fernando/luos
1
0
Fork 0
Code Releases Activity

Merged in release/3.2 (pull request #5423)

Browse Source 
Release/3.2

Approved-by: Paula Quispe
This commit is contained in:
Paula Quispe
2017-02-14 20:20:24 +00:00
parent 61f096fce8 9d10a02fab
commit 4768cfb44e
36 changed files with 599 additions and 314 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
workflow/engine/classes/class.case.php
View File

@@ -4433,6 +4433,11 @@ class Cases
/*----------------------------------********---------------------------------*/
$this->getExecuteTriggerProcess($sApplicationUID, 'REASSIGNED');
//Delete record of the table LIST_UNASSIGNED
$unassigned = new ListUnassigned();
$unassigned->remove($sApplicationUID, $iDelegation);
return true;
}
@@ -5225,7 +5230,7 @@ class Cases
$dataLastEmail['configuration'] = $aConfiguration;
$dataLastEmail['subject'] = $sSubject;
$dataLastEmail['pathEmail'] = $pathEmail;
$dataLastEmail['swtplDeafault'] = $swtplDefault;
$dataLastEmail['swtplDefault'] = $swtplDefault;
$dataLastEmail['body'] = $sBody;
$dataLastEmail['from'] = $from;
break;
@@ -5293,7 +5298,7 @@ class Cases
$dataLastEmail['configuration'] = $aConfiguration;
$dataLastEmail['subject'] = $sSubject;
$dataLastEmail['pathEmail'] = $pathEmail;
$dataLastEmail['swtplDeafault'] = $swtplDefault;
$dataLastEmail['swtplDefault'] = $swtplDefault;
$dataLastEmail['body'] = $sBody;
$dataLastEmail['from'] = $from;
break;

13
workflow/engine/classes/class.derivation.php
View File

@@ -1211,6 +1211,19 @@ class Derivation
$this->case->closeAppThread( $currentDelegation['APP_UID'], $iAppThreadIndex );
break;
default:
if ($nextDel['ROU_PREVIOUS_TYPE'] == 'SEC-JOIN') {
$criteria = new Criteria('workflow');
$criteria->clearSelectColumns();
$criteria->addSelectColumn(AppThreadPeer::APP_THREAD_PARENT);
$criteria->add(AppThreadPeer::APP_UID, $appFields['APP_UID']);
$criteria->add(AppThreadPeer::APP_THREAD_STATUS, 'OPEN');
$criteria->add(AppThreadPeer::APP_THREAD_INDEX, $iAppThreadIndex);
$rsCriteria = AppThreadPeer::doSelectRS($criteria);
$rsCriteria->setFetchmode(ResultSet::FETCHMODE_ASSOC);
if ($rsCriteria->next()) {
$this->case->closeAppThread($currentDelegation['APP_UID'], $iAppThreadIndex);
}
}
if ($currentDelegation['TAS_ASSIGN_TYPE'] == 'STATIC_MI' || $currentDelegation['TAS_ASSIGN_TYPE'] == 'CANCEL_MI') {
$this->case->closeAppThread( $currentDelegation['APP_UID'], $iAppThreadIndex );
}

14
workflow/engine/classes/class.pmDynaform.php
View File

@@ -27,6 +27,7 @@ class pmDynaform
private $context = array();
private $dataSources = null;
private $databaseProviders = null;
private $propertiesToExclude = array();
public function __construct($fields = array())
{
@@ -37,6 +38,7 @@ class pmDynaform
$this->serverConf = &serverConf::getSingleton();
$this->isRTL = ($this->serverConf->isRtl(SYS_LANG)) ? 'true' : 'false';
$this->fields = $fields;
$this->propertiesToExclude = array('dataVariable');
$this->getDynaform();
$this->getDynaforms();
$this->synchronizeSubDynaform();
@@ -196,11 +198,13 @@ class pmDynaform
if (is_string($value) && in_array(substr($value, 0, 2), $prefixs)) {
$triggerValue = substr($value, 2);
if (isset($this->fields["APP_DATA"][$triggerValue])) {
if ($key !== "dataVariable") {
if (!in_array($key, $this->propertiesToExclude)) {
$json->{$key} = $this->fields["APP_DATA"][$triggerValue];
}
} else {
$json->{$key} = "";
if (!in_array($key, $this->propertiesToExclude)) {
$json->{$key} = "";
}
}
}
//set properties from 'formInstance' variable
@@ -1909,6 +1913,12 @@ class pmDynaform
if ($validatorClass !== null) {
$validatorClass->validatePost($post);
}
//Clears the data in the appData for grids
if (array_key_exists($json->id, $this->fields) && $json->type === 'grid' &&
!array_key_exists($json->id, $post)
) {
$post[$json->variable] = array(array());
}
}
};
$json = G::json_decode($this->record["DYN_CONTENT"]);

