing to send you the screenshot if you want.

SuiteCRM Version 7.11.13, with data imported from Sugar Version 6.5.25 (Build 344), on brand new linux Centos 7, php 7.4

Originally created by @francescor on GitHub (Jun 5, 2020). We just notices an advertisement while surfing our private hosted SuiteCRM installation. The advert promote: http://www.insideview.com where at the terms of use at http://www.insideview.com/cat-terms-use.html I read something very serious (and bad): "You hereby grant InsideView a non-exclusive, royalty-free, worldwide license to use the Customer Data as may be reasonable or necessary for InsideView to provide the Services to You." The advert is at center of a page while viewing a customer (our customer!) data, and the banner says: if click you agree (!!) we are willing to send you the screenshot if you want. SuiteCRM Version 7.11.13, with data imported from Sugar Version 6.5.25 (Build 344), on brand new linux Centos 7, php 7.4

deekerman added the

labels

2026-02-20 16:16:05 -05:00

deekerman commented

2026-02-20 16:16:06 -05:00

Author

Owner

@francescor commented on GitHub (Jun 5, 2020):

This is the HTML code that produce the banner

          <a href="#" onclick="hideSubPanel('insideview');document.getElementById('hide_link_insideview').style.display='none';document.getElementById('show_link_insideview').style.display='';return false;"></a>
          <div style="width: 100%; float: left; padding: 10px 0px 20px 0pt;">
            <a target="_blank" href="http://community.insideview.com/t5/Getting-Started/Find-Opportunities-to-Reach-Out-to-Customers/ta-p/1133" style="float: left; width: 230px;display:block;text-decoration:none;">
                <img title="Find Opportunities" src="https://my.insideview.com/iv/common/ruby/images/sugarembed-img1.png" style="float: left;border:0 solid;">
                <div style="float: left; padding-top: 11px; width: 150px;">
                    <span style="color: #990000; float: left; font-family: arial; font-size: 14px; font-weight: bold;">Find Opportunities</span>
                    <span style="font-size: 10px; font-weight: bold; font-family: arial; color: #333333;float: left;">to reach out to customers</span>
                </div>
            </a>
            <a target="_blank" href="http://community.insideview.com/t5/Getting-Started/Get-Referrals-to-Key-Decision-Makers/ta-p/1141" style="float: left; width: 230px;display:block;text-decoration:none;">
                <img title="Get Referrals" src="https://my.insideview.com/iv/common/ruby/images/sugarembed-img2.png" style="float: left;border:0 solid;">
                <div style="float: left; padding-top: 11px; padding-left: 10px;width: 150px;">
                    <span style="color: #990000; float: left; font-family: arial; font-size: 14px; font-weight: bold;">Get Referrals</span>
                    <span style="font-size: 10px; font-weight: bold; font-family: arial; color: #333333;float: left;">to key decision makers</span>
                </div>
            </a>
            <a target="_blank" href="http://community.insideview.com/t5/Getting-Started/Engage-Prospects-and-Customers/ta-p/1127" style="float: left; width: 230px;display:block;text-decoration:none;">
                <img title="Engage Customers" src="https://my.insideview.com/iv/common/ruby/images/sugarembed-img3.png" style="float: left;border:0 solid;">
                <div style="float: left; padding-top: 11px; padding-left: 10px;width: 140px;">
                    <span style="color: #990000; float: left; font-family: arial; font-size: 14px; font-weight: bold;">Engage Customers</span>
                    <span style="font-size: 10px; font-weight: bold; font-family: arial; color: #333333;float: left;">with conversation starters</span>
                </div>
            </a>
          </div>
          <hr style="border-color: rgb(238, 238, 238); background-color: rgb(238, 238, 238); width: 100%;">
          <form>
              <input type="checkbox" class="checkbox" name="insideview_accept_box" id="insideview_accept_box" style="display: none;" onclick="toggleGettingStartedButton();">
              <div style="float:left;padding:0 0 10px 0">
                    <div style="font-size: 11px; float:left;margin: 5px 15px 0px 150px;">
                        By clicking "Get Started" you agree to InsideView's&nbsp;<a href="http://www.insideview.com/cat-terms-use.html" target="_blank" style="color:#0099CC;text-decoration: none; font-size: 11px;">Terms of Use</a>&nbsp;and&nbsp;<a style="color:#0099CC;text-decoration: none; font-size: 11px;" target="_blank" href="http://www.insideview.com/cat-privacy.html">Privacy Policy</a>.
                    </div>
                    <div onclick="allowInsideView(); return false;" name="insideview_accept_button" id="insideview_accept_button" style="float:right;height: 30px; background-image: url('https://my.insideview.com/iv/common/ruby/images/sugarembed-button.png');font-weight: bold; width: 113px; font-size: 14px;cursor:pointer;">
                        <div style="float:left;margin:7px 0 0 18px;color:#ffffff;">Get Started!</div>
                    </div>
              </div>
          </form>
          <div class="clear"></div>

