fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

move paths_installed to shared folder CORE #55

Browse Source
This commit is contained in:
Fernando Ontiveros
2025-04-10 01:56:01 +00:00
parent 0e78dccf0f
commit 3a6a219b07
8 changed files with 775 additions and 657 deletions
Download Patch File Download Diff File Expand all files Collapse all files

226
workflow/public_html/sysGeneric.php
View File

@@ -10,116 +10,29 @@ use ProcessMaker\Validation\ValidationUploadedFiles;
/**
* bootstrap - ProcessMaker Bootstrap
* this file is used initialize main variables, redirect and dispatch all requests
* This file initializes main variables, redirects, and dispatches all requests.
*/
// Validating if exists 'HTTP_USER_AGENT' key in $_SERVER array
if (!isset($_SERVER['HTTP_USER_AGENT'])) {
$_SERVER['HTTP_USER_AGENT'] = '';
}
// Defining the PATH_SEP constant, he we are defining if the the path separator symbol will be '\\' or '/'
// Ensure 'HTTP_USER_AGENT' is set
$_SERVER['HTTP_USER_AGENT'] = htmlspecialchars(filter_input(INPUT_SERVER, 'HTTP_USER_AGENT') ?? '', ENT_QUOTES, 'UTF-8');
// Define path separator constant
define('PATH_SEP', '/');
// Defining the Home Directory
$realdocuroot = str_replace('\\', '/', $_SERVER['DOCUMENT_ROOT']);
$docuroot = explode(PATH_SEP, $realdocuroot);
// Define the Home Directory
$documentRoot = str_replace('\\', '/', $_SERVER['DOCUMENT_ROOT']);
$pathParts = explode(PATH_SEP, $documentRoot);
array_pop($pathParts); // Remove the last part (usually the project folder)
$pathHome = implode(PATH_SEP, $pathParts) . PATH_SEP;
array_pop($docuroot);
$pathhome = implode(PATH_SEP, $docuroot) . PATH_SEP;
// Define trunk paths
$pathTrunk = implode(PATH_SEP, array_slice($pathParts, 0, -1)) . PATH_SEP; // Remove last part again
$pathOutTrunk = implode(PATH_SEP, array_slice($pathParts, 0, -2)) . PATH_SEP; // Remove last two parts
// try to find automatically the trunk directory where are placed the RBAC and Gulliver directories
// in a normal installation you don't need to change it.
array_pop($docuroot);
$pathTrunk = implode(PATH_SEP, $docuroot) . PATH_SEP;
array_pop($docuroot);
$pathOutTrunk = implode(PATH_SEP, $docuroot) . PATH_SEP;
define('PATH_HOME', $pathhome);
define('PATH_HOME', $pathHome);
define('PATH_TRUNK', $pathTrunk);
define('PATH_OUTTRUNK', $pathOutTrunk);
//we are focusing in have this behaivour
//1. if the uri is an existing file return the file inmediately
//2. if the uri point to png, jpg, js, or css mapped in other place, return it inmediately
//3. process the uri,
//here we are putting approved CONSTANTS, I mean constants be sure we need,
define('PATH_HTML', PATH_HOME . 'public_html' . PATH_SEP);
//this is the first path, if the file exists...
$request = substr($_SERVER['REQUEST_URI'], 1, strlen($_SERVER['REQUEST_URI'])); //removes the first '/'
$fileWithoutParam = explode("?", $request); // split the URI by '?'