18
workflow/engine/classes/class.pmFunctions.php
View File

@@ -527,13 +527,27 @@ function WSLogin ($user, $pass, $endpoint = "")
function WSOpen ($force = false)
{
if (isset( $_SESSION["WS_SESSION_ID"] ) || $force) {
$optionsHeaders = array(
"cache_wsdl" => WSDL_CACHE_NONE,
"soap_version" => SOAP_1_1,
"trace" => 1,
"stream_context" => stream_context_create(
array(
'ssl' => array(
'verify_peer' => 0,
'verify_peer_name' => 0
)
)
)
);
if (! isset( $_SESSION["WS_END_POINT"] )) {
$defaultEndpoint = "http://" . $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . "/sys" . SYS_SYS . "/en/classic/services/wsdl2";
$defaultEndpoint = $_SERVER["REQUEST_SCHEME"] . "://" . $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . "/sys" . SYS_SYS . "/en/classic/services/wsdl2";
}
$endpoint = isset( $_SESSION["WS_END_POINT"] ) ? $_SESSION["WS_END_POINT"] : $defaultEndpoint;
$client = new SoapClient( $endpoint );
$client = new SoapClient( $endpoint, $optionsHeaders);
return $client;
} else {

3
workflow/engine/classes/class.system.php
View File

@@ -78,7 +78,8 @@ class System
'leave_case_warning' => 0,
'server_hostname_requests_frontend' => '',
'load_headers_ie' => 0,
'redirect_to_mobile' => 0
'redirect_to_mobile' => 0,
'disable_php_upload_execution' => 0
);
/**

11
workflow/engine/classes/model/AppDelegation.php
View File

@@ -442,6 +442,7 @@ class AppDelegation extends BaseAppDelegation
//Get Task properties
$task = TaskPeer::retrieveByPK( $this->getTasUid() );
$aData = array();
$aData['TAS_UID'] = $this->getTasUid();
//Added to allow User defined Timing Control at Run time from Derivation screen
if (isset( $sNextTasParam['NEXT_TASK']['TAS_TRANSFER_HIDDEN_FLY'] ) && $sNextTasParam['NEXT_TASK']['TAS_TRANSFER_HIDDEN_FLY'] == 'true') {
@@ -471,7 +472,7 @@ class AppDelegation extends BaseAppDelegation
//Calendar - Use the dates class to calculate dates
$calendar = new calendar();
$arrayCalendarData = array();
$arrayCalendarData = $calendar->getCalendarData($aCalendarUID);
if ($calendar->pmCalendarUid == "") {
$calendar->getCalendar(null, $this->getProUid(), $this->getTasUid());
@@ -480,11 +481,11 @@ class AppDelegation extends BaseAppDelegation
}
//Due date
/*$iDueDate = $calendar->calculateDate( $this->getDelDelegateDate(), $aData['TAS_DURATION'], $aData['TAS_TIMEUNIT'] //hours or days, ( we only accept this two types or maybe weeks
);*/
$dueDate = $calendar->dashCalculateDate($this->getDelDelegateDate(), $aData["TAS_DURATION"], $aData["TAS_TIMEUNIT"], $arrayCalendarData);
$initDate = $this->getDelDelegateDate();
$timeZone = \ProcessMaker\Util\DateTime::convertUtcToTimeZone($initDate);
$dueDate = $calendar->dashCalculateDate($timeZone, $aData["TAS_DURATION"], $aData["TAS_TIMEUNIT"], $arrayCalendarData);
//Return
$dueDate = \ProcessMaker\Util\DateTime::convertDataToUtc($dueDate);
return $dueDate;
}