please note that, even the cited privacy banner lead to a non existing page!

@francescor commented on GitHub (Jun 5, 2020): This is the HTML code that produce the banner ``` <a href="#" onclick="hideSubPanel('insideview');document.getElementById('hide_link_insideview').style.display='none';document.getElementById('show_link_insideview').style.display='';return false;"></a> <div style="width: 100%; float: left; padding: 10px 0px 20px 0pt;"> <a target="_blank" href="http://community.insideview.com/t5/Getting-Started/Find-Opportunities-to-Reach-Out-to-Customers/ta-p/1133" style="float: left; width: 230px;display:block;text-decoration:none;"> <img title="Find Opportunities" src="https://my.insideview.com/iv/common/ruby/images/sugarembed-img1.png" style="float: left;border:0 solid;"> <div style="float: left; padding-top: 11px; width: 150px;"> <span style="color: #990000; float: left; font-family: arial; font-size: 14px; font-weight: bold;">Find Opportunities</span> <span style="font-size: 10px; font-weight: bold; font-family: arial; color: #333333;float: left;">to reach out to customers</span> </div> </a> <a target="_blank" href="http://community.insideview.com/t5/Getting-Started/Get-Referrals-to-Key-Decision-Makers/ta-p/1141" style="float: left; width: 230px;display:block;text-decoration:none;"> <img title="Get Referrals" src="https://my.insideview.com/iv/common/ruby/images/sugarembed-img2.png" style="float: left;border:0 solid;"> <div style="float: left; padding-top: 11px; padding-left: 10px;width: 150px;"> <span style="color: #990000; float: left; font-family: arial; font-size: 14px; font-weight: bold;">Get Referrals</span> <span style="font-size: 10px; font-weight: bold; font-family: arial; color: #333333;float: left;">to key decision makers</span> </div> </a> <a target="_blank" href="http://community.insideview.com/t5/Getting-Started/Engage-Prospects-and-Customers/ta-p/1127" style="float: left; width: 230px;display:block;text-decoration:none;"> <img title="Engage Customers" src="https://my.insideview.com/iv/common/ruby/images/sugarembed-img3.png" style="float: left;border:0 solid;"> <div style="float: left; padding-top: 11px; padding-left: 10px;width: 140px;"> <span style="color: #990000; float: left; font-family: arial; font-size: 14px; font-weight: bold;">Engage Customers</span> <span style="font-size: 10px; font-weight: bold; font-family: arial; color: #333333;float: left;">with conversation starters</span> </div> </a> </div> <hr style="border-color: rgb(238, 238, 238); background-color: rgb(238, 238, 238); width: 100%;"> <form> <input type="checkbox" class="checkbox" name="insideview_accept_box" id="insideview_accept_box" style="display: none;" onclick="toggleGettingStartedButton();"> <div style="float:left;padding:0 0 10px 0"> <div style="font-size: 11px; float:left;margin: 5px 15px 0px 150px;"> By clicking "Get Started" you agree to InsideView's <a href="http://www.insideview.com/cat-terms-use.html" target="_blank" style="color:#0099CC;text-decoration: none; font-size: 11px;">Terms of Use</a> and <a style="color:#0099CC;text-decoration: none; font-size: 11px;" target="_blank" href="http://www.insideview.com/cat-privacy.html">Privacy Policy</a>. </div> <div onclick="allowInsideView(); return false;" name="insideview_accept_button" id="insideview_accept_button" style="float:right;height: 30px; background-image: url('https://my.insideview.com/iv/common/ruby/images/sugarembed-button.png');font-weight: bold; width: 113px; font-size: 14px;cursor:pointer;"> <div style="float:left;margin:7px 0 0 18px;color:#ffffff;">Get Started!</div> </div> </div> </form> <div class="clear"></div> ``` please note that, even the cited privacy banner lead to a non existing page!

