fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in bugfix/HOR-3768 (pull request #5997)

Browse Source 
HOR-3768

Approved-by: Julio Cesar Laura Avendaño <contact@julio-laura.com>
This commit is contained in:
David Callizaya
2017-08-22 19:15:50 +00:00
committed by Julio Cesar Laura Avendaño
parent 2a31c2b872 480488ad49
commit 30cf5568fc
9 changed files with 31 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
gulliver/bin/gulliver.php
View File

@@ -12,9 +12,6 @@ if (!PATH_THIRDPARTY) {
die("You must launch gulliver command line with the gulliver script\n"); die("You must launch gulliver command line with the gulliver script\n");
} }
// set magic_quotes_runtime to off
ini_set('magic_quotes_runtime', 'Off');
require_once(PATH_CORE . 'config' . PATH_SEP . 'environments.php'); require_once(PATH_CORE . 'config' . PATH_SEP . 'environments.php');
// trap -V before pake // trap -V before pake

1
gulliver/system/class.publisher.php
View File

@@ -125,7 +125,6 @@ class Publisher
global $G_OP_MENU; global $G_OP_MENU;
global $G_IMAGE_FILENAME; global $G_IMAGE_FILENAME;
global $G_IMAGE_PARTS; global $G_IMAGE_PARTS;
global $_SESSION; //Changed from $HTTP_SESSION_VARS
global $G_OBJGRAPH; //For graphLayout component global $G_OBJGRAPH; //For graphLayout component
$this->intPos = $intPos; $this->intPos = $intPos;
$Part = $this->Parts[$intPos]; $Part = $this->Parts[$intPos];

