fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in ronald-quentaprocessmaker/processmaker/HOR-1765 (pull request #4855)

Browse Source 
HOR-1765
This commit is contained in:
David Callizaya
2016-09-05 17:25:10 -04:00
parent c1b9d18a3d ae7d965684
commit 229f6d806f
4 changed files with 20 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
gulliver/system/class.g.php
View File

@@ -31,6 +31,7 @@
class G class G
{ {
const hashFx = 'md5'; const hashFx = 'md5';
const hash = 'hash';
const hashFile = 'md5_file'; const hashFile = 'md5_file';
const hashCrc = 'crc32'; const hashCrc = 'crc32';
public $sessionVar = array(); //SESSION temporary array store. public $sessionVar = array(); //SESSION temporary array store.
@@ -5730,6 +5731,18 @@ class G
$consthashFx = self::hashFx; $consthashFx = self::hashFx;
return $consthashFx($string); return $consthashFx($string);
} }
/**
* encryptSha
*
* @param string $string
*
* @return sha256($string)
*/
public static function encryptHash($string)
{
$consthash = self::hash;
return $consthash('sha256', $string);
}
/** /**
* encryptFileOld * encryptFileOld
* *

4
workflow/engine/classes/class.Installer.php
View File

@@ -469,12 +469,12 @@ class Installer
// The mysql_escape_string function has been DEPRECATED as of PHP 5.3.0. // The mysql_escape_string function has been DEPRECATED as of PHP 5.3.0.
// $this->run_query('UPDATE USERS SET USR_USERNAME = \''.mysql_escape_string($this->options['admin']['username']).'\', `USR_PASSWORD` = \''.md5($this->options['admin']['password']).'\' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', // $this->run_query('UPDATE USERS SET USR_USERNAME = \''.mysql_escape_string($this->options['admin']['username']).'\', `USR_PASSWORD` = \''.md5($this->options['admin']['password']).'\' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1',
// "Add 'admin' user in ProcessMaker (wf)"); // "Add 'admin' user in ProcessMaker (wf)");
$this->run_query('UPDATE USERS SET USR_USERNAME = \'' . mysql_real_escape_string($this->options['admin']['username']) . '\', ' . ' `USR_PASSWORD` = \'' . G::encryptOld($this->options['admin']['password']) . '\' ' . ' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', "Add 'admin' user in ProcessMaker (wf)"); $this->run_query('UPDATE USERS SET USR_USERNAME = \'' . mysql_real_escape_string($this->options['admin']['username']) . '\', ' . ' `USR_PASSWORD` = \'' . G::encryptHash($this->options['admin']['password']) . '\' ' . ' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', "Add 'admin' user in ProcessMaker (wf)");
mysql_select_db($this->rbac_site_name, $this->connection_database); mysql_select_db($this->rbac_site_name, $this->connection_database);
// The mysql_escape_string function has been DEPRECATED as of PHP 5.3.0. // The mysql_escape_string function has been DEPRECATED as of PHP 5.3.0.
// $this->run_query('UPDATE USERS SET USR_USERNAME = \''.mysql_escape_string($this->options['admin']['username']).'\', `USR_PASSWORD` = \''.md5($this->options['admin']['password']).'\' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', // $this->run_query('UPDATE USERS SET USR_USERNAME = \''.mysql_escape_string($this->options['admin']['username']).'\', `USR_PASSWORD` = \''.md5($this->options['admin']['password']).'\' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1',
// "Add 'admin' user in ProcessMaker (rb)"); // "Add 'admin' user in ProcessMaker (rb)");
$this->run_query('UPDATE RBAC_USERS SET USR_USERNAME = \'' . mysql_real_escape_string($this->options['admin']['username']) . '\', ' . ' `USR_PASSWORD` = \'' . G::encryptOld($this->options['admin']['password']) . '\' ' . ' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', "Add 'admin' user in ProcessMaker (rb)"); $this->run_query('UPDATE RBAC_USERS SET USR_USERNAME = \'' . mysql_real_escape_string($this->options['admin']['username']) . '\', ' . ' `USR_PASSWORD` = \'' . G::encryptHash($this->options['admin']['password']) . '\' ' . ' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', "Add 'admin' user in ProcessMaker (rb)");
} }
/** /**