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@pgorod commented on GitHub (Jun 5, 2020):

This just means that your server got hacked, or your browser has a bad add-on installed... not a SuiteCRM issue.

@pgorod commented on GitHub (Jun 5, 2020): This just means that your server got hacked, or your browser has a bad add-on installed... not a SuiteCRM issue.

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@pgorod commented on GitHub (Jun 5, 2020):

I see they have a SugarCRM plugin called InsideView, maybe it works also with SuiteCRM and you installed it? Check your Admin / Module Loader page.

@pgorod commented on GitHub (Jun 5, 2020): I see they have a SugarCRM plugin called InsideView, maybe it works also with SuiteCRM and you installed it? Check your **Admin / Module Loader** page.

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@francescor commented on GitHub (Jun 5, 2020):

Here the screenshot

@francescor commented on GitHub (Jun 5, 2020): Here the screenshot ![Screenshot from 2020-06-05 18-15-51](https://user-images.githubusercontent.com/424577/83905561-28b7f700-a762-11ea-9e31-58b853c9ef97.png)

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@francescor commented on GitHub (Jun 5, 2020):

I can probably disable the whole "InsideView" advert in here?

can I ?

@francescor commented on GitHub (Jun 5, 2020): I can probably disable the whole "InsideView" advert in here? ![Screenshot from 2020-06-05 18-45-12](https://user-images.githubusercontent.com/424577/83905671-5f8e0d00-a762-11ea-97ab-c4883aebc5db.png) can I ?

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@pgorod commented on GitHub (Jun 5, 2020):

That seems to be a legitimate software, that somebody installed on your server. You should determine what it does, before removing it. You probably paid for it.

You can also contact the makers of that software and ask them about the annoying ad. I assume they thought it was a good idea to get that permission, for GDPR reasons (or similar).

@pgorod commented on GitHub (Jun 5, 2020): That seems to be a legitimate software, that somebody installed on your server. You should determine what it does, before removing it. You probably paid for it. You can also contact the makers of that software and ask them about the annoying ad. I assume they thought it was a good idea to get that permission, for GDPR reasons (or similar).

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@pgorod commented on GitHub (Jun 5, 2020):

Please close this Issue here, it's really not a SuiteCRM problem.

We can keep discussing this in comments even after the Issue is closed, if you need more help. Thanks

@pgorod commented on GitHub (Jun 5, 2020): Please close this Issue here, it's really not a SuiteCRM problem. We can keep discussing this in comments even after the Issue is closed, if you need more help. Thanks

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@francescor commented on GitHub (Jun 5, 2020):

Yes, my client had a previous installation of SugarCRM (Indeed I read "Sugar Version 6.5.25 Build 344" in the actual SuiteCRM installation about page): I'm very glad this stuff does not come from your code, believe me!

@francescor commented on GitHub (Jun 5, 2020): Yes, my client had a previous installation of SugarCRM (Indeed I read "Sugar Version 6.5.25 Build 344" in the actual SuiteCRM installation about page): I'm very glad this stuff does not come from your code, believe me!

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@francescor commented on GitHub (Jun 5, 2020):

Is this about this same issue? https://community.suitecrm.com/t/inside-view-subpanel-how-to-remove/12966

@pgorod many thanks for your feeds: please have a look, since your statement about the server being hacked forced us to open a serious internal incident.

It seems to me that this "advertisement" was part of the previous sugarcrm, which has nothing to do with SuiteCRM (I'm glad!) but unfortunately that king of code got automatically imported in our brand new SuiteCRM installation that we just set up migrating from sugar following SuiteCRM migration instructions.