$request = $fileWithoutParam[0]; // get the first element of the split URI
$requestFile = PATH_HTML . $request; // temporary assemble a path for the file embedded in the URI
if (file_exists($requestFile)) {
if (!is_file($requestFile)) {
header("location: /errors/error404.php?url=" . urlencode($_SERVER['REQUEST_URI']));
die;
}
if ($request === "app.php" || $request === "sysGeneric.php") {
//HTTP/1.0 403 Forbidden
http_response_code(403);
}
$pos = strripos($request, ".") + 1;
$size = strlen($request);
if ($pos < $size) {
//if this file got an extension then assign the content
$ext_file = substr($request, $pos, $size);
if ($ext_file == "gif" || $ext_file == "png") {
$ext_file = 'image/' . $ext_file;
} elseif ($ext_file == "jpg" || $ext_file == "jpeg") {
$ext_file = 'image/jpeg';
} elseif ($ext_file == "swf") {
$ext_file = "application/x-shockwave-flash";
} elseif ($ext_file == "json" || $ext_file == "htc") {
$ext_file = "text/plain";
} elseif ($ext_file == "htm" || $ext_file == "html" || $ext_file == "txt") {
$ext_file = "text/html";
} elseif ($ext_file == "doc" || $ext_file == "pdf" || $ext_file == "pm" || $ext_file == "po") {
$ext_file = "application/octet-stream";
} elseif ($ext_file == "tar") {
$ext_file = "application/x-tar";
} elseif ($ext_file == "woff") {
$ext_file = "application/font-woff";
} elseif ($ext_file == "js") {
$ext_file = "text/javascript";
} elseif ($ext_file == "css") {
//may this line be innecesary, all the .css are been generated at run time
$ext_file = 'text/css';
} else {
$ext_file = "application/octet-stream";
}
header('Content-Type: ' . $ext_file);
}
header('Pragma: cache');
$mtime = filemtime($requestFile);
$gmt_mtime = gmdate("D, d M Y H:i:s", $mtime) . " GMT";
header('ETag: "' . Bootstrap::encryptOld($mtime . $requestFile) . '"');
header("Last-Modified: " . $gmt_mtime);
header('Cache-Control: public');
$userAgent = strtolower($_SERVER ['HTTP_USER_AGENT']);
if (preg_match("/msie/i", $userAgent)) {
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 60 * 10) . " GMT");
} else {
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 90 * 60 * 60 * 24) . " GMT");
if (isset($_SERVER ['HTTP_IF_MODIFIED_SINCE'])) {
if ($_SERVER ['HTTP_IF_MODIFIED_SINCE'] == $gmt_mtime) {
header('HTTP/1.1 304 Not Modified');
}
}
if (isset($_SERVER ['HTTP_IF_NONE_MATCH'])) {
if (str_replace('"', '',
stripslashes($_SERVER ['HTTP_IF_NONE_MATCH'])) == Bootstrap::encryptOld($mtime . $requestFile)) {
header("HTTP/1.1 304 Not Modified");
}
}
}
readfile($requestFile);
die;
}
define('PATH_DATA', isset($_SERVER['PATH_DATA']) ? $_SERVER['PATH_DATA'] : PATH_TRUNK . 'shared' . PATH_SEP );
// Defining RBAC Paths constants
define('PATH_RBAC_HOME', PATH_TRUNK . 'rbac' . PATH_SEP);
@@ -154,29 +67,34 @@ define('PATH_UPLOAD', PATH_HTML . 'files' . PATH_SEP);
define('PATH_WORKFLOW_MYSQL_DATA', PATH_CORE . 'data' . PATH_SEP . 'mysql' . PATH_SEP);
define('PATH_RBAC_MYSQL_DATA', PATH_RBAC_CORE . 'data' . PATH_SEP . 'mysql' . PATH_SEP);
define('FILE_PATHS_INSTALLED', PATH_CORE . 'config' . PATH_SEP . 'paths_installed.php');
define('FILE_PATHS_INSTALLED', PATH_DATA . 'config' . PATH_SEP . 'paths_installed.php');
define('PATH_WORKFLOW_MSSQL_DATA', PATH_CORE . 'data' . PATH_SEP . 'mssql' . PATH_SEP);
define('PATH_RBAC_MSSQL_DATA', PATH_RBAC_CORE . 'data' . PATH_SEP . 'mssql' . PATH_SEP);
define('PATH_CONTROLLERS', PATH_CORE . 'controllers' . PATH_SEP);
// include Gulliver Class
// Return error for local files that should be returned by nginx or apache2
$requestUri = ltrim($_SERVER['REQUEST_URI'], '/'); // Remove leading '/'
$requestFile = PATH_HTML . strtok($requestUri, '?'); // Get the file path without query parameters
if (file_exists($requestFile)) {
error_log("Requested file should not be accessed directly: /" . $requestUri);
