diff --git a/gulliver/bin/tasks/pakeGulliver.php b/gulliver/bin/tasks/pakeGulliver.php index d5886da8f..1a8814f44 100755 --- a/gulliver/bin/tasks/pakeGulliver.php +++ b/gulliver/bin/tasks/pakeGulliver.php @@ -2066,7 +2066,7 @@ function run_workspace_backup($task, $args) { //new db restore rotines, by Erik on May 17th, 2010 //set the temporal directory for all tables into wf, rb, and rp databases - $tmpDir = G::getSysTemDir() . PATH_SEP . 'pmDbBackup' . PATH_SEP; + $tmpDir = G::sys_get_temp_dir() . PATH_SEP . 'pmDbBackup' . PATH_SEP; //create the db maintenance temporal dir G::mk_dir($tmpDir); diff --git a/gulliver/system/class.g.php b/gulliver/system/class.g.php index f99d95c47..01ab1e362 100755 --- a/gulliver/system/class.g.php +++ b/gulliver/system/class.g.php @@ -914,6 +914,12 @@ class G */ function parseURI($uri, $config = array()) { + //*** process the $_POST with magic_quotes enabled + // The magic_quotes_gpc feature has been DEPRECATED as of PHP 5.3.0. + if (get_magic_quotes_gpc() === 1) { + $_POST = G::strip_slashes($_POST); + } + $aRequestUri = explode('/', $uri ); if ( substr ( $aRequestUri[1], 0, 3 ) == 'sys' ) { @@ -992,6 +998,42 @@ class G } } + function strip_slashes($vVar) { + if (is_array($vVar)) { + foreach($vVar as $sKey => $vValue) { + if (is_array($vValue)) { + G::strip_slashes($vVar[$sKey]); + } + else { + $vVar[$sKey] = stripslashes($vVar[$sKey]); + } + } + } + else { + $vVar = stripslashes($vVar); + } + + return $vVar; + } + + /** + * function to calculate the time used to render a page + */ + function logTimeByPage() + { + if (!defined(PATH_DATA)) { + return false; + } + + $serverAddr = $_SERVER['SERVER_ADDR']; + global $startingTime; + $endTime = microtime(true); + $time = $endTime - $startingTime; + $fpt= fopen ( PATH_DATA . 'log/time.log', 'a' ); + fwrite( $fpt, sprintf ( "%s.%03d %15s %s %5.3f %s\n", date('Y-m-d H:i:s'), $time, getenv('REMOTE_ADDR'), substr($serverAddr,-4), $time, $_SERVER['REQUEST_URI'] )); + fclose( $fpt); + } + /** * streaming a big JS file with small js files * @@ -3138,7 +3180,7 @@ $output = $outputHeader.$output; * Get the temporal directory path on differents O.S. i.e. /temp -> linux, C:/Temp -> win * @author */ - function getSysTemDir() { + function sys_get_temp_dir() { if ( !function_exists('sys_get_temp_dir') ){ // Based on http://www.phpit.net/ // article/creating-zip-tar-archives-dynamically-php/2/ @@ -4922,6 +4964,56 @@ function getDirectorySize($path,$maxmtime=0) file_put_contents($file, $content); } + function verifyWriteAccess($resources) + { + $noWritable = array(); + foreach ($resources as $i => $resource) { + if (!is_writable($resource)) { + $noWritable[] = $resource; + } + } + + if (count($noWritable) > 0) { + $e = new Exception("Write access not allowed for ProcessMaker resources"); + $e->files = $noWritable; + throw $e; + } + } + + function renderTemplate($template, $data=array()) + { + if (!defined('PATH_THIRDPARTY')) { + throw new Exception('System constant (PATH_THIRDPARTY) is not defined!'); + } + + require_once PATH_THIRDPARTY . 'smarty/libs/Smarty.class.php'; + + $smarty = new Smarty(); + $smarty->compile_dir = G::sys_get_temp_dir(); + $smarty->cache_dir = G::sys_get_temp_dir(); + $smarty->config_dir = PATH_THIRDPARTY . 'smarty/configs'; + + $smarty->template_dir = PATH_TEMPLATE; + $smarty->force_compile = true; + + foreach ($data as $key => $value) { + $smarty->assign($key, $value); + } + + $smarty->display("$template.tpl"); + } + + function parseTemplate($template, $data=array()) + { + $content = ''; + + ob_start(); + G::renderTemplate($template, $data); + $content = ob_get_contents(); + ob_get_clean(); + + return $content; + } }; /** diff --git a/gulliver/templates/write_access_denied.exception.tpl b/gulliver/templates/write_access_denied.exception.tpl new file mode 100644 index 000000000..52c0fd37f --- /dev/null +++ b/gulliver/templates/write_access_denied.exception.tpl @@ -0,0 +1,82 @@ + + + + + + Whoops, looks like something went wrong. + + + +
+

ProcessMaker Start, looks like something went wrong.

+

+ RuntimeException: + Unable to write on ProcessMaker directories, change permissions to run properly.

+
+
+
    + {foreach from=$files item=file} +
  1. at {$file} .... not writable.