This is sure something that can help previous (new) users coming here from SugarCRM, and will keep SuiteCRM clean

@francescor commented on GitHub (Jun 5, 2020): Is this about this same issue? https://community.suitecrm.com/t/inside-view-subpanel-how-to-remove/12966 @pgorod many thanks for your feeds: please have a look, since your statement about the server being hacked forced us to open a serious internal incident. It seems to me that this "advertisement" was part of the previous sugarcrm, which has nothing to do with SuiteCRM (I'm glad!) but unfortunately that king of code got automatically imported in our brand new SuiteCRM installation that we just set up migrating from sugar following SuiteCRM migration instructions. This is sure something that can help previous (new) users coming here from SugarCRM, and will keep SuiteCRM clean

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@pgorod commented on GitHub (Jun 5, 2020):

Did you check Admin / Module Loader page to see if the module can be uninstalled from there?

You're better off ensuring that no part of that add-on is still operational, I don't know if the Connector is everything, or if there is more.

I agree this information might be useful for the future, though not here, it should be on the Forums, it's better to look for help there before coming here.

@pgorod commented on GitHub (Jun 5, 2020): Did you check **Admin / Module Loader** page to see if the module can be uninstalled from there? You're better off ensuring that no part of that add-on is still operational, I don't know if the Connector is everything, or if there is more. I agree this information might be useful for the future, though not here, it should be on the Forums, it's better to look for help there before coming here.

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@francescor commented on GitHub (Jun 5, 2020):

Yes, sorry for not telling you: Admin / Module Loader page has nothing on it

@francescor commented on GitHub (Jun 5, 2020): Yes, sorry for not telling you: **Admin / Module** Loader page has nothing on it

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@francescor commented on GitHub (Jun 5, 2020):

Ok, yes, next time I'll start with the forum, thanks

here is where that code should just be:

# grep -rl insideview.com /var/www/SuiteCRM/*
modules/Connectors/connectors/sources/ext/rest/insideview/InsideViewLogicHook.php
modules/Connectors/connectors/sources/ext/rest/insideview/tpls/InsideView.tpl

# ll modules/Connectors/connectors/sources/ext/rest/insideview/
total 40
-rw-r--r-- 1 apache apache 10133 May 31 13:25 InsideViewLogicHook.php
-rw-r--r-- 1 apache apache  2254 May 31 13:25 config.php
drwxr-sr-x 2 apache apache  4096 Feb 27  2013 images
-rw-r--r-- 1 apache apache  4903 May 31 13:25 insideview.php
drwxr-sr-x 2 apache apache  4096 Feb 27  2013 language
-rw-r--r-- 1 apache apache  2262 May 31 13:25 mapping.php
drwxr-sr-x 2 apache apache  4096 Feb 27  2013 tpls

# tree modules/Connectors/connectors/sources/ext/rest/insideview/
modules/Connectors/connectors/sources/ext/rest/insideview/
|-- InsideViewLogicHook.php
|-- config.php
|-- images
|   |-- close.png
|   |-- insideview.png
|   |-- insideview_collapsed.png
|   |-- insideview_expanded.png
|   `-- video.png
|-- insideview.php
|-- language
|   `-- en_us.lang.php
|-- mapping.php
`-- tpls
    `-- InsideView.tpl

