Merge branch 'master' of bitbucket.org:colosa/processmaker into BUG-10957
This commit is contained in:
Luis Fernando Saisa Lopez
@@ -136,7 +136,7 @@ class Installer
|
||||
}
|
||||
|
||||
$this->run_query("CREATE DATABASE IF NOT EXISTS " . $wf . " DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci", "Create database $wf");
|
||||
|
||||
|
||||
if ($this->cc_status == 1) {
|
||||
$host = ($islocal) ? "localhost" : "%";
|
||||
$this->run_query("GRANT ALL PRIVILEGES ON `$wf`.* TO $wf@'$host' IDENTIFIED BY '{$this->options['password']}' WITH GRANT OPTION", "Grant privileges for user $wf on database $wf");
|
||||
@@ -174,7 +174,7 @@ class Installer
|
||||
);
|
||||
|
||||
// inserting the outh_client
|
||||
$query = ( "INSERT INTO OAUTH_CLIENTS (CLIENT_ID,CLIENT_SECRET,CLIENT_NAME,CLIENT_DESCRIPTION,CLIENT_WEBSITE,REDIRECT_URI,USR_UID ) VALUES
|
||||
$query = ( "INSERT INTO OAUTH_CLIENTS (CLIENT_ID,CLIENT_SECRET,CLIENT_NAME,CLIENT_DESCRIPTION,CLIENT_WEBSITE,REDIRECT_URI,USR_UID ) VALUES
|
||||
('x-pm-local-client','179ad45c6ce2cb97cf1029e212046e81','PM Web Designer','ProcessMaker Web Designer App','www.processmaker.com','" . $endpoint . "','00000000000000000000000000000001' )");
|
||||
$this->run_query( $query );
|
||||
|
||||
@@ -437,7 +437,7 @@ class Installer
|
||||
// The mysql_escape_string function has been DEPRECATED as of PHP 5.3.0.
|
||||
// $this->run_query('UPDATE USERS SET USR_USERNAME = \''.mysql_escape_string($this->options['admin']['username']).'\', `USR_PASSWORD` = \''.md5($this->options['admin']['password']).'\' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1',
|
||||
// "Add 'admin' user in ProcessMaker (rb)");
|
||||
$this->run_query('UPDATE USERS SET USR_USERNAME = \'' . mysql_real_escape_string($this->options['admin']['username']) . '\', ' . ' `USR_PASSWORD` = \'' . md5($this->options['admin']['password']) . '\' ' . ' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', "Add 'admin' user in ProcessMaker (rb)");
|
||||
$this->run_query('UPDATE RBAC_USERS SET USR_USERNAME = \'' . mysql_real_escape_string($this->options['admin']['username']) . '\', ' . ' `USR_PASSWORD` = \'' . md5($this->options['admin']['password']) . '\' ' . ' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', "Add 'admin' user in ProcessMaker (rb)");
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -249,7 +249,6 @@ try {
|
||||
$i = $i + 1;
|
||||
}
|
||||
}
|
||||
|
||||
if (count( $arrayField ) > 0) {
|
||||
for ($i = 0; $i <= count( $arrayField ) - 1; $i ++) {
|
||||
if ($arrayFileError[$i] == 0) {
|
||||
@@ -289,15 +288,15 @@ try {
|
||||
//Get the Custom Folder ID (create if necessary)
|
||||
$oFolder = new AppFolder();
|
||||
|
||||
//***Validating the file allowed extensions***
|
||||
$res = G::verifyInputDocExtension($aID['INP_DOC_TYPE_FILE'], $_FILES["form"]["name"]["input"], $_FILES["form"]["tmp_name"]["input"]);
|
||||
if($res->status == 0){
|
||||
$message = $res->message;
|
||||
G::SendMessageText( $message, "ERROR" );
|
||||
$backUrlObj = explode( "sys" . SYS_SYS, $_SERVER['HTTP_REFERER'] );
|
||||
G::header( "location: " . "/sys" . SYS_SYS . $backUrlObj[1] );
|
||||
die();
|
||||
}
|
||||
//***Validating the file allowed extensions***
|
||||
$res = G::verifyInputDocExtension($aID['INP_DOC_TYPE_FILE'], $arrayFileName[$i], $arrayFileTmpName[$i]);
|
||||
if($res->status == 0){
|
||||
$message = $res->message;
|
||||
G::SendMessageText( $message, "ERROR" );
|
||||
$backUrlObj = explode( "sys" . SYS_SYS, $_SERVER['HTTP_REFERER'] );
|
||||
G::header( "location: " . "/sys" . SYS_SYS . $backUrlObj[1] );
|
||||
die();
|
||||
}
|
||||
|
||||
//Validate Filesize of $_FILE
|
||||
$inpDocMaxFilesize = $aID["INP_DOC_MAX_FILESIZE"];
|
||||
|
||||
@@ -175,7 +175,11 @@ if (! (isset( $fields->Fields['XMLNODE_NAME'] ) && ($fields->Fields['XMLNODE_NAM
|
||||
}
|
||||
if ($tableExists) {
|
||||
$con = Propel::getConnection( $Fields['PME_SQLCONNECTION'] );
|
||||
$rs = $con->executeQuery( "SHOW COLUMNS FROM USERS" );
|
||||
if ($Fields['PME_SQLCONNECTION'] == 'rbac') {
|
||||
$rs = $con->executeQuery( "SHOW COLUMNS FROM RBAC_USERS" );
|
||||
} else {
|
||||
$rs = $con->executeQuery( "SHOW COLUMNS FROM USERS" );
|
||||
}
|
||||
$result = Array ();
|
||||
$i = 0;
|
||||
while ($rs->next()) {
|
||||
|
||||
@@ -102,12 +102,12 @@ try {
|
||||
if (PPP_FAILED_LOGINS > 0) {
|
||||
if ($_SESSION['FAILED_LOGINS'] >= PPP_FAILED_LOGINS) {
|
||||
$oConnection = Propel::getConnection('rbac');
|
||||
$oStatement = $oConnection->prepareStatement("SELECT USR_UID FROM USERS WHERE USR_USERNAME = '" . $usr . "'");
|
||||
$oStatement = $oConnection->prepareStatement("SELECT USR_UID FROM RBAC_USERS WHERE USR_USERNAME = '" . $usr . "'");
|
||||
$oDataset = $oStatement->executeQuery();
|
||||
if ($oDataset->next()) {
|
||||
$sUserUID = $oDataset->getString('USR_UID');
|
||||
$oConnection = Propel::getConnection('rbac');
|
||||
$oStatement = $oConnection->prepareStatement("UPDATE USERS SET USR_STATUS = 0 WHERE USR_UID = '" . $sUserUID . "'");
|
||||
$oStatement = $oConnection->prepareStatement("UPDATE RBAC_USERS SET USR_STATUS = 0 WHERE USR_UID = '" . $sUserUID . "'");
|
||||
$oStatement->executeQuery();
|
||||
$oConnection = Propel::getConnection('workflow');
|
||||
$oStatement = $oConnection->prepareStatement("UPDATE USERS SET USR_STATUS = 'INACTIVE' WHERE USR_UID = '" . $sUserUID . "'");
|
||||
|
||||
Reference in New Issue
Block a user