luos/gulliver/js/tinymce/jscripts/tiny_mce/plugins/pmSimpleUploader/uploader.php

<html>
<head>
	<title>Upload an Output Document</title>
	<script type="text/javascript" src="../../tiny_mce_popup.js" ></script>
	<script type="text/javascript" src="editor_plugin_src.js" ></script>
	<base target="_self" />
    <script type="text/javascript">
    function validateForm()
    {
        var flagv = true;
        var msgv  = "";

        var fileName = document.getElementById("File1").value;

        if (fileName == "") {
            flagv = false;
            msgv  = msgv + ((msgv != "")? "\n" : "") + "No file chosen";
        }

        if (fileName != "" && !/\.html?$/i.test(fileName)) {
            flagv = false;
            msgv  = msgv + ((msgv != "")? "\n" : "") + "Extension of file invalid, only allowed extensions html and htm";
        }

        if (flagv) {
            document.getElementById("containerDataForm").style.display = "none";
            document.getElementById("containerProgressBar").style.display = "inline";
        } else {
            alert(msgv);
        }

        return flagv;
    }
    </script>
</head>
<body>
<?php
    $filter = new InputFilter();
    if(isset($_GET["q"])) {
        $_GET["q"] = $filter->xssFilterHard($_GET["q"]);
        $Action = $_GET["q"];
    } else {
        $Action = "none";
    }
	//$Action = isset($_GET["q"]) ? $_GET["q"] : "none";
	if($Action =="none"){
            displayUploadForm();
        }else if($Action=="upload"){
            uploadContentFile();
        }
?>
</body>
</html>

<?php

// displays the upload form
function displayUploadForm()
{
    $filter = new InputFilter();
    if(isset($_SERVER["QUERY_STRING"])) {
        $_SERVER["QUERY_STRING"] = $filter->xssFilterHard($_SERVER["QUERY_STRING"],'url');
    }
    
    $html = "
    <div id=\"containerDataForm\">
        <form method=\"post\" enctype=\"multipart/form-data\" action=\"uploader.php?" . $_SERVER["QUERY_STRING"] . "&q=upload\" onsubmit=\"return validateForm();\">
            <br/>
            File:&nbsp;
            <input type=\"file\" id=\"File1\" name=\"upload_file\" />&nbsp;(*.html, *.htm)
            <br/>
            <input type=\"submit\" name=\"Upload File\" value=\"Upload File\" style=\"border: 1px solid #1ba385; float: right; margin-top: 30px; margin-right: -4px; font-size: 10px; display: inline-block; text-decoration: none; padding: 8px 24px; -moz-border-radius: 2px; -ms-border-radius: 2px; -o-border-radius: 2px; background-color: #1fbc99; color: white;\" />
            <input type=\"button\" onclick=\"tinyMCEPopup.close();\"name=\"Cancel\" value=\"Cancel\" style=\"border: 1px solid #e14333; float: right; margin-top: 30px; margin-right: 8px; font-size: 10px; display: inline-block; text-decoration: none; padding: 8px 24px; -moz-border-radius: 2px; -ms-border-radius: 2px; -o-border-radius: 2px; background-color: #e4655f; color: white;\" />
        </form>
    </div>

    <div id=\"containerProgressBar\" style=\"display: none;\">
        Uploading...&nbsp;<img src=\"progress.gif\" alt=\"\" title=\"Uploading...\" />
    </div>
    ";

    echo $html;
}
// uploads the file to the destination path, and returns a link with link path substituted for destination path
function uploadContentFile()
{
    $filter = new InputFilter();
    $_FILES["upload_file"] = $filter->xssFilterHard($_FILES["upload_file"]);
    
	$StatusMessage = "";
	$ActualFileName = "";
    $DestPath = sys_get_temp_dir();
    $aux='';
    $chain = preg_replace("/\r\n+|\r+|\n+|\t+/i", " ", file_get_contents($_FILES["upload_file"]["tmp_name"]));
    $chain=preg_replace('#<head(.*?)>(.*?)</head>#is', ' ', $chain);
    $chain=strip_tags($chain, '<address><label><canvas><option><ol><u><textarea><em><h1><h2><h3><h4><h5><h6><section><tbody><tr><th><td><hr><center><br><b><img><p><a><table><caption><thead><div><ul><li><form><input><strong><span><small><button><figure>');
    $chain=str_replace ('"',"'",$chain);
    updateEditorContent(trim($chain));
    closeWindow();
}