3 directories, 11 files

@francescor commented on GitHub (Jun 5, 2020): Ok, yes, next time I'll start with the forum, thanks here is where that code should just be: ``` # grep -rl insideview.com /var/www/SuiteCRM/* modules/Connectors/connectors/sources/ext/rest/insideview/InsideViewLogicHook.php modules/Connectors/connectors/sources/ext/rest/insideview/tpls/InsideView.tpl # ll modules/Connectors/connectors/sources/ext/rest/insideview/ total 40 -rw-r--r-- 1 apache apache 10133 May 31 13:25 InsideViewLogicHook.php -rw-r--r-- 1 apache apache 2254 May 31 13:25 config.php drwxr-sr-x 2 apache apache 4096 Feb 27 2013 images -rw-r--r-- 1 apache apache 4903 May 31 13:25 insideview.php drwxr-sr-x 2 apache apache 4096 Feb 27 2013 language -rw-r--r-- 1 apache apache 2262 May 31 13:25 mapping.php drwxr-sr-x 2 apache apache 4096 Feb 27 2013 tpls # tree modules/Connectors/connectors/sources/ext/rest/insideview/ modules/Connectors/connectors/sources/ext/rest/insideview/ |-- InsideViewLogicHook.php |-- config.php |-- images | |-- close.png | |-- insideview.png | |-- insideview_collapsed.png | |-- insideview_expanded.png | `-- video.png |-- insideview.php |-- language | `-- en_us.lang.php |-- mapping.php `-- tpls `-- InsideView.tpl 3 directories, 11 files ```

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@francescor commented on GitHub (Jun 5, 2020):

and apparently this is the original writer of that code https://php.wekeepcoding.com/article/12052779/sugarcrm+community+edition+set+connectors+properties+showing+blank+box

@francescor commented on GitHub (Jun 5, 2020): and apparently this is the original writer of that code https://php.wekeepcoding.com/article/12052779/sugarcrm+community+edition+set+connectors+properties+showing+blank+box

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@chris001 commented on GitHub (Jun 5, 2020):

Don't panic. InsideView is a third party add on service for filling in business data on your leads, it was promoted inside the SugarCRM 6.5 Community Edition (the open source version). You can disable it without any worries. https://www.insideview.com/how-we-source-personal-data/

@chris001 commented on GitHub (Jun 5, 2020): Don't panic. InsideView is a third party add on service for filling in business data on your leads, it was promoted inside the SugarCRM 6.5 Community Edition (the open source version). You can disable it without any worries. https://www.insideview.com/how-we-source-personal-data/

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@francescor commented on GitHub (Jun 6, 2020):

wait a sec: I just downloaded and installed a pristine SuiteCRM 7.11.13, and that connector is there

]# tree /var/www/Vergine-SuiteCRM-7.11.13/modules/Connectors/connectors/sources/ext/rest/insideview/
/var/www/Vergine-SuiteCRM-7.11.13/modules/Connectors/connectors/sources/ext/rest/insideview/
|-- InsideViewLogicHook.php
|-- config.php
|-- images
|   |-- close.png
|   |-- insideview.png
|   |-- insideview_collapsed.png
|   |-- insideview_expanded.png
|   `-- video.png
|-- insideview.php
|-- language
|   `-- en_us.lang.php
|-- mapping.php
`-- tpls
    `-- InsideView.tpl

3 directories, 11 files

and yes, it is just not enable by default

Ok, so I just need to disable, which solve my problem, thanks.

BUT, let me say that that connector smells pretty bad: there "Terms of Use" is pretty bad I think, and even in this brand new installation of SuiteCRM the link to their privacy policy is wrong (https://www.insideview.com/cat-privacy.html/ ).

I do not know the SuiteCRM community, yet, and how you developers work, but I wonder if developers are aware of this.

@francescor commented on GitHub (Jun 6, 2020): wait a sec: I just downloaded and installed a pristine SuiteCRM 7.11.13, and that connector is there ``` ]# tree /var/www/Vergine-SuiteCRM-7.11.13/modules/Connectors/connectors/sources/ext/rest/insideview/ /var/www/Vergine-SuiteCRM-7.11.13/modules/Connectors/connectors/sources/ext/rest/insideview/ |-- InsideViewLogicHook.php |-- config.php |-- images | |-- close.png | |-- insideview.png | |-- insideview_collapsed.png | |-- insideview_expanded.png | `-- video.png |-- insideview.php |-- language | `-- en_us.lang.php |-- mapping.php `-- tpls `-- InsideView.tpl 3 directories, 11 files ``` and yes, it is just not enable by default ![Screenshot from 2020-06-06 17-42-27](https://user-images.githubusercontent.com/424577/83948372-2666a300-a81d-11ea-84ff-3c4d4768f883.png) Ok, so I just need to disable, which solve my problem, thanks. BUT, let me say that that connector smells pretty bad: there "Terms of Use" is pretty bad I think, and even in this brand new installation of SuiteCRM the link to their privacy policy is wrong (https://www.insideview.com/cat-privacy.html/ ). I do not know the SuiteCRM community, yet, and how you developers work, but I wonder if developers are aware of this.

deekerman commented

2026-02-20 16:16:07 -05:00

Author

Owner

@chris001 commented on GitHub (Jun 6, 2020):

You could remove it by deleting the connector code and its directories. It comes with the SugarCRM 6.5 CE, so you would have to delete it every time you upgraded the core SugarCRM 6.5 CE software.