print ("This should not happen. Review the rules in nginx or apache server: /" . $requestUri);
exit;
}
// include Gulliver Class and define necessary paths
if (file_exists(FILE_PATHS_INSTALLED)) {
// include the server installed configuration
require_once FILE_PATHS_INSTALLED;
// defining system constant when a valid server environment exists
// defining system constants
define('PATH_LANGUAGECONT', PATH_DATA . "META-INF" . PATH_SEP);
define('PATH_CUSTOM_SKINS', PATH_DATA . 'skins' . PATH_SEP);
define('PATH_TEMPORAL', PATH_C . 'dynEditor/');
define('PATH_DB', PATH_DATA . 'sites' . PATH_SEP);
// smarty constants
define('PATH_SMARTY_C', PATH_C . 'smarty' . PATH_SEP . 'c');
define('PATH_SMARTY_CACHE', PATH_C . 'smarty' . PATH_SEP . 'cache');
/* TO DO: put these line in other part of code*/
Bootstrap::verifyPath(PATH_SMARTY_C, true);
Bootstrap::verifyPath(PATH_SMARTY_CACHE, true);
}
@@ -191,24 +109,18 @@ set_include_path(
);
/**
* Global definitions, before it was the defines.php file
* Global definitions
*/
// URL Key
define("URL_KEY", 'c0l0s40pt1mu59r1m3');
// Other definitions
define('TIMEOUT_RESPONSE', 100); //web service timeout
define('APPLICATION_CODE', 'ProcessMaker'); //to login like workflow system
// Application settings
define('TIMEOUT_RESPONSE', 100); //web service timeout in seconds
define('APPLICATION_CODE', 'ProcessMaker'); //Application code for login
define('MAIN_POFILE', 'processmaker');
define('PO_SYSTEM_VERSION', 'PM 4.0.1');
$G_CONTENT = null;
$G_MESSAGE = "";
$G_MESSAGE_TYPE = "info";
$G_MENU_SELECTED = -1;
$G_MAIN_MENU = "default";
// Environment definitions
define('G_PRO_ENV', 'PRODUCTION');
define('G_DEV_ENV', 'DEVELOPMENT');
@@ -217,35 +129,18 @@ define('G_TEST_ENV', 'TEST');
// Number of files per folder at PATH_UPLOAD (cases documents)
define('APPLICATION_DOCUMENTS_PER_FOLDER', 1000);
// Global variables for application state (menus)
$G_CONTENT = null;
$G_MESSAGE = "";
$G_MESSAGE_TYPE = "info";
$G_MENU_SELECTED = -1;
$G_MAIN_MENU = "default";
G::defineConstants();
$config = Bootstrap::getSystemConfiguration();
// starting session
if (isset($config['session.gc_maxlifetime'])) {
$timelife = $config['session.gc_maxlifetime'];
} else {
$timelife = ini_get('session.gc_maxlifetime');
}
if (is_null($timelife)) {
$timelife = 1440;
}
ini_set('session.gc_maxlifetime', $timelife);
if ((preg_match("/msie/i", $_SERVER ['HTTP_USER_AGENT']) != 1 ||
$config['ie_cookie_lifetime'] == 1) &&
(!(preg_match("/safari/i", $_SERVER ['HTTP_USER_AGENT']) == 1 && preg_match("/chrome/i",
$_SERVER ['HTTP_USER_AGENT']) == 0) ||
$config['safari_cookie_lifetime'] == 1)) {
ini_set('session.cookie_lifetime', $timelife);
}
if (!(array_key_exists('REMOTE_USER', $_SERVER) && (string) ($_SERVER['REMOTE_USER']) != '')) {
ini_set('session.cookie_httponly', 1);
if (G::is_https()) {
ini_set('session.cookie_secure', 1);
}
}
session_start();
// Call the function to initialize the session
$config = Bootstrap::getSystemConfiguration(); //to do: review
Bootstrap::initializeSession($config);
//Set Time Zone
$_SESSION['__SYSTEM_UTC_TIME_ZONE__'] = (int)($config['system_utc_time_zone']) == 1;
@@ -286,8 +181,8 @@ $_SERVER['SERVER_ADDR'] = isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR
//to do: make different environments. sys
//check if it is a installation instance
if (!defined('PATH_C')) {
//check if it is a installation instance
if (!defined('PATH_C')) { // to do: review
// is a intallation instance, so we need to define PATH_C and PATH_LANGUAGECONT constants temporarily
define('PATH_C', (rtrim(Bootstrap::sys_get_temp_dir(), PATH_SEP) . PATH_SEP));
define('PATH_LANGUAGECONT', PATH_HOME . 'engine/content/languages/');
@@ -304,10 +199,8 @@ $virtualURITable['/(sys\w{0,})/(\w{0,}.js)'] = 'jsMethod';
$virtualURITable['/js/(*)'] = PATH_GULLIVER_HOME . 'js/';