    2. + {/foreach} +
+
+
+ + \ No newline at end of file diff --git a/workflow/engine/classes/class.sessions.php b/workflow/engine/classes/class.sessions.php index 23ad5d576..283ea6164 100755 --- a/workflow/engine/classes/class.sessions.php +++ b/workflow/engine/classes/class.sessions.php @@ -142,7 +142,7 @@ class Sessions { */ public function registerGlobal($name, $value) { - $this->tmpfile = G::getSysTemDir() . PATH_SEP . "pm-rg-{$this->sessionId}"; + $this->tmpfile = G::sys_get_temp_dir() . PATH_SEP . "pm-rg-{$this->sessionId}"; if($this->sessionId == NULL){ throw new Exception('session id was not set.'); @@ -180,7 +180,7 @@ class Sessions { */ public function getGlobal($name) { - $this->tmpfile = G::getSysTemDir() . PATH_SEP . "pm-rg-{$this->sessionId}"; + $this->tmpfile = G::sys_get_temp_dir() . PATH_SEP . "pm-rg-{$this->sessionId}"; if($this->sessionId == NULL){ throw new Exception('session id was not set.'); @@ -217,7 +217,7 @@ class Sessions { */ public function getGlobals() { - $this->tmpfile = G::getSysTemDir() . PATH_SEP . "pm-rg-{$this->sessionId}"; + $this->tmpfile = G::sys_get_temp_dir() . PATH_SEP . "pm-rg-{$this->sessionId}"; if($this->sessionId == NULL){ throw new Exception('session id was not set.'); @@ -250,7 +250,7 @@ class Sessions { if($this->sessionId == NULL){ throw new Exception('session id was not set.'); } - $this->tmpfile = G::getSysTemDir() . PATH_SEP . "pm-rg-{$this->sessionId}"; + $this->tmpfile = G::sys_get_temp_dir() . PATH_SEP . "pm-rg-{$this->sessionId}"; @unlink($this->tmpfile); } diff --git a/workflow/engine/methods/setup/webServicesAjax.php b/workflow/engine/methods/setup/webServicesAjax.php index 2de37b245..3f1c2bfac 100755 --- a/workflow/engine/methods/setup/webServicesAjax.php +++ b/workflow/engine/methods/setup/webServicesAjax.php @@ -1240,8 +1240,8 @@ case "removeUserFromGroup" : if ( isset($_FILES['form']) ) { foreach ($_FILES['form']['name'] as $sFieldName => $vValue) { if ( $_FILES['form']['error'][$sFieldName] == 0 ){ - file_put_contents(G::getSysTemDir().PATH_SEP.$_FILES['form']['name'][$sFieldName], file_get_contents($_FILES['form']['tmp_name'][$sFieldName])); - $filename = G::getSysTemDir().PATH_SEP.$_FILES['form']['name'][$sFieldName]; + file_put_contents(G::sys_get_temp_dir().PATH_SEP.$_FILES['form']['name'][$sFieldName], file_get_contents($_FILES['form']['tmp_name'][$sFieldName])); + $filename = G::sys_get_temp_dir().PATH_SEP.$_FILES['form']['name'][$sFieldName]; } } } diff --git a/workflow/engine/templates/index.html.tpl b/workflow/engine/templates/index.html.tpl index 239bd9aab..76347413e 100644 --- a/workflow/engine/templates/index.html.tpl +++ b/workflow/engine/templates/index.html.tpl @@ -3,6 +3,6 @@ Redirector - + \ No newline at end of file diff --git a/workflow/engine/templates/processes/webentryPost.tpl b/workflow/engine/templates/processes/webentryPost.tpl index f8e2664f3..204c1def7 100755 --- a/workflow/engine/templates/processes/webentryPost.tpl +++ b/workflow/engine/templates/processes/webentryPost.tpl @@ -36,8 +36,8 @@ if ( isset($_FILES['form']) ) { foreach ($_FILES['form']['name'] as $sFieldName => $vValue) { if ( $_FILES['form']['error'][$sFieldName] == 0 ){ - file_put_contents(G::getSysTemDir().PATH_SEP.$_FILES['form']['name'][$sFieldName], file_get_contents($_FILES['form']['tmp_name'][$sFieldName])); - $fpath = G::getSysTemDir().PATH_SEP.$_FILES['form']['name'][$sFieldName]; + file_put_contents(G::sys_get_temp_dir().PATH_SEP.$_FILES['form']['name'][$sFieldName], file_get_contents($_FILES['form']['tmp_name'][$sFieldName])); + $fpath = G::sys_get_temp_dir().PATH_SEP.$_FILES['form']['name'][$sFieldName]; if( isset($_POST['INPUTS'][$sFieldName]) && $_POST['INPUTS'][$sFieldName] != '' ){ #input file type ws_sendFile($fpath, $USR_UID, $caseId, 1, $_POST['INPUTS'][$sFieldName]); diff --git a/workflow/engine/test/unit/gulliver/classGTest.php b/workflow/engine/test/unit/gulliver/classGTest.php index 552722f7e..af767b395 100755 --- a/workflow/engine/test/unit/gulliver/classGTest.php +++ b/workflow/engine/test/unit/gulliver/classGTest.php @@ -268,7 +268,7 @@ $t->is( $methods[89] , 'pr' ,$i++. ' pr'); $t->is( $methods[90] , 'dump' ,$i++. ' dump'); $t->is( $methods[91] , 'stripCDATA' ,$i++. ' stripCDATA'); - $t->is( $methods[92] , 'getSysTemDir' ,$i++. ' getSysTemDir'); + $t->is( $methods[92] , 'sys_get_temp_dir' ,$i++. ' sys_get_temp_dir'); $t->is( $methods[93] , 'PMWSCompositeResponse' ,$i++. ' PMWSCompositeResponse'); $t->is( $methods[94] , 'emailAddress' ,$i++. ' emailAddress'); $t->is( count( $methods ) , --$i , count( $methods ).' = '.$i.' ok'); diff --git a/workflow/public_html/index.html b/workflow/public_html/index.html deleted file mode 100755 index ea8a35e25..000000000 --- a/workflow/public_html/index.html +++ /dev/null @@ -1,8 +0,0 @@ - - -Redirector - - - - - \ No newline at end of file diff --git a/workflow/public_html/sysGeneric.php b/workflow/public_html/sysGeneric.php index 2a8a288ad..625068551 100755 --- a/workflow/public_html/sysGeneric.php +++ b/workflow/public_html/sysGeneric.php @@ -1,176 +1,159 @@ . + * + * For more information, contact Colosa Inc, 2566 Le Jeune Rd., + * Coral Gables, FL, 33134, USA, or email info@colosa.com. + * + */ -//*** process the $_POST with magic_quotes enabled - function strip_slashes(&$vVar) { - if (is_array($vVar)) { - foreach($vVar as $sKey => $vValue) { - if (is_array($vValue)) { - strip_slashes($vVar[$sKey]); - } - else { - $vVar[$sKey] = stripslashes($vVar[$sKey]); - } - } - } - else { - $vVar = stripslashes($vVar); - } - } - // The magic_quotes_gpc feature has been DEPRECATED as of PHP 5.3.0. - // if (ini_get('magic_quotes_gpc') == '1') { - if (get_magic_quotes_gpc() === 1) { - strip_slashes($_POST); - } +/** + * sysGeneric - ProcessMaker Bootstrap + * this file is used initialize main variables and redirect to each and all pages + */ -//******** function to calculate the time used to render this page ***** - function logTimeByPage() { - $serverAddr = $_SERVER['SERVER_ADDR']; - global $startingTime; - $endTime = microtime(true); - $time = $endTime - $startingTime; - $fpt= fopen ( PATH_DATA . 