@chris001 commented on GitHub (Jun 6, 2020): You could remove it by deleting the connector code and its directories. It comes with the SugarCRM 6.5 CE, so you would have to delete it every time you upgraded the core SugarCRM 6.5 CE software.

deekerman commented

2026-02-20 16:16:08 -05:00

Author

Owner

@Mac-Rae commented on GitHub (Jun 8, 2020):

Not sure how much we can do cause it's from before the fork, I'll mark this up as a potential cleanup for now.

@francescor although already said please consult the fourms and raise issues likes these there in the future. At worse if we feel it is a bug we'll direct you to raise and issue here anyways 👍👍

@Mac-Rae commented on GitHub (Jun 8, 2020): Not sure how much we can do cause it's from before the fork, I'll mark this up as a potential cleanup for now. @francescor although already said please consult the fourms and raise issues likes these there in the future. At worse if we feel it is a bug we'll direct you to raise and issue here anyways 👍👍

deekerman commented

2026-02-20 16:16:08 -05:00

Author

Owner

@Mac-Rae commented on GitHub (Jun 8, 2020):

@francescor could you also please modify the title to better reflect the raised issue. Maybe something along the lines of "SugarCM Core Plugin does not link to privacy policy"

I'll point out we will take a look at editing the code or if deemed able and sensable potential removing this module however there's a lot resting on that for it being part of the legacy system that changing stuff can open doors you don't want to 👍

@Mac-Rae commented on GitHub (Jun 8, 2020): @francescor could you also please modify the title to better reflect the raised issue. Maybe something along the lines of "SugarCM Core Plugin does not link to privacy policy" I'll point out we will take a look at editing the code or if deemed able and sensable potential removing this module however there's a lot resting on that for it being part of the legacy system that changing stuff can open doors you don't want to 👍

deekerman commented

2026-02-20 16:16:08 -05:00

Author

Owner

@francescor commented on GitHub (Jun 8, 2020):

@chris001 the code is in SuiteCrm, too

https://github.com/salesagility/SuiteCRM/tree/master/modules/Connectors/connectors/sources/ext/rest/insideview

and it is installed by default https://github.com/salesagility/SuiteCRM/blob/master/modules/Connectors/InstallDefaultConnectors.php

then even in the upgrade wizard https://github.com/salesagility/SuiteCRM/blob/master/modules/UpgradeWizard/uw_utils.php

and here, too https://github.com/salesagility/SuiteCRM/blob/master/install/install_utils.php

With that banner (I would have not another way of defining it) a user (any user in the organization) is only one click away from accepting the T&C which are pretty bad in my opinion (you can read it yourself, I can give my personal consideration about it) https://www.insideview.com/terms-use/ and, I have no time to dig it but for sure somebody is more prepared than me on this, it does not even respect the european privacy GDPR.

I am pretty surprised Insideview has such a priviege inside SuiteCRM code development: you may know the reason (which could be more than, legit, of course) and I would like to know it

