Category Archives: Apex

Plot your customers using Geocodes for Addresses

Introduction
With summer’ 16 release salesforce introduced a new feature Geocodes for Addresses which enables users to get geocodes added for addresses on existing and new accounts, contacts, and leads.

How is it useful for my organization ?
A. This can help your organization’s salesforce users/ sales reps to identify prospects in a particular area.
B. This can help to set up campaigns based on location.
C. This can your business to assign leads or opportunity to your sales reps.
D. You can identify distance between you and your customer locations.

How it can be used?
Currently this feature is rolled out to following standard address fields ->
A.Billing and Shipping Address Fields on Accounts object.
B.Address Field on Leads object.
C.Mailing Address Field on Contacts Field.

How does it works?
Its works with no extra efforts. You just need to supply the address information in supported address fields and geocodes are automatically generated for the particular record.

The clause is you should have Geocode Clean Rules activated. Once activated salesforce generates the address coordinates on the existing records and new records in supported objects

What can be an example for this?
Let say you enter Amsterdam, Netherlands as Billing Address on an account record.
Now salesforce will generate following values in the geocode fields
BillingLadtitude -> 52.37317
BillingLongitude -> 4.89066

Note that these fields act as part of BillingAddress field a.k.a Address Compound Fields

How I can verify the values are correct?
You can use http://www.latlong.net/Show-Latitude-Longitude.html

What can be a business use case?
Lets say you want to plot your customers (Accounts) on a graph based upon the distance between your organization’s HQ and customer location based on Billing Address.

How it can be done?
We can do it using visualforce and apex. I will explain this using my previous post Simple dashboard using Bootstrap + Chart.js inside Salesforce.com

Using the same I have plotted Number of customers v/s distance graph

I have created buckets of distance in form of –
A. Less than 50 Miles.
B. Between 50 and 100 Miles.
C. Between 100 and 150 Miles.
D. More than 150 Miles.

The location from which I am calculating the distance is Gurgaon,Haryana,India which equals to location coordinates as Longitutde -> 28.4247649 Latitude -> 76.8496956

How it is possible in code?

For calculating the distance we are using the Location Based SOQL Query and Geocode for Address Fields

The query looks like ->
SELECT id,name FROM Account where DISTANCE(BillingAddress, GEOLOCATION(28.4247649, 76.8496956), 'mi')<50

The DISTANCE is being used to calculate the difference between the BillingAddress Coordinates and Gurgaon's coordinates, mi denotes the unit of measurement is Miles, it can be changed with Kilometers(km).

Where is the code?

Here you go ->

Visualforce Page ->


    
    
        
            Charts
            
            
            
            
        
      
          
         

Apex Class ->

public class GeoChartCreatorCls {
    public List accList;
    public Integer lessThan50 {get;set;}
    public Integer range50To100 {get;set;}
    public Integer range100To150 {get;set;}  
    public Integer moreThan150 {get;set;}
    public geoChartCreatorCls(){
        accList = new List();
        lessThan50 = 0;
        range50To100 = 0;
        range100To150 = 0;
        
              
        generateData();
        
    
    }
    
    
   
   public void generateData(){
   
       accList  = [SELECT id,name FROM Account where DISTANCE(BillingAddress, GEOLOCATION(28.4247649, 76.8496956), 'mi')<50];
       
       if(accList!=null && accList.size()>0){
           lessThan50 = accList.size();
       }
       
       accList  = [SELECT id,name FROM Account where DISTANCE(BillingAddress, GEOLOCATION(28.4247649, 76.8496956), 'mi')>50 AND DISTANCE(BillingAddress, GEOLOCATION(28.4247649, 76.8496956), 'mi')<100];
       
       if(accList!=null && accList.size()>0){
           range50To100 = accList.size();
       }
          
       
       accList  = [SELECT id,name FROM Account where DISTANCE(BillingAddress, GEOLOCATION(28.4247649, 76.8496956), 'mi')>100 AND DISTANCE(BillingAddress, GEOLOCATION(28.4247649, 76.8496956), 'mi')<150];
       
       if(accList!=null && accList.size()>0){
           range50To100 = accList.size();
       }
           
       
       accList  = [SELECT id,name FROM Account where DISTANCE(BillingAddress, GEOLOCATION(28.4247649, 76.8496956), 'mi')>150 ];
       
       if(accList!=null && accList.size()>0){
           range50To100 = accList.size();
       }
       
       
   }

}

Do geocode fields works with Person Accounts?
No.

Any issue encountered while working with this?
The only issue I found while working with DISTANCE is, it wont supports = [equals to],>= [greater than equals to] and <= [less than equals to]

Learn Salesforce1 Mobile Basics Using Trailhead

If you are new to Salesforce1 platform or want to know how you can learn Salesforce1 Mobile Basics this post is for you.

Salesforce.com has come up with a great learning module called Trailhead, announced in Dreamforce’14 which enables the developers of every level to brush up their skills.

My favorite module on Trailhead is Salesforce1 Mobile Basics.

This trailhead module have 5 steps which gives you basic know how of Salesforce1 Mobile App.

1.Getting Started with the Salesforce1 Mobile App.

This step covers the basic introduction of Salesforce1 Mobile and how to access it. Its all about getting familiar with the navigation of app.

Best thing is the video introduction given in this step.

2.Customizing Navigation

This step walks you through the navigation menu overview and then makes you understand how you can customize the navigation menu.

s1_navigation_ss

3.Customizing Compact Layout

This step is important one, this lets you understand compact layouts and how you can customize them or override the standard ones.