'log/time.log', 'a' ); - fwrite( $fpt, sprintf ( "%s.%03d %15s %s %5.3f %s\n", date('Y-m-d H:i:s'), $time, getenv('REMOTE_ADDR'), substr($serverAddr,-4), $time, $_SERVER['REQUEST_URI'] )); - fclose( $fpt); - } + $startingTime = microtime(true); -//******** defining the PATH_SEP constant, he we are defining if the the path separator symbol will be '\\' or '/' ************************** + // Defining the PATH_SEP constant, he we are defining if the the path separator symbol will be '\\' or '/' define('PATH_SEP', '/'); -//***************** Defining the Home Directory ********************************* + // Defining the Home Directory $realdocuroot = str_replace('\\', '/', $_SERVER['DOCUMENT_ROOT']); - $docuroot = explode ( PATH_SEP , $realdocuroot ); - array_pop($docuroot); - $pathhome = implode( PATH_SEP, $docuroot ) . PATH_SEP; - - - //try to find automatically the trunk directory where are placed the RBAC and Gulliver directories - //in a normal installation you don't need to change it. - array_pop($docuroot); - $pathTrunk = implode( PATH_SEP, $docuroot ) . PATH_SEP ; - - array_pop($docuroot); - $pathOutTrunk = implode( PATH_SEP, $docuroot ) . PATH_SEP ; - // to do: check previous algorith for Windows $pathTrunk = "c:/home/"; - - define('PATH_HOME', $pathhome ); - define('PATH_TRUNK', $pathTrunk ); - define('PATH_OUTTRUNK', $pathOutTrunk ); - -//////////////////////////// start, from paths.php + $docuroot = explode(PATH_SEP , $realdocuroot); - /* Default configuration values (do not change these, use env.ini) */ - // $default_config = array( - // 'debug' => 0, - // 'debug_sql' => 0, - // 'debug_time' => 0, - // 'debug_calendar' => 0, - // 'wsdl_cache' => 1, - // 'memory_limit' => '100M', - // 'time_zone' => 'America/La_Paz', - // 'memcached' => 0, - // 'memcached_server' => '' - // ); + array_pop($docuroot); + $pathhome = implode(PATH_SEP, $docuroot) . PATH_SEP; - // /* Read the env.ini */ - // $env_file = realpath($pathhome . PATH_SEP . 'engine' . PATH_SEP . 'config' . PATH_SEP . 'env.ini'); - // $config = $default_config; + // try to find automatically the trunk directory where are placed the RBAC and Gulliver directories + // in a normal installation you don't need to change it. + array_pop($docuroot); + $pathTrunk = implode(PATH_SEP, $docuroot) . PATH_SEP ; + + array_pop($docuroot); + $pathOutTrunk = implode(PATH_SEP, $docuroot) . PATH_SEP ; + + define('PATH_HOME', $pathhome); + define('PATH_TRUNK', $pathTrunk); + define('PATH_OUTTRUNK', $pathOutTrunk); - // if ($env_file !== false && file_exists($env_file)) { - // $ini_contents = parse_ini_file($env_file, false); - // if ($ini_contents !== false) - // $config = array_merge($default_config, $ini_contents); - // } - //var_dump($pathhome . 'engine' . PATH_SEP . 'classes' . PATH_SEP . 'class.system.php'); die; require_once $pathhome . 'engine' . PATH_SEP . 'classes' . PATH_SEP . 'class.system.php'; $config = System::getSystemConfiguration($pathhome . 'engine' . PATH_SEP . 'config' . PATH_SEP . 'env.ini'); + $e_all = defined('E_DEPRECATED') ? E_ALL ^ E_DEPRECATED : E_ALL; -//*** Do not change any of these settings directly, use env.ini instead + // Do not change any of these settings directly, use env.ini instead ini_set('display_errors','On'); - ini_set('short_open_tag', 'on'); ini_set('asp_tags', 'on'); - // The register_globals feature has been DEPRECATED as of PHP 5.3.0. default value Off. - // ini_set('register_globals', 'off'); - ini_set('default_charset', "UTF-8"); - $e_all = defined('E_DEPRECATED') ? E_ALL ^ E_DEPRECATED : E_ALL; - ini_set('error_reporting', ($config['debug'] ? $e_all : $e_all ^ E_NOTICE) ); + ini_set('default_charset', "UTF-8"); + ini_set('error_reporting', ($config['debug'] ? $e_all : $e_all ^ E_NOTICE)); ini_set('memory_limit', $config['memory_limit']); ini_set('soap.wsdl_cache_enabled', $config['wsdl_cache']); - define ('DEBUG_SQL_LOG', $config['debug_sql'] ); - define ('DEBUG_TIME_LOG', $config['debug_time'] ); - define ('DEBUG_CALENDAR_LOG', $config['debug_calendar'] ); + define ('DEBUG_SQL_LOG', $config['debug_sql']); + define ('DEBUG_TIME_LOG', $config['debug_time']); + define ('DEBUG_CALENDAR_LOG', $config['debug_calendar']); define ('MEMCACHED_ENABLED', $config['memcached']); define ('MEMCACHED_SERVER', $config['memcached_server']); - define ('TIME_ZONE', $config['time_zone']); -//////////////////////////// end, from paths.php + // Including these files we get the PM paths and definitions (that should be just one file. + require_once $pathhome . PATH_SEP . 'engine' . PATH_SEP . 'config' . PATH_SEP . 'paths.php'; + + // Verifiying permissions processmaker writable directories + $writableDirs = array(PATH_CONFIG, PATH_XMLFORM, PATH_HTML, PATH_PLUGINS); + + if (defined('PATH_DATA')) { + $writableDirs[] = PATH_DATA; + } + if (defined('PATH_LANGUAGECONT')) { + $writableDirs[] = PATH_LANGUAGECONT; + } + + try { + G::verifyWriteAccess($writableDirs); + } + catch (Exception $e) { + G::renderTemplate('write_access_denied.exception', array('files' => $e->files)); + die(); + } + // end permissions verification -//************* Including these files we get the PM paths and definitions (that should be just one file *********** - require_once ( $pathhome . PATH_SEP . 