$virtualURITable['/jscore/(*)'] = PATH_CORE . 'js/';
if (defined('PATH_C')) {
$virtualURITable['/jsform/(*.js)'] = PATH_C . 'xmlform/';
$virtualURITable['/extjs/(*)'] = PATH_C . 'ExtJs/';
}
$virtualURITable['/jsform/(*.js)'] = PATH_C . 'xmlform/';
$virtualURITable['/extjs/(*)'] = PATH_C . 'ExtJs/';
$virtualURITable['/htmlarea/(*)'] = PATH_THIRDPARTY . 'htmlarea/';
//$virtualURITable['/sys[a-zA-Z][a-zA-Z0-9]{0,}()/'] = 'sysNamed';
@@ -353,7 +246,7 @@ if (Bootstrap::virtualURI($_SERVER['REQUEST_URI'], $virtualURITable, $realPath))
if (file_exists($pluginFilename)) {
Bootstrap::streamFile($pluginFilename, false, '', true);
}
die();
exit();
}
$requestUriArray = explode("/", $_SERVER['REQUEST_URI']);
@@ -378,7 +271,7 @@ if (Bootstrap::virtualURI($_SERVER['REQUEST_URI'], $virtualURITable, $realPath))
if (file_exists($fileToBeStreamed)) {
Bootstrap::streamFile($fileToBeStreamed);
}
die();
exit();
}
switch ($realPath) {
@@ -386,7 +279,7 @@ if (Bootstrap::virtualURI($_SERVER['REQUEST_URI'], $virtualURITable, $realPath))
Bootstrap::parseURI(getenv("REQUEST_URI"));
$filename = PATH_METHODS . SYS_COLLECTION . '/' . SYS_TARGET . '.js';
Bootstrap::streamFile($filename);
die();
exit();
break;
case 'errorFile':
ob_start();
@@ -394,14 +287,14 @@ if (Bootstrap::virtualURI($_SERVER['REQUEST_URI'], $virtualURITable, $realPath))
if (DEBUG_TIME_LOG) {
Bootstrap::logTimeByPage();
} //log this page
die();
exit();
break;
default:
//Process files loaded with tag head in HTML
$realPath = explode('?', $realPath);
$realPath[0] .= strpos(basename($realPath[0]), '.') === false ? '.php' : '';
Bootstrap::streamFile($realPath[0]);
die();
exit();
}
} //virtual URI parser
@@ -427,6 +320,7 @@ if (isset($arrayUpdating['action']) && $arrayUpdating['action']) {
die();
}
}
Bootstrap::logTimeByPage();
// verify if index.html exists
if (!file_exists(PATH_HTML . 'index.html')) { // if not, create it from template
@@ -436,23 +330,23 @@ if (!file_exists(PATH_HTML . 'index.html')) { // if not, create it from template
)));
}
define('SYS_URI', '/sys' . SYS_TEMP . '/' . SYS_LANG . '/' . SYS_SKIN . '/');
// defining the serverConf singleton
if (defined('PATH_DATA') && file_exists(PATH_DATA)) {
if (defined('PATH_DB') && file_exists(PATH_DB)) {
//Instance Server Configuration Singleton
$oServerConf = ServerConf::getSingleton();
}
// Create headPublisher singleton
$oHeadPublisher = headPublisher::getSingleton();
// Installer, redirect to install if we don't have a valid shared data folder
if (!defined('PATH_DATA') || !file_exists(PATH_DATA)) {
if (!defined('PATH_DB') || !file_exists(PATH_DB)) {
// new installer, extjs based
define( 'PATH_DATA', PATH_C );
//important to start laravel classes
app()->useStoragePath(realpath(PATH_DATA));
app()->make(Kernel::class)->bootstrap();
@@ -481,7 +375,7 @@ if (!defined('PATH_DATA') || !file_exists(PATH_DATA)) {
$_SESSION['phpFileNotFound'] = $_SERVER['REQUEST_URI'];
header("location: /errors/error404.php?url=" . urlencode($_SERVER['REQUEST_URI']));
}
die();
exit();
}
app()->useStoragePath(realpath(PATH_DATA));
@@ -850,7 +744,13 @@ if (!defined('EXECUTE_BY_CRON')) {
(!(preg_match("/safari/i", $_SERVER ['HTTP_USER_AGENT']) == 1 && preg_match("/chrome/i",
$_SERVER ['HTTP_USER_AGENT']) == 0) ||
$config['safari_cookie_lifetime'] == 1)) {
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + $timelife, 'httponly' => true]);
// Determine session lifetime
$sessionLifetime = isset($config['session.gc_maxlifetime']) ? $config['session.gc_maxlifetime'] : ini_get('session.gc_maxlifetime');
// Default to 1440 seconds (24 minutes) if lifetime is not set
if (is_null($sessionLifetime)) {
$sessionLifetime = 1440;
}
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + $sessionLifetime, 'httponly' => true]);
setcookie(session_name(), session_id(), $cookieOptions);
}
$RBAC->initRBAC();