@francescor commented on GitHub (Jun 8, 2020): @chris001 the code is in SuiteCrm, too https://github.com/salesagility/SuiteCRM/tree/master/modules/Connectors/connectors/sources/ext/rest/insideview and it is installed by default https://github.com/salesagility/SuiteCRM/blob/master/modules/Connectors/InstallDefaultConnectors.php then even in the upgrade wizard https://github.com/salesagility/SuiteCRM/blob/master/modules/UpgradeWizard/uw_utils.php and here, too https://github.com/salesagility/SuiteCRM/blob/master/install/install_utils.php With that banner (I would have not another way of defining it) a user (any user in the organization) is only one click away from accepting the T&C which are pretty bad in my opinion (you can read it yourself, I can give my personal consideration about it) https://www.insideview.com/terms-use/ and, I have no time to dig it but for sure somebody is more prepared than me on this, it does not even respect the european privacy GDPR. I am pretty surprised Insideview has such a priviege inside SuiteCRM code development: you may know the reason (which could be more than, legit, of course) and I would like to know it

deekerman commented

2026-02-20 16:16:08 -05:00

Author

Owner

@chris001 commented on GitHub (Jun 8, 2020):

InsideView was added to SugarCRM in April 2011, this was several years before data and privacy became huge issues and GDPR was adopted in May 2018. InsideView is a SugarCRM partner, so they agree not to misuse user data. They have a database with detailed data on almost all companies, like Dun & Bradstreet, so if you have the email address for a contact/lead/account stored in your SuiteCRM, and that email domain matches a company in the InsideView database, the software auto fills in the missing data about that person/company in the record for you, it saves a lot of user/employee time on re-typing in so much publicly known company data (address, phone numbers, fax numbers, website, industry code, company size, who the person reports to, etc). That being said, you may very well want to just disable the InsideView connector so that your users won't see the panel with their "terms of use" link, which is currently a broken link anyway, and possibly click on "Agree".

@chris001 commented on GitHub (Jun 8, 2020): [InsideView was added to SugarCRM in April 2011](https://finance.yahoo.com/news/InsideViews-Sales-iw-1186015270.html), this was several years before data and privacy became huge issues and GDPR was adopted in May 2018. InsideView is a SugarCRM partner, so they agree not to misuse user data. They have a database with detailed data on almost all companies, like Dun & Bradstreet, so if you have the email address for a contact/lead/account stored in your SuiteCRM, and that email domain matches a company in the InsideView database, the software auto fills in the missing data about that person/company in the record for you, it saves a lot of user/employee time on re-typing in so much publicly known company data (address, phone numbers, fax numbers, website, industry code, company size, who the person reports to, etc). That being said, you may very well want to just disable the InsideView connector so that your users won't see the panel with their "terms of use" link, which is currently a broken link anyway, and possibly click on "Agree".

deekerman commented

2026-02-20 16:16:08 -05:00

Author

Owner

@francescor commented on GitHub (Jun 8, 2020):

Ok, I've got it now (and yes, I already removed its code in my client's server).
Where can I purpose developers the removal of that code? as you said:

a link is broken (not the 'terms of use' in https://github.com/salesagility/SuiteCRM/blob/master/modules/Connectors/connectors/sources/ext/rest/insideview/tpls/InsideView.tpl#L167 which is fine, but the privacy link in the same line)
plus users who really want that code can install it themselves "in minutes" as Insideview state in https://www.insideview.com/insideview-installation-sugarcrm/

@francescor commented on GitHub (Jun 8, 2020): Ok, I've got it now (and yes, I already removed its code in my client's server). Where can I purpose developers the removal of that code? as you said: * a link is broken (not the 'terms of use' in https://github.com/salesagility/SuiteCRM/blob/master/modules/Connectors/connectors/sources/ext/rest/insideview/tpls/InsideView.tpl#L167 which is fine, but the privacy link in the same line) * plus users who really want that code can install it themselves "in minutes" as Insideview state in https://www.insideview.com/insideview-installation-sugarcrm/

deekerman commented

2026-02-20 16:16:08 -05:00

Author

Owner

@francescor commented on GitHub (Jun 8, 2020):

(btw @chris001 I see your website has a weird return a weird file in homepage, with somehow encoded mv etc/ /old_etc command inside)

@francescor commented on GitHub (Jun 8, 2020): (btw @chris001 I see your website has a weird return a weird file in homepage, with somehow encoded `mv etc/ /old_etc` command inside)

deekerman commented

2026-02-20 16:16:08 -05:00

Author

Owner

@chris001 commented on GitHub (Jun 8, 2020):

Where can I purpose developers the removal of that code?