8
workflow/engine/controllers/installer.php
View File

@@ -853,10 +853,10 @@ class Installer extends Controller
$query = sprintf( "USE %s;", $wf_workpace ); $query = sprintf( "USE %s;", $wf_workpace );
$this->mysqlQuery( $query ); $this->mysqlQuery( $query );
$query = sprintf( "UPDATE USERS SET USR_USERNAME = '%s', USR_LASTNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, $adminUsername, G::encryptOld( $adminPassword ) ); $query = sprintf( "UPDATE USERS SET USR_USERNAME = '%s', USR_LASTNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, $adminUsername, G::encryptHash( $adminPassword ) );
$this->mysqlQuery( $query ); $this->mysqlQuery( $query );
$query = sprintf( "UPDATE RBAC_USERS SET USR_USERNAME = '%s', USR_LASTNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, $adminUsername, G::encryptOld( $adminPassword ) ); $query = sprintf( "UPDATE RBAC_USERS SET USR_USERNAME = '%s', USR_LASTNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, $adminUsername, G::encryptHash( $adminPassword ) );
$this->mysqlQuery( $query ); $this->mysqlQuery( $query );
// Write the paths_installed.php file (contains all the information configured so far) // Write the paths_installed.php file (contains all the information configured so far)
@@ -1160,13 +1160,13 @@ class Installer extends Controller
$query = sprintf( "USE %s;", $wf ); $query = sprintf( "USE %s;", $wf );
$this->mssqlQuery( $query ); $this->mssqlQuery( $query );
$query = sprintf( "UPDATE USERS SET USR_USERNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, G::encryptOld( $adminPassword ) ); $query = sprintf( "UPDATE USERS SET USR_USERNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, G::encryptHash( $adminPassword ) );
$this->mssqlQuery( $query ); $this->mssqlQuery( $query );
$query = sprintf( "USE %s;", $wf ); $query = sprintf( "USE %s;", $wf );
$this->mssqlQuery( $query ); $this->mssqlQuery( $query );
$query = sprintf( "UPDATE RBAC_USERS SET USR_USERNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, G::encryptOld( $adminPassword ) ); $query = sprintf( "UPDATE RBAC_USERS SET USR_USERNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, G::encryptHash( $adminPassword ) );
$this->mssqlQuery( $query ); $this->mssqlQuery( $query );
// Write the paths_installed.php file (contains all the information configured so far) // Write the paths_installed.php file (contains all the information configured so far)

1
workflow/engine/data/mysql/insert.sql
View File

@@ -61526,6 +61526,7 @@ INSERT INTO DASHLET_INSTANCE (DAS_INS_UID,DAS_UID,DAS_INS_OWNER_TYPE,DAS_INS_OWN
INSERT INTO CONFIGURATION (CFG_UID,OBJ_UID,CFG_VALUE,PRO_UID,USR_UID,APP_UID) VALUES INSERT INTO CONFIGURATION (CFG_UID,OBJ_UID,CFG_VALUE,PRO_UID,USR_UID,APP_UID) VALUES
('ENVIRONMENT_SETTINGS','','a:1:{s:18:"directoryStructure";i:2;}','','',''), ('ENVIRONMENT_SETTINGS','','a:1:{s:18:"directoryStructure";i:2;}','','',''),
('ENTERPRISE_SETTING_ENCRYPT','','a:2:{s:7:"current";s:6:"sha256";s:8:"previous";s:3:"md5";}','','',''),
('MIGRATED_LIST','list','true','list','list','list'), ('MIGRATED_LIST','list','true','list','list','list'),
('MIGRATED_LIST_UNASSIGNED','list','true','list','list','list'), ('MIGRATED_LIST_UNASSIGNED','list','true','list','list','list'),
('SKIN_CRON','','s:10:"neoclassic";','','',''), ('SKIN_CRON','','s:10:"neoclassic";','','',''),