'engine' . PATH_SEP . 'config' . PATH_SEP . 'paths.php' ); -//******************* Error handler and log error ******************* //to do: make different environments. sys - //G::setErrorHandler ( ); - //G::setFatalErrorHandler ( ); + define ('ERROR_SHOW_SOURCE_CODE', true); // enable ERROR_SHOW_SOURCE_CODE to display the source code for any WARNING OR NOTICE //define ( 'ERROR_LOG_NOTICE_ERROR', true ); //enable ERROR_LOG_NOTICE_ERROR to log Notices messages in default apache log -// ***** create headPublisher singleton ***************** + // Create headPublisher singleton G::LoadSystem('headPublisher'); $oHeadPublisher =& headPublisher::getSingleton(); -// ***** defining the maborak js file, this file is the concat of many js files and here we are including all of them **** - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/maborak.js' ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'common/core/common.js' ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'common/core/effects.js' ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'common/core/webResource.js' ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'dveditor/core/dveditor.js' ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'common/tree/tree.js' ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'json/core/json.js' ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'form/core/form.js' ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'form/core/pagedTable.js' ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'grid/core/grid.js' ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.panel.js' , true ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.validator.js', true ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.app.js' , true ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.rpc.js' , true ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.fx.js' , true ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.drag.js' , true ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.drop.js' , true ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.dom.js' , true ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.abbr.js' , true ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.dashboard.js', true ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'widgets/js-calendar/js-calendar.js' ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'widgets/suggest/bsn.AutoSuggest_2.1.3.js' ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'widgets/tooltip/pmtooltip.js' ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'thirdparty/krumo/krumo.js' ); - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'widgets/calendar/pmcalendar.js' , true ); - $oHeadPublisher->addMaborakFile( PATH_CORE . 'js' . PATH_SEP . 'cases/core/cases.js' , true ); - $oHeadPublisher->addMaborakFile( PATH_CORE . 'js' . PATH_SEP . 'cases/core/cases_Step.js', true ); - $oHeadPublisher->addMaborakFile( PATH_CORE . 'js' . PATH_SEP . 'processmap/core/processmap.js', true ); - $oHeadPublisher->addMaborakFile( PATH_CORE . 'js' . PATH_SEP . 'appFolder/core/appFolderList.js', true ); - $oHeadPublisher->addMaborakFile( PATH_THIRDPARTY . 'htmlarea/editor.js', true ); + // Defining the maborak js file, this file is the concat of many js files and here we are including all of them. + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/maborak.js' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'common/core/common.js' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'common/core/effects.js' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'common/core/webResource.js' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'dveditor/core/dveditor.js' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'common/tree/tree.js' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'json/core/json.js' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'form/core/form.js' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'form/core/pagedTable.js' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'grid/core/grid.js' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.panel.js' , true ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.validator.js', true ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.app.js' , true ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.rpc.js' , true ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.fx.js' , true ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.drag.js' , true ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.drop.js' , true ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.dom.js' , true ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.abbr.js' , true ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'maborak/core/module.dashboard.js', true ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'widgets/js-calendar/js-calendar.js' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'widgets/suggest/bsn.AutoSuggest_2.1.3.js' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'widgets/tooltip/pmtooltip.js' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'thirdparty/krumo/krumo.js' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . 'widgets/calendar/pmcalendar.js' , true ); + $oHeadPublisher->addMaborakFile(PATH_CORE . 