function showPopUp($PopupText)
{

    $filter = new InputFilter();
    $PopupText = $filter->xssFilterHard($PopupText);
	echo "<script type=\"text/javascript\" language=\"javascript\">alert (\"$PopupText\");</script>";
}

function updateEditorContent($serializedHTML)
{
    echo "<script type=\"text/javascript\" language=\"javascript\">updateEditorContent(\"".$serializedHTML."\");</script>";
}

function closeWindow()
{
	echo '
            <script language="javascript" type="text/javascript">
                    closePluginPopup();
            </script>
         ';
}
?>
PM-1743 "No se pueden adjuntar archivos en el editor..." SOLVED Issue: No se pueden adjuntar archivos en el editor de Output Documents Cause: El editor de OutputDocuments no valida la extension de los archivos cuando se utiliza la opcion "Upload File" Solution: - Se ha agregado las validaciones necesarias cuando se hace el upload de files - Solo se permiten files con extension .html y .htm 2015-03-12 16:28:08 -04:00			`<html>`
Fixed some isses with the integration with TinyMCE and also Created the plugin pmSimpleUploader for TinyMCE 2012-11-15 13:07:06 -04:00			`<head>`
WYSIWYG EDITOR output Documents Wysiwyg Editor Output Documents 2012-11-16 20:13:09 +00:00			`<title>Upload an Output Document</title>`
Fixed some isses with the integration with TinyMCE and also Created the plugin pmSimpleUploader for TinyMCE 2012-11-15 13:07:06 -04:00			`<script type="text/javascript" src="../../tiny_mce_popup.js" ></script>`
WYSIWYG EDITOR output Documents Wysiwyg Editor Output Documents 2012-11-16 20:13:09 +00:00			`<script type="text/javascript" src="editor_plugin_src.js" ></script>`
Fixed some isses with the integration with TinyMCE and also Created the plugin pmSimpleUploader for TinyMCE 2012-11-15 13:07:06 -04:00			`<base target="_self" />`
PM-1743 "No se pueden adjuntar archivos en el editor..." SOLVED Issue: No se pueden adjuntar archivos en el editor de Output Documents Cause: El editor de OutputDocuments no valida la extension de los archivos cuando se utiliza la opcion "Upload File" Solution: - Se ha agregado las validaciones necesarias cuando se hace el upload de files - Solo se permiten files con extension .html y .htm 2015-03-12 16:28:08 -04:00			`<script type="text/javascript">`
			`function validateForm()`
			`{`
			`var flagv = true;`
			`var msgv = "";`

			`var fileName = document.getElementById("File1").value;`

			`if (fileName == "") {`
			`flagv = false;`
			`msgv = msgv + ((msgv != "")? "\n" : "") + "No file chosen";`
			`}`

			`if (fileName != "" && !/\.html?$/i.test(fileName)) {`
			`flagv = false;`
			`msgv = msgv + ((msgv != "")? "\n" : "") + "Extension of file invalid, only allowed extensions html and htm";`
			`}`

			`if (flagv) {`
			`document.getElementById("containerDataForm").style.display = "none";`
			`document.getElementById("containerProgressBar").style.display = "inline";`
			`} else {`
			`alert(msgv);`
			`}`

			`return flagv;`
			`}`
			`</script>`
Fixed some isses with the integration with TinyMCE and also Created the plugin pmSimpleUploader for TinyMCE 2012-11-15 13:07:06 -04:00			`</head>`
			`<body>`
			`<?php`
xss-4 2015-03-20 17:21:22 -04:00			`$filter = new InputFilter();`
			`if(isset($_GET["q"])) {`
			`$_GET["q"] = $filter->xssFilterHard($_GET["q"]);`
			`$Action = $_GET["q"];`
			`} else {`
			`$Action = "none";`
			`}`
			`//$Action = isset($_GET["q"]) ? $_GET["q"] : "none";`
WYSIWYG EDITOR output Documents Wysiwyg Editor Output Documents 2012-11-16 20:13:09 +00:00			`if($Action =="none"){`
Fixed some isses with the integration with TinyMCE and also Created the plugin pmSimpleUploader for TinyMCE 2012-11-15 13:07:06 -04:00			`displayUploadForm();`
			`}else if($Action=="upload"){`
WYSIWYG EDITOR output Documents Wysiwyg Editor Output Documents 2012-11-16 20:13:09 +00:00			`uploadContentFile();`
Fixed some isses with the integration with TinyMCE and also Created the plugin pmSimpleUploader for TinyMCE 2012-11-15 13:07:06 -04:00			`}`
			`?>`
			`</body>`
			`</html>`