47
gulliver/system/class.table.php
View File

@@ -151,11 +151,9 @@ class Table
*/ */
public function GetSource () public function GetSource ()
{ {
global $HTTP_GET_VARS;
global $HTTP_SESSION_VARS;
$stOrderByDir = $this->DefaultOrderDir; $stOrderByDir = $this->DefaultOrderDir;
if (isset( $HTTP_SESSION_VARS['OrderDir'] ) && ($HTTP_SESSION_VARS['OrderDir'] == 'DESC' || $HTTP_SESSION_VARS['OrderDir'] == 'ASC')) { if (isset( $_SESSION['OrderDir'] ) && ($_SESSION['OrderDir'] == 'DESC' || $_SESSION['OrderDir'] == 'ASC')) {
$stOrderByDir = $HTTP_SESSION_VARS['OrderDir']; $stOrderByDir = $_SESSION['OrderDir'];
} }
$stQry = $this->_source; $stQry = $this->_source;
@@ -164,18 +162,18 @@ class Table
} }
if ($this->_ordered == true) { if ($this->_ordered == true) {
$stOrderBy = (isset( $HTTP_GET_VARS[$this->orderprefix . 'order'] ) ? $HTTP_GET_VARS[$this->orderprefix . 'order'] : ''); $stOrderBy = (isset( $_GET[$this->orderprefix . 'order'] ) ? $_GET[$this->orderprefix . 'order'] : '');
$stOrderLb = (isset( $HTTP_GET_VARS[$this->orderprefix . 'label'] ) ? $HTTP_GET_VARS[$this->orderprefix . 'label'] : ''); $stOrderLb = (isset( $_GET[$this->orderprefix . 'label'] ) ? $_GET[$this->orderprefix . 'label'] : '');
//if( isset( $HTTP_SESSION_VARS['OrderDir'] ) && $HTTP_SESSION_VARS['OrderDir'] == $stOrderBy ) { //if( isset( $_SESSION['OrderDir'] ) && $_SESSION['OrderDir'] == $stOrderBy ) {
if ($stOrderLb) { if ($stOrderLb) {
if ($HTTP_SESSION_VARS['OrderDir'] == 'ASC') { if ($_SESSION['OrderDir'] == 'ASC') {
$stOrderByDir = 'DESC'; $stOrderByDir = 'DESC';
} elseif ($HTTP_SESSION_VARS['OrderDir'] == 'DESC') { } elseif ($_SESSION['OrderDir'] == 'DESC') {
$stOrderByDir = 'ASC'; $stOrderByDir = 'ASC';
} }
} elseif (isset( $HTTP_SESSION_VARS['OrderDir'] ) && $HTTP_SESSION_VARS['OrderDir'] != '') { } elseif (isset( $_SESSION['OrderDir'] ) && $_SESSION['OrderDir'] != '') {
$stOrderByDir = $HTTP_SESSION_VARS['OrderDir']; $stOrderByDir = $_SESSION['OrderDir'];
} else { } else {
$stOrderByDir = $this->DefaultOrderDir; $stOrderByDir = $this->DefaultOrderDir;
} }
@@ -202,12 +200,12 @@ class Table
//print $stQry; //print $stQry;
$HTTP_SESSION_VARS['OrderBy'] = isset( $stOrderBy ) ? $stOrderBy : ''; $_SESSION['OrderBy'] = isset( $stOrderBy ) ? $stOrderBy : '';
$HTTP_SESSION_VARS['OrderDir'] = $stOrderByDir; $_SESSION['OrderDir'] = $stOrderByDir;
$page = (isset( $HTTP_GET_VARS["page"] ) ? $HTTP_GET_VARS["page"] : ''); $page = (isset( $_GET["page"] ) ? $_GET["page"] : '');
$tr = (isset( $HTTP_SESSION_VARS['TP'] ) ? $HTTP_SESSION_VARS['TP'] : ''); $tr = (isset( $_SESSION['TP'] ) ? $_SESSION['TP'] : '');
$desde = 0; $desde = 0;
@@ -240,15 +238,13 @@ class Table
*/ */
public function TotalCount () public function TotalCount ()
{ {
global $HTTP_GET_VARS;
global $HTTP_SESSION_VARS;
$stQry = $this->_source; $stQry = $this->_source;
if ($this->WhereClause != "") { if ($this->WhereClause != "") {
$stQry .= " WHERE " . $this->WhereClause; $stQry .= " WHERE " . $this->WhereClause;
} }
if ($this->_ordered == true) { if ($this->_ordered == true) {
$stOrderBy = (isset( $HTTP_GET_VARS[$this->orderprefix . 'order'] ) ? $HTTP_GET_VARS[$this->orderprefix . 'order'] : ''); $stOrderBy = (isset( $_GET[$this->orderprefix . 'order'] ) ? $_GET[$this->orderprefix . 'order'] : '');
if ($stOrderBy == "") { if ($stOrderBy == "") {
if ($this->DefaultOrder != "") { if ($this->DefaultOrder != "") {
$stQry .= " ORDER BY " . $this->DefaultOrder; $stQry .= " ORDER BY " . $this->DefaultOrder;
@@ -454,7 +450,6 @@ class Table
if (! defined( 'ENABLE_ENCRYPT' )) { if (! defined( 'ENABLE_ENCRYPT' )) {
define( 'ENABLE_ENCRYPT', 'no' ); define( 'ENABLE_ENCRYPT', 'no' );
} }
global $HTTP_SESSION_VARS;
$col = $this->Columns[$intPos]; $col = $this->Columns[$intPos];
$order = ! ($col["Type"] == "image"); $order = ! ($col["Type"] == "image");
if ($this->_ordered == true && $order) { if ($this->_ordered == true && $order) {
@@ -494,7 +489,6 @@ class Table
*/ */