'js' . PATH_SEP . 'cases/core/cases.js' , true ); + $oHeadPublisher->addMaborakFile(PATH_CORE . 'js' . PATH_SEP . 'cases/core/cases_Step.js', true ); + $oHeadPublisher->addMaborakFile(PATH_CORE . 'js' . PATH_SEP . 'processmap/core/processmap.js', true ); + $oHeadPublisher->addMaborakFile(PATH_CORE . 'js' . PATH_SEP . 'appFolder/core/appFolderList.js', true ); + $oHeadPublisher->addMaborakFile(PATH_THIRDPARTY . 'htmlarea/editor.js', true ); - //erik: if it is a installation instance + //check if it is a installation instance if(!defined('PATH_C')) { - $tmpDir = G::getSysTemDir(); - define('PATH_C', $tmpDir . ((substr($tmpDir, -1) == PATH_SEP)? '': PATH_SEP)); + // is a intallation instance, so we need to define PATH_C and PATH_LANGUAGECONT constants temporarily + define('PATH_C', (rtrim(G::sys_get_temp_dir(), PATH_SEP) . PATH_SEP)); define('PATH_LANGUAGECONT', PATH_HOME . 'engine/content/languages/' ); } -//************ defining Virtual URLs ****************/ + // defining Virtual URLs $virtualURITable = array(); - $virtualURITable['/plugin/(*)'] = 'plugin'; - $virtualURITable['/(sys*)/(*.js)'] = 'jsMethod'; - $virtualURITable['/js/(*)'] = PATH_GULLIVER_HOME . 'js/'; - $virtualURITable['/jscore/(*)'] = PATH_CORE . 'js/'; + $virtualURITable['/plugin/(*)'] = 'plugin'; + $virtualURITable['/(sys*)/(*.js)'] = 'jsMethod'; + $virtualURITable['/js/(*)'] = PATH_GULLIVER_HOME . 'js/'; + $virtualURITable['/jscore/(*)'] = PATH_CORE . 'js/'; + if ( defined('PATH_C') ) { - $virtualURITable['/jsform/(*.js)'] = PATH_C . 'xmlform/'; - $virtualURITable['/extjs/(*)'] = PATH_C . 'ExtJs/'; + $virtualURITable['/jsform/(*.js)'] = PATH_C . 'xmlform/'; + $virtualURITable['/extjs/(*)'] = PATH_C . 'ExtJs/'; } + $virtualURITable['/htmlarea/(*)'] = PATH_THIRDPARTY . 'htmlarea/'; $virtualURITable['/sys[a-zA-Z][a-zA-Z0-9]{0,}()/'] = 'sysNamed'; $virtualURITable['/(sys*)'] = FALSE; @@ -179,33 +162,25 @@ $virtualURITable['/controls/(*)'] = PATH_GULLIVER_HOME . 'methods/controls/'; $virtualURITable['/html2ps_pdf/(*)'] = PATH_THIRDPARTY . 'html2ps_pdf/'; $virtualURITable['/Krumo/(*)'] = PATH_THIRDPARTY . 'krumo/'; -// $virtualURITable['/codepress/(*)'] = PATH_THIRDPARTY . 'codepress/'; + //$virtualURITable['/codepress/(*)'] = PATH_THIRDPARTY . 'codepress/'; $virtualURITable['/images/'] = 'errorFile'; $virtualURITable['/skins/'] = 'errorFile'; $virtualURITable['/files/'] = 'errorFile'; + $virtualURITable['/[a-zA-Z][a-zA-Z0-9]{0,}()'] = 'sysUnnamed'; + $virtualURITable['/(*)'] = PATH_HTML; - $virtualURITable['/[a-zA-Z][a-zA-Z0-9]{0,}()'] = 'sysUnnamed'; - $virtualURITable['/(*)'] = PATH_HTML; - - - -//****** verify if we need to redirect or stream the file, if G:VirtualURI returns true means we are going to redirect the page ***** + // Verify if we need to redirect or stream the file, if G:VirtualURI returns true means we are going to redirect the page if ( G::virtualURI($_SERVER['REQUEST_URI'], $virtualURITable , $realPath )) { // review if the file requested belongs to public_html plugin if ( substr ( $realPath, 0,6) == 'plugin' ) { - /* - * By JHL Jul 14, 08 - * Another way to get the path of Plugin public_html and stream the correspondent file - * TODO: $pathsQuery will be used? - */ + // Another way to get the path of Plugin public_html and stream the correspondent file, By JHL Jul 14, 08 + // TODO: $pathsQuery will be used? $pathsQuery=""; - //Get the query side - /* - * Did we use this variable $pathsQuery for something?? - */ - $forQuery=explode("?",$realPath); - if(isset($forQuery[1])) { - $pathsQuery=$forQuery[1]; + // Get the query side + // Did we use this variable $pathsQuery for something?? + $forQuery = explode("?",$realPath); + if (isset($forQuery[1])) { + $pathsQuery = $forQuery[1]; } //Get that path in array @@ -217,51 +192,42 @@ //The other parts are the realpath into public_html (no matter how many elements) $filePath=implode(PATH_SEP,$paths); $pluginFilename = PATH_PLUGINS . $pluginFolder . PATH_SEP . 'public_html'. PATH_SEP . $filePath; + if ( file_exists ( $pluginFilename ) ) { - G::streamFile ( $pluginFilename ); + G::streamFile ( $pluginFilename ); } die; } + $requestUriArray = explode("/",$_SERVER['REQUEST_URI']); - - $requestUriArray=explode("/",$_SERVER['REQUEST_URI']); - - - if((isset($requestUriArray[1]))&&($requestUriArray[1]=='skin')) { - /* - * By JHL Feb 28, 11 - * This will allow to public images of Custom Skins - */ + if((isset($requestUriArray[1]))&&($requestUriArray[1] == 'skin')) { + // This will allow to public images of Custom Skins, By JHL Feb 28, 11 $pathsQuery=""; - //Get the query side - /* - * This way we remove garbage - */ - $forQuery=explode("?",$realPath); - if(isset($forQuery[1])) { - $pathsQuery=$forQuery[1]; + // Get the query side + // This way we remove garbage + $forQuery = explode("?",$realPath); + if (isset($forQuery[1])) { + $pathsQuery = $forQuery[1]; } //Get that path in array $paths = explode ( PATH_SEP, $forQuery[0] ); - $fileToBeStreamed=str_replace("/skin/",PATH_CUSTOM_SKINS,$_SERVER['REQUEST_URI']); if ( file_exists ( $fileToBeStreamed ) ) { - G::streamFile ( $fileToBeStreamed ); + G::streamFile ( $fileToBeStreamed ); } die; } - - - switch ( $realPath ) { + switch ($realPath) { case 'sysUnnamed' : - require_once('sysUnnamed.php'); die; + require_once('sysUnnamed.php'); + die; break; case 'sysNamed' : - header('location : ' . $_SERVER['REQUEST_URI'] . 'en/green/login/login' ); + header('location : ' . $_SERVER['REQUEST_URI'] . 