			`<?php`

			`// displays the upload form`
			`function displayUploadForm()`
			`{`
xss-4 2015-03-20 17:21:22 -04:00			`$filter = new InputFilter();`
			`if(isset($_SERVER["QUERY_STRING"])) {`
			`$_SERVER["QUERY_STRING"] = $filter->xssFilterHard($_SERVER["QUERY_STRING"],'url');`
			`}`

PM-1743 "No se pueden adjuntar archivos en el editor..." SOLVED Issue: No se pueden adjuntar archivos en el editor de Output Documents Cause: El editor de OutputDocuments no valida la extension de los archivos cuando se utiliza la opcion "Upload File" Solution: - Se ha agregado las validaciones necesarias cuando se hace el upload de files - Solo se permiten files con extension .html y .htm 2015-03-12 16:28:08 -04:00			`$html = "`
			`<div id=\"containerDataForm\">`
			`<form method=\"post\" enctype=\"multipart/form-data\" action=\"uploader.php?" . $_SERVER["QUERY_STRING"] . "&q=upload\" onsubmit=\"return validateForm();\">`
PM-2348,PM-2469,PM-2470 Designer > BPMN Designer: Estandarizar la funcionalidad del botóCancel' Se agrego funcionalidad para IE 2015-06-09 14:36:43 -04:00			`<br/>`
PM-1743 "No se pueden adjuntar archivos en el editor..." SOLVED Issue: No se pueden adjuntar archivos en el editor de Output Documents Cause: El editor de OutputDocuments no valida la extension de los archivos cuando se utiliza la opcion "Upload File" Solution: - Se ha agregado las validaciones necesarias cuando se hace el upload de files - Solo se permiten files con extension .html y .htm 2015-03-12 16:28:08 -04:00			`File: `
			`<input type=\"file\" id=\"File1\" name=\"upload_file\" /> (.html, .htm)`
PM-2348,PM-2469,PM-2470 Designer > BPMN Designer: Estandarizar la funcionalidad del botóCancel' Se agrego funcionalidad para IE 2015-06-09 14:36:43 -04:00			`<br/>`
PM-2536 2015-05-25 11:21:46 -04:00			`<input type=\"submit\" name=\"Upload File\" value=\"Upload File\" style=\"border: 1px solid #1ba385; float: right; margin-top: 30px; margin-right: -4px; font-size: 10px; display: inline-block; text-decoration: none; padding: 8px 24px; -moz-border-radius: 2px; -ms-border-radius: 2px; -o-border-radius: 2px; background-color: #1fbc99; color: white;\" />`
PM-2348,PM-2469,PM-2470 Designer > BPMN Designer: Estandarizar la funcionalidad del botóCancel' Se agrego funcionalidad para IE 2015-06-09 14:36:43 -04:00			`<input type=\"button\" onclick=\"tinyMCEPopup.close();\"name=\"Cancel\" value=\"Cancel\" style=\"border: 1px solid #e14333; float: right; margin-top: 30px; margin-right: 8px; font-size: 10px; display: inline-block; text-decoration: none; padding: 8px 24px; -moz-border-radius: 2px; -ms-border-radius: 2px; -o-border-radius: 2px; background-color: #e4655f; color: white;\" />`
PM-1743 "No se pueden adjuntar archivos en el editor..." SOLVED Issue: No se pueden adjuntar archivos en el editor de Output Documents Cause: El editor de OutputDocuments no valida la extension de los archivos cuando se utiliza la opcion "Upload File" Solution: - Se ha agregado las validaciones necesarias cuando se hace el upload de files - Solo se permiten files con extension .html y .htm 2015-03-12 16:28:08 -04:00			`</form>`
			`</div>`

			`<div id=\"containerProgressBar\" style=\"display: none;\">`
			`Uploading... <img src=\"progress.gif\" alt=\"\" title=\"Uploading...\" />`
			`</div>`
			`";`