public function RenderTitle_ajax ($pa, $intPos = 1, $strClass = "tblHeader") public function RenderTitle_ajax ($pa, $intPos = 1, $strClass = "tblHeader")
{ {
global $HTTP_SESSION_VARS;
$col = $this->Columns[$intPos]; $col = $this->Columns[$intPos];
$order = ! (($col["Type"] == "image") || ($col["Type"] == "jsimglink")); $order = ! (($col["Type"] == "image") || ($col["Type"] == "jsimglink"));
@@ -511,8 +505,8 @@ class Table
$res .= "Javascript:changetableOrder('$_temp_var',$pa)"; $res .= "Javascript:changetableOrder('$_temp_var',$pa)";
//$res .= $_SERVER['REDIRECT_URL'] . "?order=" . $this->Columns[$intPos]['Name']."&page=".$pa."&label=true"; //$res .= $_SERVER['REDIRECT_URL'] . "?order=" . $this->Columns[$intPos]['Name']."&page=".$pa."&label=true";
$res .= "\">" . $this->Labels[$intPos] . "</a>"; $res .= "\">" . $this->Labels[$intPos] . "</a>";
if ($HTTP_SESSION_VARS['OrderBy'] == $this->Columns[$intPos]['Name']) { if ($_SESSION['OrderBy'] == $this->Columns[$intPos]['Name']) {
if ($HTTP_SESSION_VARS['OrderDir'] == 'DESC') { if ($_SESSION['OrderDir'] == 'DESC') {
$res .= "&nbsp;<img src='/images/arrow_order_desc.gif' border=0>"; $res .= "&nbsp;<img src='/images/arrow_order_desc.gif' border=0>";
} else { } else {
$res .= "&nbsp;<img src='/images/arrow_order_asc.gif' border=0>"; $res .= "&nbsp;<img src='/images/arrow_order_asc.gif' border=0>";
@@ -548,7 +542,6 @@ class Table
if (! defined( 'ENABLE_ENCRYPT' )) { if (! defined( 'ENABLE_ENCRYPT' )) {
define( 'ENABLE_ENCRYPT', 'no' ); define( 'ENABLE_ENCRYPT', 'no' );
} }
global $HTTP_SESSION_VARS;
if ($auxgetval == '') { if ($auxgetval == '') {
$targ = SYS_TARGET . ".html"; $targ = SYS_TARGET . ".html";
@@ -895,7 +888,7 @@ class Table
break; break;
case "$": case "$":
$vname = substr( $col["Content"], 1, (strlen( $col["Content"] ) - 1) ); $vname = substr( $col["Content"], 1, (strlen( $col["Content"] ) - 1) );
$lval = $HTTP_SESSION_VARS[$vname]; $lval = $_SESSION[$vname];
$res .= "<a class='$strClassLink' href=\"" . $col["Target"] . "/" . $lval . ".html\" " . $col['Extra'] . ">"; $res .= "<a class='$strClassLink' href=\"" . $col["Target"] . "/" . $lval . ".html\" " . $col['Extra'] . ">";
$res .= $val; $res .= $val;
$res .= "</a" . $col['Extra'] . ">"; $res .= "</a" . $col['Extra'] . ">";
@@ -938,7 +931,7 @@ class Table
break; break;
case "$": case "$":
$vname = substr( $col["Content"], 1, (strlen( $col["Content"] ) - 1) ); $vname = substr( $col["Content"], 1, (strlen( $col["Content"] ) - 1) );
$lval = $HTTP_SESSION_VARS[$vname]; $lval = $_SESSION[$vname];
$res .= "<a class='$strClassLink' href=\"" . $col["Target"] . "/" . $lval . ".html\" target=\"_new\"" . $col['Extra'] . ">"; $res .= "<a class='$strClassLink' href=\"" . $col["Target"] . "/" . $lval . ".html\" target=\"_new\"" . $col['Extra'] . ">";
$res .= $val; $res .= $val;
$res .= "</a" . $col['Extra'] . ">"; $res .= "</a" . $col['Extra'] . ">";
@@ -969,7 +962,7 @@ class Table
break; break;
case "$": case "$":
$vname = substr( $col["Content"], 1, (strlen( $col["Content"] ) - 1) ); $vname = substr( $col["Content"], 1, (strlen( $col["Content"] ) - 1) );
$lval = $HTTP_SESSION_VARS[$vname]; $lval = $_SESSION[$vname];
$res .= "<a class='$strClassLink' href=\"" . $col["Target"] . "/" . $lval . ".html\" " . $col['Extra'] . ">"; $res .= "<a class='$strClassLink' href=\"" . $col["Target"] . "/" . $lval . ".html\" " . $col['Extra'] . ">";
$res .= $val; $res .= $val;
$res .= "</a" . $col['Extra'] . ">"; $res .= "</a" . $col['Extra'] . ">";
@@ -1010,7 +1003,7 @@ class Table
break; break;
case "$": case "$":
$vname = substr( $col["Content"], 1, (strlen( $col["Content"] ) - 1) ); $vname = substr( $col["Content"], 1, (strlen( $col["Content"] ) - 1) );
$lval = $HTTP_SESSION_VARS[$vname]; $lval = $_SESSION[$vname];
$res .= "<a class='$strClassLink' href=\"javascript:" . $col["Target"] . "('" . $lval . "')\"" . $col['Extra'] . ">"; $res .= "<a class='$strClassLink' href=\"javascript:" . $col["Target"] . "('" . $lval . "')\"" . $col['Extra'] . ">";
$res .= $val; $res .= $val;
$res .= "</a" . $col['Extra'] . ">"; $res .= "</a" . $col['Extra'] . ">";