'en/green/login/login' ); die; break; case 'jsMethod' : @@ -272,7 +238,7 @@ break; case 'errorFile': header ("location: /errors/error404.php?url=" . urlencode($_SERVER['REQUEST_URI'])); - if ( DEBUG_TIME_LOG ) logTimeByPage(); //log this page + if ( DEBUG_TIME_LOG ) G::logTimeByPage(); //log this page die; break; default : @@ -280,24 +246,31 @@ $realPath[0] .= strpos(basename($realPath[0]), '.') === false ? '.php' : ''; G::streamFile ( $realPath[0] ); die; - } + } } -//************** the request correspond to valid php page, now parse the URI ************** + // the request correspond to valid php page, now parse the URI + G::parseURI(getenv("REQUEST_URI"), $config); - G::parseURI(getenv("REQUEST_URI" ), $config); + // verify if index.html exists + if (!file_exists(PATH_HTML . 'index.html')) { // if not, create it from template + file_put_contents( + PATH_HTML . 'index.html', + G::parseTemplate(PATH_TPL . 'index.html', array('lang' => SYS_LANG, 'skin' => SYS_SKIN)) + ); + } - $oHeadPublisher->addMaborakFile( PATH_GULLIVER_HOME . 'js' . PATH_SEP . "widgets/jscalendar/lang/calendar-" . SYS_LANG . ".js"); - define( 'SYS_URI' , '/sys' . SYS_TEMP . '/' . SYS_LANG . '/' . SYS_SKIN . '/' ); + $oHeadPublisher->addMaborakFile(PATH_GULLIVER_HOME . 'js' . PATH_SEP . "widgets/jscalendar/lang/calendar-" . SYS_LANG . ".js"); + define('SYS_URI' , '/sys' . SYS_TEMP . '/' . SYS_LANG . '/' . SYS_SKIN . '/'); -//************** defining the serverConf singleton ************** - if(defined('PATH_DATA') && file_exists(PATH_DATA)){ + // defining the serverConf singleton + if (defined('PATH_DATA') && file_exists(PATH_DATA)) { //Instance Server Configuration Singleton G::LoadClass('serverConfiguration'); $oServerConf =& serverConf::getSingleton(); } -//***************** Call Gulliver Classes ************************** + // Call Gulliver Classes G::LoadThirdParty('pear/json','class.json'); G::LoadThirdParty('smarty/libs','Smarty.class'); G::LoadSystem('error'); @@ -321,24 +294,25 @@ G::LoadSystem('pmException'); //G::LoadSystem('pagedTable'); -//************** Installer, redirect to install if we don't have a valid shared data folder ***************/ + // Installer, redirect to install if we don't have a valid shared data folder if ( !defined('PATH_DATA') || !file_exists(PATH_DATA)) { - /*new installer, extjs based*/ - + // new installer, extjs based define('PATH_DATA', PATH_C); require_once ( PATH_CONTROLLERS . 'installer.php' ); $controller = 'Installer'; - //if the method name is empty set default to index method - if (strpos(SYS_TARGET, '/') !== false) + // if the method name is empty set default to index method + if (strpos(SYS_TARGET, '/') !== false) { list($controller, $controllerAction) = explode('/', SYS_TARGET); - else + } + else { $controllerAction = SYS_TARGET; + } $controllerAction = ($controllerAction != '' && $controllerAction != 'login')? $controllerAction: 'index'; - //create the installer controller and call its method + // create the installer controller and call its method if( is_callable(Array('Installer', $controllerAction)) ) { $installer = new $controller(); $installer->setHttpRequestData($_REQUEST); @@ -351,10 +325,10 @@ die; } -// ************* Load Language Translation ***************** + // Load Language Translation G::LoadTranslationObject(defined('SYS_LANG')?SYS_LANG:"en"); -//******** look for a disabled workspace **** + // look for a disabled workspace if($oServerConf->isWSDisabled(SYS_TEMP)){ $aMessage['MESSAGE'] = G::LoadTranslation('ID_DISB_WORKSPACE'); $G_PUBLISH = new Publisher; @@ -363,8 +337,8 @@ die; } -//********** database and workspace definition ************************ - //if SYS_TEMP exists, the URL has a workspace, now we need to verify if exists their db.php file + // database and workspace definition + // if SYS_TEMP exists, the URL has a workspace, now we need to verify if exists their db.php file if ( defined('SYS_TEMP') && SYS_TEMP != '') { //this is the default, the workspace db.php file is in /shared/workflow/sites/SYS_SYS if ( file_exists( PATH_DB . SYS_TEMP . '/db.php' ) ) { @@ -390,7 +364,7 @@ } else { if(SYS_TARGET=="dbInfo"){ //Show dbInfo when no SYS_SYS - require_once( PATH_METHODS . "login/dbInfo.php" ) ; + require_once( PATH_METHODS . "login/dbInfo.php" ); } else{ @@ -410,45 +384,46 @@ die(); } } - if ( DEBUG_TIME_LOG ) logTimeByPage(); //log this page + if ( DEBUG_TIME_LOG ) G::logTimeByPage(); //log this page die(); } } - // ***** create memcached singleton ***************** + // create memcached singleton G::LoadClass ( 'memcached' ); $memcache = & PMmemcached::getSingleton(SYS_SYS); -//***************** PM Paths DATA ************************** - define( 'PATH_DATA_SITE', PATH_DATA . 'sites/' . SYS_SYS . '/'); - define( 'PATH_DOCUMENT', PATH_DATA_SITE . 'files/' ); - define( 'PATH_DATA_MAILTEMPLATES', PATH_DATA_SITE . 'mailTemplates/' ); - define( 'PATH_DATA_PUBLIC', PATH_DATA_SITE . 'public/' ); - define( 'PATH_DATA_REPORTS', PATH_DATA_SITE . 'reports/' ); - define( 'PATH_DYNAFORM', PATH_DATA_SITE . 'xmlForms/' ); - define( 'PATH_IMAGES_ENVIRONMENT_FILES', PATH_DATA_SITE . 'usersFiles'.PATH_SEP); - define( 'PATH_IMAGES_ENVIRONMENT_USERS', PATH_DATA_SITE . 'usersPhotographies'.PATH_SEP); - define( 'SERVER_NAME', $_SERVER ['SERVER_NAME']); - define( 'SERVER_PORT', $_SERVER ['SERVER_PORT']); + // PM Paths DATA + define('PATH_DATA_SITE', PATH_DATA . 'sites/' . SYS_SYS . '/'); + define('PATH_DOCUMENT', PATH_DATA_SITE . 'files/'); + define('PATH_DATA_MAILTEMPLATES', PATH_DATA_SITE . 'mailTemplates/'); + define('PATH_DATA_PUBLIC', PATH_DATA_SITE . 