			`echo $html;`
Fixed some isses with the integration with TinyMCE and also Created the plugin pmSimpleUploader for TinyMCE 2012-11-15 13:07:06 -04:00			`}`
			`// uploads the file to the destination path, and returns a link with link path substituted for destination path`
			`function uploadContentFile()`
			`{`
xss-4 2015-03-20 17:21:22 -04:00			`$filter = new InputFilter();`
			`$_FILES["upload_file"] = $filter->xssFilterHard($_FILES["upload_file"]);`

Fixed some isses with the integration with TinyMCE and also Created the plugin pmSimpleUploader for TinyMCE 2012-11-15 13:07:06 -04:00			`$StatusMessage = "";`
WYSIWYG EDITOR output Documents Wysiwyg Editor Output Documents 2012-11-16 20:13:09 +00:00			`$ActualFileName = "";`
			`$DestPath = sys_get_temp_dir();`
			`$aux='';`
PM-1743 "No se pueden adjuntar archivos en el editor..." SOLVED Issue: No se pueden adjuntar archivos en el editor de Output Documents Cause: El editor de OutputDocuments no valida la extension de los archivos cuando se utiliza la opcion "Upload File" Solution: - Se ha agregado las validaciones necesarias cuando se hace el upload de files - Solo se permiten files con extension .html y .htm 2015-03-12 16:28:08 -04:00			`$chain = preg_replace("/\r\n+\|\r+\|\n+\|\t+/i", " ", file_get_contents($_FILES["upload_file"]["tmp_name"]));`
PM-1744 No se pueden adjuntar archivos en el editor de Templates. Causa: Leve conflicto con el manejo del .html Solucion: Hacer un barrido del .html y realizar ciertos ajustes en funcion de la plantilla .html. 2015-03-09 13:20:13 -04:00			`$chain=preg_replace('#<head(.?)>(.?)</head>#is', ' ', $chain);`
			`$chain=strip_tags($chain, '<address><label><canvas><option><ol><u><textarea><em><h1><h2><h3><h4><h5><h6><section><tbody><tr><th><td><hr><center><br><b><img><p><a><table><caption><thead><div><ul><li><form><input><strong><span><small><button><figure>');`
PM-1744 No se pueden adjuntar archivos en el editor de Templates Causa: Leve conflicto con el manejo del .html Solicion: Hacer un barrido del .html y realizar reamplazos a ciertos caracteres. 2015-03-06 12:33:27 -04:00			`$chain=str_replace ('"',"'",$chain);`
			`updateEditorContent(trim($chain));`
WYSIWYG EDITOR output Documents Wysiwyg Editor Output Documents 2012-11-16 20:13:09 +00:00			`closeWindow();`
Fixed some isses with the integration with TinyMCE and also Created the plugin pmSimpleUploader for TinyMCE 2012-11-15 13:07:06 -04:00			`}`


			`function showPopUp($PopupText)`
			`{`
HOR-2689 2017-08-02 16:06:56 -04:00
xss-4 2015-03-20 17:21:22 -04:00			`$filter = new InputFilter();`
			`$PopupText = $filter->xssFilterHard($PopupText);`
Fixed some isses with the integration with TinyMCE and also Created the plugin pmSimpleUploader for TinyMCE 2012-11-15 13:07:06 -04:00			`echo "<script type=\"text/javascript\" language=\"javascript\">alert (\"$PopupText\");</script>";`
			`}`

			`function updateEditorContent($serializedHTML)`
			`{`
WYSIWYG EDITOR output Documents Wysiwyg Editor Output Documents 2012-11-16 20:13:09 +00:00			`echo "<script type=\"text/javascript\" language=\"javascript\">updateEditorContent(\"".$serializedHTML."\");</script>";`
Fixed some isses with the integration with TinyMCE and also Created the plugin pmSimpleUploader for TinyMCE 2012-11-15 13:07:06 -04:00			`}`

			`function closeWindow()`
			`{`
			`echo '`
WYSIWYG EDITOR output Documents Wysiwyg Editor Output Documents 2012-11-16 20:13:09 +00:00			`<script language="javascript" type="text/javascript">`
Fixed some isses with the integration with TinyMCE and also Created the plugin pmSimpleUploader for TinyMCE 2012-11-15 13:07:06 -04:00			`closePluginPopup();`
			`</script>`
WYSIWYG EDITOR output Documents Wysiwyg Editor Output Documents 2012-11-16 20:13:09 +00:00			`';`
Fixed some isses with the integration with TinyMCE and also Created the plugin pmSimpleUploader for TinyMCE 2012-11-15 13:07:06 -04:00			`}`
			`?>`