You should ask here in this issue for someone to submit a pull request, to modify the install settings for SuiteCRM included connectors, so that the InsideView connector would be installed as disabled.

I see your website has a weird return a weird file in homepage, with somehow encoded mv etc/ /old_etc command inside

Thank you - link fixed now.

@chris001 commented on GitHub (Jun 8, 2020): > Where can I purpose developers the removal of that code? You should ask here in this issue for someone to submit a pull request, to modify the install settings for SuiteCRM included connectors, so that the InsideView connector would be installed as `disabled`. > I see your website has a weird return a weird file in homepage, with somehow encoded `mv etc/ /old_etc` command inside Thank you - link fixed now.

deekerman commented

2026-02-20 16:16:08 -05:00

Author

Owner

@francescor commented on GitHub (Jun 8, 2020):

Ok, so I would suggest developers to submit a pull request to remove of the default enabled installation of the Insideview connector cited in code at

thanks

@francescor commented on GitHub (Jun 8, 2020): Ok, so I would suggest developers to submit a pull request to remove of the default enabled installation of the Insideview connector cited in code at * https://github.com/salesagility/SuiteCRM/tree/master/modules/Connectors/connectors/sources/ext/rest/insideview * https://github.com/salesagility/SuiteCRM/blob/master/modules/Connectors/InstallDefaultConnectors.php * https://github.com/salesagility/SuiteCRM/blob/master/modules/UpgradeWizard/uw_utils.php * https://github.com/salesagility/SuiteCRM/blob/master/install/install_utils.php thanks

deekerman commented

2026-02-20 16:16:08 -05:00

Author

Owner

@Mac-Rae commented on GitHub (Jun 11, 2020):

Already been sorted @francescor when I marked it with a priority, your welcome to make the PR yourself if you know of the required changes and have the time 👍

@Mac-Rae commented on GitHub (Jun 11, 2020): Already been sorted @francescor when I marked it with a priority, your welcome to make the PR yourself if you know of the required changes and have the time :+1:

deekerman commented

2026-02-20 16:16:08 -05:00

Author

Owner

@francescor commented on GitHub (Mar 3, 2021):

I see insideview is still enabled by default in a pristine installation, this is still a security issue to me

Can someone help me to find out what, in the installation setup, set 'enabled' => true in custom_directory/modules/Connectors/metadata/connectors.php

  'ext_rest_insideview' =>
  array (
    'id' => 'ext_rest_insideview',
    'name' => 'InsideView&#169;',
    'enabled' => true,
    'directory' => 'modules/Connectors/connectors/sources/ext/rest/insideview',
    'eapm' => false,
    'modules' =>
    array (
      0 => 'Accounts',
      1 => 'Contacts',
      2 => 'Leads',
      3 => 'Opportunities',
    ),
  ),

@francescor commented on GitHub (Mar 3, 2021): I see insideview is still enabled by default in a pristine installation, this is still a security issue to me Can someone help me to find out what, in the installation setup, set `'enabled' => true` in custom_directory/modules/Connectors/metadata/connectors.php ``` 'ext_rest_insideview' => array ( 'id' => 'ext_rest_insideview', 'name' => 'InsideView©', 'enabled' => true, 'directory' => 'modules/Connectors/connectors/sources/ext/rest/insideview', 'eapm' => false, 'modules' => array ( 0 => 'Accounts', 1 => 'Contacts', 2 => 'Leads', 3 => 'Opportunities', ), ), ```

deekerman commented

2026-02-20 16:16:08 -05:00

Author

Owner

@francescor commented on GitHub (Mar 3, 2021):

thanks to User: pgr, see https://community.suitecrm.com/t/insideview-a-connector-that-to-me-is-a-security-issue/78671/3, I just fired a pull request https://github.com/salesagility/SuiteCRM/pull/9052

@francescor commented on GitHub (Mar 3, 2021): thanks to User: pgr, see https://community.suitecrm.com/t/insideview-a-connector-that-to-me-is-a-security-issue/78671/3, I just fired a pull request https://github.com/salesagility/SuiteCRM/pull/9052

Rows
Columns

Insideview banner advertisement popping out #4313