Basically compact layouts are the area which shows the key information related to a record.

compact_layout_before_after_2fer

4.Creating Global Publisher Actions

Global publisher actions lets you to create records quickly.

For example you want the users of your app to quickly create a Case without going into the navigation menu Global Publisher Actions will let users to do that directly from the action bar.

s1_actionbar

5.Creating Object-Specific Publisher Actions

The step lets you understand how you can create object specific quick actions (Publisher Actions).

For example, you want to create an Invoice Line Item when you are viewing an Invoice Record in this scenario you can use Object-Specific Publisher Actions.

Key Take Aways:

1.Customization of Salesforce1 Mobile Navigation

2.Customization of Compact Layouts

3.Publisher Actions

So try this out here – https://developer.salesforce.com/trailhead/module/salesforce1_mobile_app  

Securing your force.com app

Securing your force.com app

Building an app on force.com is great. But when it comes to developing a secure force.com app its a bit different thing.

Following are the guide lines, tips and tricks that you can follow to ease your app to pass Force.com security review .

 

  1. Parameter Tampering Issue.

This happens when you are trying to send some value from visualforce page and the value is being used throughout the controller. When this being used with any query it may result into database tempering.

 

Example :

String vid = ApexPages.currentPage().getParameters().get(‘id’);

account acc =[select id,name from account where id=:vid limit 1];

Solution:

account acc =[select id,name from account where id=:ApexPages.currentPage().getParameters().get(‘id’) limit 1];

 

 

  1. Second Order SOQL and SOSL Injection.

SOQL injection involves taking user-supplied input and using thosevalues in a dynamic SOQL query. If the input is not validated, it may include SOQL commands that effectively modify the SOQL statement and trickthe application into performing unintended commands.

 

Solution 1.: Avoid using dynamic SOQL/SOSL queries

 

Solution 2:

 

Example :

 

Folio__cfo=[select id,name from Folio__c where

Transaction__r.Id=:sr.Transaction__r.Id AND id!=null LIMIT 1];

 

Can be changed into

 

Folio__cfo=[select id,name from Folio__c where Transaction__r.Id=:String.escapeSingleQuotes(sr.Transaction__r.Id) AND id!=null LIMIT 1];

 

 

 

 

  1. Queries with No Where or No Limit Clause

 

Apex has governor limits in place that limits the number of records that can be retrieved through a SOQL query. This issue says SOQLqueries in the apex code that does not have a WHERE clause nor uses the LIMIT clause to restrict the number of records retrieved.

 

Solution: Apply Limit , if not possible to use limits use Where clause.

The Where clause can be a null check on id field

 

accq=[select id,name from account where id!=null];

 

  1. Sharing with controller

 

By default Apex have capability to read and update all data and doesn’t cares about FLS,OWD or profile permissions. We must take care of all these from a developer’s perspective.If no sharing setting is defined on the controller this may give a security issue.

 

Solution:

 

Use “public with sharing class className”

 

  1. FLS Create/FLS Partial Create /FLS Update/ FLS Partial Update:

 

While creating/inserting/updating a record the Apex code must check if the user have sufficient privileges to insert/update the record.

 

 

Example:

 

OrderPayment__c op = new OrderPayment__c();

Payment_Amount__c=grandtotal;

Collection_Date__c=Date.valueOf(System.now());

Collection__c=true;

insert op;

 

Solution :

 

OrderPayment__c op = new OrderPayment__c();

Payment_Amount__c=grandtotal;

Collection_Date__c=Date.valueOf(System.now());

Collection__c=true;

 

if(Schema.sObjectType.OrderPayment__c.fields.Payment_Amount__c.isCreateable() && Schema.sObjectType.OrderPayment__c.fields.Collection_Date__c.isCreateable() && Schema.sObjectType.OrderPayment__c.fields.Collection__c.isCreateable() ){

insert op;

}

 

In Case of update

 

if(Schema.sObjectType.OrderPayment__c.fields.Payment_Amount__c.isUpdateable() && Schema.sObjectType.OrderPayment__c.fields.Collection_Date__c.isUpdateable() && Schema.sObjectType.OrderPayment__c.fields.Collection__c.isUpdateable() ){

Update op;

}

 

 

 

  1. Test_Methods_With_No_Assert :

Proper assert statements are advised, at least 10 to 20 in a single test class.

 

 

 

  1. For Store XSS (Cross Site Scripting )Issue

About: Cross-site scripting is a vulnerability that occurs when an attacker can insert unauthorized JavaScript, VBScript, HTML, or other active content into a web page viewed by other users.

This issue raised when controllervariable are being used in JavaScript / JQuery .

Example:

Public class mycontroller{

String myval{get;set;}

Public mycontroller(){

Myval=’Hello Page Loaded’;

}

}

//On page

<Script>

Varscriptvar = ‘{!myval}’;

Alert(scriptvar);

</script>

 

POSSIBLE SOLUTION:

Varscriptvar = ‘{!JSENCODE(myvar)}’;

Happy Secure Coding 🙂

Unable to Download/Upload Files using Salesforce1

Hi Friends,

Recently i was playing with Salesforce1 platform.

I built a functionality where i can upload or download files from Salesforce.

Everything worked fine when i was emulating  the app behavior over the google chrome.

But i was not able to do the same on Android Device.

Investigated but not got a satisfactory answer anywhere.

Do anyone faced similar issues? Do Salesforce have some restrictions with Salesforce1 app?

Do only limited set of Visualforce Tags work for Salesforce1?

You can have a look at my post on Salesforce StackExchange over here:

http://salesforce.stackexchange.com/questions/26941/uploading-and-downloading-file-by-using-salesforce1/27253?noredirect=1#27253