'public/'); + define('PATH_DATA_REPORTS', PATH_DATA_SITE . 'reports/'); + define('PATH_DYNAFORM', PATH_DATA_SITE . 'xmlForms/'); + define('PATH_IMAGES_ENVIRONMENT_FILES', PATH_DATA_SITE . 'usersFiles'.PATH_SEP); + define('PATH_IMAGES_ENVIRONMENT_USERS', PATH_DATA_SITE . 'usersPhotographies'.PATH_SEP); + define('SERVER_NAME', $_SERVER ['SERVER_NAME']); + define('SERVER_PORT', $_SERVER ['SERVER_PORT']); -//***************** Plugins ************************** + // load Plugins base class G::LoadClass('plugin'); + //here we are loading all plugins registered //the singleton has a list of enabled plugins - $sSerializedFile = PATH_DATA_SITE . 'plugin.singleton'; $oPluginRegistry =& PMPluginRegistry::getSingleton(); - if ( file_exists ($sSerializedFile) ) - $oPluginRegistry->unSerializeInstance( file_get_contents ( $sSerializedFile ) ); + if (file_exists ($sSerializedFile)) { + $oPluginRegistry->unSerializeInstance(file_get_contents($sSerializedFile)); + } -//******* setup propel definitions and logging **** + // setup propel definitions and logging require_once ( "propel/Propel.php" ); require_once ( "creole/Creole.php" ); if (defined('DEBUG_SQL_LOG') && DEBUG_SQL_LOG) { - define ( 'PM_PID', mt_rand(1,999999) ); - require_once ( "Log.php" ); + define('PM_PID', mt_rand(1,999999)); + require_once 'Log.php'; // register debug connection decorator driver Creole::registerDriver('*', 'creole.contrib.DebugConnection'); @@ -456,72 +431,84 @@ // initialize Propel with converted config file Propel::init( PATH_CORE . "config/databases.php" ); - //unified log file for all databases + // unified log file for all databases $logFile = PATH_DATA . 'log' . PATH_SEP . 'propel.log'; $logger = Log::singleton('file', $logFile, 'wf ' . SYS_SYS, null, PEAR_LOG_INFO); Propel::setLogger($logger); - //log file for workflow database + // log file for workflow database $con = Propel::getConnection('workflow'); - if ($con instanceof DebugConnection) $con->setLogger($logger); - - //log file for rbac database + if ($con instanceof DebugConnection) { + $con->setLogger($logger); + } + // log file for rbac database $con = Propel::getConnection('rbac'); - if ($con instanceof DebugConnection) $con->setLogger($logger); + + if ($con instanceof DebugConnection) { + $con->setLogger($logger); + } - //log file for report database + // log file for report database $con = Propel::getConnection('rp'); - if ($con instanceof DebugConnection) $con->setLogger($logger); + if ($con instanceof DebugConnection) { + $con->setLogger($logger); + } } - else + else { Propel::init( PATH_CORE . "config/databases.php" ); + } Creole::registerDriver('dbarray', 'creole.contrib.DBArrayConnection'); -//***************** Session Initializations **************************/ - ini_set( 'session.auto_start', '1' ); + // Session Initializations + ini_set('session.auto_start', '1'); + // The register_globals feature has been DEPRECATED as of PHP 5.3.0. default value Off. // ini_set( 'register_globals', 'Off' ); session_start(); ob_start(); - -//Rebuild the base Workflow translations if not exists + + // Rebuild the base Workflow translations if not exists if( ! is_file(PATH_LANGUAGECONT . 'translation.en') ){ require_once ( "classes/model/Translation.php" ); $fields = Translation::generateFileTranslation('en'); } -//TODO: Verify if the language set into url is defined in translations env. + + // TODO: Verify if the language set into url is defined in translations env. if( SYS_LANG != 'en' && ! is_file(PATH_LANGUAGECONT . 'translation.' . SYS_LANG) ){ require_once ( "classes/model/Translation.php" ); $fields = Translation::generateFileTranslation(SYS_LANG); } -//********* Setup plugins ************* + // Setup plugins $oPluginRegistry->setupPlugins(); //get and setup enabled plugins $avoidChangedWorkspaceValidation = false; - //Load custom Classes and Model from Plugins. + // Load custom Classes and Model from Plugins. G::LoadAllPluginModelClasses(); -//*********jump to php file in methods directory ************* + // jump to php file in methods directory $collectionPlugin = ''; - if ( $oPluginRegistry->isRegisteredFolder( SYS_COLLECTION ) ) { + if ($oPluginRegistry->isRegisteredFolder(SYS_COLLECTION)) { $phpFile = PATH_PLUGINS . SYS_COLLECTION . PATH_SEP . SYS_TARGET.'.php'; $targetPlugin = explode( '/', SYS_TARGET ); $collectionPlugin = $targetPlugin[0]; $avoidChangedWorkspaceValidation = true; } - else + else { $phpFile = G::ExpandPath('methods') . SYS_COLLECTION . PATH_SEP . SYS_TARGET.'.php'; + } - //services is a special folder, + // services is a special folder, if ( SYS_COLLECTION == 'services' ) { $avoidChangedWorkspaceValidation = true; $targetPlugin = explode( '/', SYS_TARGET ); + if ( $targetPlugin[0] == 'webdav' ) { $phpFile = G::ExpandPath('methods') . SYS_COLLECTION . PATH_SEP . 'webdav.php'; } } - if(SYS_COLLECTION=='login' && SYS_TARGET=='login'){ + + if (SYS_COLLECTION == 'login' && SYS_TARGET == 'login') { $avoidChangedWorkspaceValidation = true; } @@ -538,10 +525,9 @@ } else { //when the file is part of the public directory of any PROCESS, this a ProcessMaker feature - if (preg_match('/^[0-9][[:alnum:]]+$/', SYS_COLLECTION) == 1) - { //the pattern is /sysSYS/LANG/SKIN/PRO_UID/file - $auxPart = explode ( '/' , $_SERVER['REQUEST_URI']); - $aAux = explode('?', $auxPart[ count($auxPart)-1]); + if (preg_match('/^[0-9][[:alnum:]]+$/', SYS_COLLECTION) == 1) { //the pattern is /sysSYS/LANG/SKIN/PRO_UID/file + $auxPart = explode ( '/' , $_SERVER['REQUEST_URI']); + $aAux = explode('?', $auxPart[ count($auxPart)-1]); //$extPart = explode ( '.' , $auxPart[ count($auxPart)-1] ); $extPart = explode ( '.' , $aAux[0] ); $queryPart = isset($aAux[1])?