From 2929e8ac3e124a1cb0a560539a5d15d0f5eee350 Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Thu, 28 Mar 2019 13:00:34 -0400 Subject: [PATCH] PMC-557 --- gulliver/system/class.g.php | 1 - .../cases/cases_ShowOutputDocument.php | 6 +-- workflow/engine/methods/cases/cases_Step.php | 3 +- .../BusinessModel/Cases/OutputDocument.php | 3 +- .../engine/src/ProcessMaker/Util/helpers.php | 44 +++++++++++++++++++ 5 files changed, 51 insertions(+), 6 deletions(-) diff --git a/gulliver/system/class.g.php b/gulliver/system/class.g.php index 1bd148d44..60207b1be 100644 --- a/gulliver/system/class.g.php +++ b/gulliver/system/class.g.php @@ -3225,7 +3225,6 @@ class G '/Ö/' => 'Oe', '/ß/' => 'ss', '/[\.|\,|\+|\"|\:|\;|\-|\\|\/]/' => " ", - '/\\\\/' => $replacement, '/\\s+/' => $replacement); $map = array_merge($default, $map); diff --git a/workflow/engine/methods/cases/cases_ShowOutputDocument.php b/workflow/engine/methods/cases/cases_ShowOutputDocument.php index 0d3dec2dd..a824cc55d 100644 --- a/workflow/engine/methods/cases/cases_ShowOutputDocument.php +++ b/workflow/engine/methods/cases/cases_ShowOutputDocument.php @@ -77,8 +77,8 @@ if (defined('DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION') && DISABLE_DOWNLOAD } } - -$info = pathinfo(G::inflect($oAppDocument->getAppDocFilename())); +$docFileName = fixContentDispositionFilename($oAppDocument->getAppDocFilename()); +$info = pathinfo($docFileName); if (!isset($_GET['ext'])) { $ext = $info['extension']; } else { @@ -133,7 +133,7 @@ if (!$sw_file_exists) { $res['message'] = $info['basename'] . $ver . '.' . $ext; print G::json_encode($res); } else { - $nameFile = G::inflect($info['basename'] . $ver) . '.' . $ext; + $nameFile = $info['basename'] . $ver . '.' . $ext; $licensedFeatures = PMLicensedFeatures::getSingleton(); $downloadStatus = false; /*----------------------------------********---------------------------------*/ diff --git a/workflow/engine/methods/cases/cases_Step.php b/workflow/engine/methods/cases/cases_Step.php index fd11b5bf3..e782d171d 100644 --- a/workflow/engine/methods/cases/cases_Step.php +++ b/workflow/engine/methods/cases/cases_Step.php @@ -444,7 +444,8 @@ try { } //END: If there is a Break Step registered from Plugin - $sFilenameOriginal = $sFilename = preg_replace('[^A-Za-z0-9_]', '_', G::replaceDataField($aOD['OUT_DOC_FILENAME'], $Fields['APP_DATA'])); + $outDocFile = replacePrefixes($aOD['OUT_DOC_FILENAME']); + $sFilenameOriginal = $sFilename = preg_replace('[^A-Za-z0-9_]', '_', G::replaceDataField($outDocFile, $Fields['APP_DATA'])); //Get the Custom Folder ID (create if necessary) $oFolder = new AppFolder(); diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Cases/OutputDocument.php b/workflow/engine/src/ProcessMaker/BusinessModel/Cases/OutputDocument.php index ee9750850..01652bfd9 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/Cases/OutputDocument.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/Cases/OutputDocument.php @@ -451,7 +451,8 @@ class OutputDocument $oOutputDocument = new \OutputDocument(); $aOD = $oOutputDocument->load($outputID); $Fields = $oCase->loadCase($sApplication); - $sFilename = preg_replace('[^A-Za-z0-9_]', '_', \G::replaceDataField($aOD['OUT_DOC_FILENAME'], $Fields['APP_DATA'])); + $outDocFile = replacePrefixes($aOD['OUT_DOC_FILENAME']); + $sFilename = preg_replace('[^A-Za-z0-9_]', '_', \G::replaceDataField($outDocFile, $Fields['APP_DATA'])); require_once(PATH_TRUNK . "workflow" . PATH_SEP . "engine" . PATH_SEP . "classes" . PATH_SEP . "model" . PATH_SEP . "AppFolder.php"); require_once(PATH_TRUNK . "workflow" . PATH_SEP . "engine" . PATH_SEP . "classes" . PATH_SEP . "model" . PATH_SEP . "AppDocument.php"); //Get the Custom Folder ID (create if necessary) diff --git a/workflow/engine/src/ProcessMaker/Util/helpers.php b/workflow/engine/src/ProcessMaker/Util/helpers.php index 8c96d7e53..58afa158e 100644 --- a/workflow/engine/src/ProcessMaker/Util/helpers.php +++ b/workflow/engine/src/ProcessMaker/Util/helpers.php @@ -431,6 +431,50 @@ function arrayDiffRecursive(array $array1, array $array2) return $difference; } +/** + * Replace all supported variables prefixes to the prefix sent + * + * @param string $outDocFilename + * @param string $prefix + * + * @return string + * + * @see cases_Step.php + * @see \ProcessMaker\BusinessModel\Cases\OutputDocument::addCasesOutputDocument() + * @link https://wiki.processmaker.com/3.2/Triggers#Typing_rules_for_Case_Variables + */ +function replacePrefixes($outDocFilename, $prefix = '@=') +{ + $outDocFile = str_replace(['@@', '@#', '@=', '@%', '@?', '@$', '@&', '@Q', '@q', '@!'], $prefix, $outDocFilename); + + return $outDocFile; +} + +/** + * Encoding header filename used in Content-Disposition + * + * @param string $fileName + * @param string $replacement + * + * @return string + * + * @see cases_Step.php + * @see \ProcessMaker\BusinessModel\Cases\OutputDocument::addCasesOutputDocument() + */ +function fixContentDispositionFilename($fileName, $replacement = '_') +{ + //(double quote) has to be removed + //(forward slash) has to replaced by underscore + //(backslash) has to replaced by underscore + $default = [ + '/[\"]/' => '', + '/[\\|\/]/' => $replacement, + '/\\\\/' => $replacement + ]; + + return preg_replace(array_keys($default), array_values($default), $fileName); +} + /** * Get the current user CSRF token. *