15
workflow/engine/includes/inc.application.php
View File

@@ -27,17 +27,16 @@ class App
{ {
function ForceLogin() function ForceLogin()
{ {
global $HTTP_SESSION_VARS;
global $G_MAIN_MENU; global $G_MAIN_MENU;
global $G_SUB_MENU; global $G_SUB_MENU;
if( $HTTP_SESSION_VARS['LOGGED_IN'] == false) if( $_SESSION['LOGGED_IN'] == false)
{ {
header( "location: /sys/" . SYS_LANG . "/" . SYS_SKIN . "/login/login.html" ); header( "location: /sys/" . SYS_LANG . "/" . SYS_SKIN . "/login/login.html" );
die(); die();
} }
else else
{ {
$cmptype = $HTTP_SESSION_VARS['USER_TYPE']; $cmptype = $_SESSION['USER_TYPE'];
switch( $cmptype ) switch( $cmptype )
{ {
case 'BUYER': case 'BUYER':
@@ -70,9 +69,8 @@ class App
function GetPartnerStatus() function GetPartnerStatus()
{ {
global $HTTP_SESSION_VARS; $slipid = $_SESSION['CURRENT_SLIP'];
$slipid = $HTTP_SESSION_VARS['CURRENT_SLIP']; $partnerid = $_SESSION['CURRENT_PARTNER'];
$partnerid = $HTTP_SESSION_VARS['CURRENT_PARTNER'];
$mdbc = new DBConnection(); $mdbc = new DBConnection();
@@ -90,9 +88,8 @@ class App
function SetPartnerStatus( $intStatus = 0 ) function SetPartnerStatus( $intStatus = 0 )
{ {
global $HTTP_SESSION_VARS; $slipid = $_SESSION['CURRENT_SLIP'];
$slipid = $HTTP_SESSION_VARS['CURRENT_SLIP']; $partnerid = $_SESSION['CURRENT_PARTNER'];
$partnerid = $HTTP_SESSION_VARS['CURRENT_PARTNER'];
$mdbc = new DBConnection(); $mdbc = new DBConnection();

3
workflow/engine/includes/inc.dynaForms.php
View File

@@ -169,7 +169,6 @@ function saveXml(){
global $tree; global $tree;
global $header; global $header;
global $filename; global $filename;
global $HTTP_POST_VARS;
global $curDir; global $curDir;
global $onlyName; global $onlyName;
@@ -181,7 +180,7 @@ function saveXml(){
$aux = explode ( '/', $filename); $aux = explode ( '/', $filename);
$onlyName = $aux[count($aux)-1]; $onlyName = $aux[count($aux)-1];
$curDir = $HTTP_POST_VARS['curDir']; $curDir = $_POST['curDir'];
fputs ($fp,"<dynaForm name=\"$onlyName\" basedir=\"$curDir\">$tree->value\n"); fputs ($fp,"<dynaForm name=\"$onlyName\" basedir=\"$curDir\">$tree->value\n");

3
workflow/engine/menus/rbac.appEdit.php
View File

@@ -24,8 +24,7 @@
*/ */
global $G_TMP_MENU; global $G_TMP_MENU;
global $HTTP_SESSION_VARS; $appid = $_SESSION['CURRENT_APPLICATION'];
$appid = $HTTP_SESSION_VARS['CURRENT_APPLICATION'];
$G_TMP_MENU->AddIdRawOption( "OP1", "rbac/appList.html" ); $G_TMP_MENU->AddIdRawOption( "OP1", "rbac/appList.html" );
$G_TMP_MENU->AddIdRawOption( "OP2", "rbac/appDel.html" ); $G_TMP_MENU->AddIdRawOption( "OP2", "rbac/appDel.html" );

1
workflow/engine/menus/rbac.appView.php
View File

@@ -24,7 +24,6 @@
*/ */
global $G_TMP_MENU; global $G_TMP_MENU;
global $HTTP_SESSION_VARS;
$G_TMP_MENU->AddIdRawOption( "OP1", "rbac/roleList.html" ); $G_TMP_MENU->AddIdRawOption( "OP1", "rbac/roleList.html" );
$G_TMP_MENU->AddIdRawOption( "OP2", "rbac/permList.html" ); $G_TMP_MENU->AddIdRawOption( "OP2", "rbac/permList.html" );

2
workflow/engine/methods/controls/buscador2.php
View File

@@ -19,7 +19,7 @@ this program. If not, see
* *
*/ */
<?php <?php
$frm = $HTTP_POST_VARS; $frm = $_POST;
$dbc = new dbconnection(); $dbc = new dbconnection();
$ses = new DBSession( $dbc ); $ses = new DBSession( $dbc );

25
workflow/engine/templates/testAuthenticationUser.php
View File

@@ -1,27 +1,4 @@
<?php <?php
/**
* testAuthenticationUser.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*
*/
$strPass = $_POST['form'][PASS]; $strPass = $_POST['form'][PASS];
@@ -35,7 +12,7 @@
$tpl->assign( "STYLE_CSS" , STYLE_CSS ); $tpl->assign( "STYLE_CSS" , STYLE_CSS );
$tpl->assign( "title" , $G_TABLE->title ); $tpl->assign( "title" , $G_TABLE->title );
$curAuthSource = $HTTP_SESSION_VARS['CURRENT_AUTH_SOURCE']; $curAuthSource = $_SESSION['CURRENT_AUTH_SOURCE'];
$dbc = new DBConnection(DB_HOST, DB_RBAC_USER, DB_RBAC_PASS, DB_RBAC_NAME ); $dbc = new DBConnection(DB_HOST, DB_RBAC_USER, DB_RBAC_PASS, DB_RBAC_NAME );
//Class user //Class user