$aAux[1]:""; @@ -549,37 +535,38 @@ $phpFile = PATH_DATA_SITE . 'public' . PATH_SEP . SYS_COLLECTION . PATH_SEP . urldecode ($auxPart[ count($auxPart)-1]); $aAux = explode('?', $phpFile); $phpFile = $aAux[0]; - if ( $extension != 'php' ) { - G::streamFile ( $phpFile ); + + if ($extension != 'php') { + G::streamFile($phpFile); die; } + $avoidChangedWorkspaceValidation=true; $bWE = true; //$phpFile = PATH_DATA_SITE . 'public' . PATH_SEP . SYS_COLLECTION . PATH_SEP . $auxPart[ count($auxPart)-1]; } //erik: verify if it is a Controller Class or httpProxyController Class - if( is_file(PATH_CONTROLLERS . SYS_COLLECTION . '.php') ) { + if (is_file(PATH_CONTROLLERS . SYS_COLLECTION . '.php')) { require_once PATH_CONTROLLERS . SYS_COLLECTION . '.php'; $controllerClass = SYS_COLLECTION; //if the method name is empty set default to index method $controllerAction = SYS_TARGET != '' ? SYS_TARGET : 'index'; //if the method exists - if( is_callable(Array($controllerClass, $controllerAction)) ) { + if (is_callable(Array($controllerClass, $controllerAction)) ) { $isControllerCall = true; } } - if ( ! $isControllerCall && ! file_exists( $phpFile ) ) { - $_SESSION['phpFileNotFound'] = $_SERVER['REQUEST_URI']; - print $phpFile; - header ("location: /errors/error404.php?url=" . urlencode($_SERVER['REQUEST_URI'])); - die; + if (!$isControllerCall && ! file_exists($phpFile)) { + $_SESSION['phpFileNotFound'] = $_SERVER['REQUEST_URI']; + header("location: /errors/error404.php?url=" . urlencode($_SERVER['REQUEST_URI'])); + die; } } //redirect to login, if user changed the workspace in the URL - if( ! $avoidChangedWorkspaceValidation && isset( $_SESSION['WORKSPACE'] ) && $_SESSION['WORKSPACE'] != SYS_SYS) { + if (! $avoidChangedWorkspaceValidation && isset($_SESSION['WORKSPACE']) && $_SESSION['WORKSPACE'] != SYS_SYS) { $_SESSION['WORKSPACE'] = SYS_SYS; G::SendTemporalMessage ('ID_USER_HAVENT_RIGHTS_SYSTEM', "error"); @@ -587,19 +574,19 @@ die; } -//***************** enable rbac ************************** - $RBAC =& RBAC::getSingleton( PATH_DATA, session_id() ); + // enable rbac + $RBAC = &RBAC::getSingleton( PATH_DATA, session_id() ); $RBAC->sSystem = 'PROCESSMAKER'; -//****** define and send Headers for all pages ******************* - if ( ! defined('EXECUTE_BY_CRON') ) { + // define and send Headers for all pages + if (! defined('EXECUTE_BY_CRON')) { header("Expires: " . gmdate("D, d M Y H:i:s", mktime( 0,0,0,date('m'),date('d')-1,date('Y') ) ) . " GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); - //get the language direction from ServerConf + // get the language direction from ServerConf define('SYS_LANG_DIRECTION', $oServerConf->getLanDirection() ); if((isset( $_SESSION['USER_LOGGED'] ))&&(!(isset($_GET['sid'])))) { @@ -634,7 +621,7 @@ $noLoginFolders[] = 'tracker'; $noLoginFolders[] = 'installer'; - //This sentence is used when you lost the Session + // This sentence is used when you lost the Session if ( !in_array(SYS_TARGET, $noLoginFiles) && !in_array(SYS_COLLECTION, $noLoginFolders) && $bWE != true && $collectionPlugin != 'services') { $bRedirect = true; @@ -651,24 +638,27 @@ $RBAC->initRBAC(); $RBAC->loadUserRolePermission( $RBAC->sSystem, $_SESSION['USER_LOGGED'] ); $memKey = 'rbacSession' . session_id(); - $memcache->set( $memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS ); + $memcache->set($memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS ); } } + if ($bRedirect) { - //g::pr($_SERVER); die; - if (strpos($_SERVER['REQUEST_URI'], '/home') !== false) { + if (substr(SYS_SKIN, 0, 2) == 'ux' && SYS_SKIN != 'uxs') { // verify if the current skin is a 'ux' variant + $loginUrl = 'main/login'; + } + else if (strpos($_SERVER['REQUEST_URI'], '/home') !== false){ //verify is it is using the uxs skin for simplified interface $loginUrl = 'home/login'; } else { - $loginUrl = 'main/login'; + $loginUrl = 'login/login'; // just set up the classic login } if (empty($_POST)) { header('location: ' . SYS_URI . $loginUrl . '?u=' . urlencode($_SERVER['REQUEST_URI'])); } else { - if ( $isControllerCall ) { - header("HTTP/1.0 302 session lost in controller"); + if ($isControllerCall) { + header("HTTP/1.0 302 session lost in controller"); } else { header('location: ' . SYS_URI . $loginUrl); @@ -680,23 +670,27 @@ } $_SESSION['phpLastFileFound'] = $_SERVER['REQUEST_URI']; - /*** + /** * New feature for Gulliver framework to support Controllers & HttpProxyController classes handling - * * @author Erik Amaru Ortiz */ - if( $isControllerCall ) { //Instance the Controller object and call the request method + if ($isControllerCall) { //Instance the Controller object and call the request method $controller = new $controllerClass(); $controller->setHttpRequestData($_REQUEST); $controller->call($controllerAction); - } else - require_once( $phpFile ); + } + else { + require_once $phpFile; + } - if ( defined('SKIP_HEADERS') ) { - header("Expires: " . gmdate("D, d M Y H:i:s", mktime( 0,0,0,date('m'),date('d'),date('Y') + 1) ) . " GMT"); + if (defined('SKIP_HEADERS')){ + header("Expires: " . gmdate("D, d M Y H:i:s", mktime(0, 0, 0, date('m'), date('d'), date('Y') + 1)) . " GMT"); header('Cache-Control: public'); header('Pragma: '); } + ob_end_flush(); - if ( DEBUG_TIME_LOG ) logTimeByPage(); //log this page + if (DEBUG_TIME_LOG) { + G::logTimeByPage(); //log this page + } }