12
workflow/engine/content/translations/english/processmaker.en.po
View File

@@ -27419,6 +27419,18 @@ msgstr "External Registration"
msgid "Filter By"
msgstr "Filter By"
# TRANSLATION
# LABEL/THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED
#: LABEL/THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED
msgid "The upload of PHP files was disabled please contact the system administrator."
msgstr "The upload of PHP files was disabled please contact the system administrator."
# TRANSLATION
# LABEL/THE_PHP_FILES_EXECUTION_WAS_DISABLED
#: LABEL/THE_PHP_FILES_EXECUTION_WAS_DISABLED
msgid "The PHP files execution was disabled please contact the system administrator."
msgstr "The PHP files execution was disabled please contact the system administrator."
# TRANSLATION
# LABEL/ID_MAFE_cae0206c31eaa305dd0e847330c5e837
#: LABEL/ID_MAFE_cae0206c31eaa305dd0e847330c5e837

12
workflow/engine/methods/appFolder/appFolderAjax.php
View File

@@ -1534,6 +1534,18 @@ function uploadExternalDocument()
//Read. Instance Document classes
if (!empty($quequeUpload)) {
foreach ($quequeUpload as $key => $fileObj) {
$extension = pathinfo($fileObj['fileName'], PATHINFO_EXTENSION);
if (\Bootstrap::getDisablePhpUploadExecution() === 1 && $extension === 'php') {
$message = \G::LoadTranslation('THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED');
\Bootstrap::registerMonologPhpUploadExecution('phpUpload', 550, $message, $fileObj['fileName']);
$response['error'] = $message;
$response['message'] = $message;
$response['success'] = false;
print_r(G::json_encode($response));
exit();
}
}
$docUid=$_POST['docUid'];
$appDocUid=isset($_POST['APP_DOC_UID'])?$_POST['APP_DOC_UID']:"";
$docVersion=isset($_POST['docVersion'])?$_POST['docVersion']:"";

24
workflow/engine/methods/cases/casesList_Ajax.php
View File

@@ -64,6 +64,30 @@ if ($actionAjax == "userValues") {
$users = filterUserListArray($users, $query);
//now get users, just for the Search action
switch ($action) {
case 'to_reassign':
$cUsers = $oAppCache->getToReassignListCriteria(null);
$cUsers->addSelectColumn(AppCacheViewPeer::USR_UID);
if (g::MySQLSintaxis()) {
$cUsers->addGroupByColumn(AppCacheViewPeer::USR_UID);
}
if (!is_null($query)) {
$filters = $cUsers->getNewCriterion(UsersPeer::USR_FIRSTNAME, '%' . $query . '%', Criteria::LIKE)->addOr(
$cUsers->getNewCriterion(UsersPeer::USR_LASTNAME, '%' . $query . '%', Criteria::LIKE)->addOr(
$cUsers->getNewCriterion(UsersPeer::USR_USERNAME, '%' . $query . '%', Criteria::LIKE)));
$cUsers->addAnd($filters);
}
$cUsers->setLimit(20);
$cUsers->addAscendingOrderByColumn(AppCacheViewPeer::APP_CURRENT_USER);
$oDataset = AppCacheViewPeer::doSelectRS($cUsers, Propel::getDbConnection('workflow_ro'));
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$oDataset->next();
while ($aRow = $oDataset->getRow()) {
$users[] = array("USR_UID" => $aRow['USR_UID'], "USR_FULLNAME" => $aRow['APP_CURRENT_USER']);
$oDataset->next();
}
break;
case 'search_simple':
case 'search':
G::LoadClass("configuration");

61
workflow/engine/methods/cases/casesMenuLoader.php
View File

@@ -9,9 +9,6 @@ switch ($action) {
case 'getAllCounters':
getAllCounters();
break;
case 'getProcess':
getProcess();
break;
/*----------------------------------********---------------------------------*/
case 'getAllCountersEnterprise':
getAllCountersEnterprise();
@@ -218,64 +215,6 @@ function getLoadTreeMenuData ()
print $xml;*/
}
// get the process summary of specific case list type,
function getProcess ()
{
global $G_TMP_MENU;
global $userId;
if (! isset( $_GET['item'] )) {
die();
}
$oMenu = new Menu();
$oMenu->load( 'cases' );
$type = $_GET['item'];
$oCases = new AppCacheView();
$aTypesID = array ();
$aTypesID['CASES_INBOX'] = 'to_do';
$aTypesID['CASES_DRAFT'] = 'draft';
$aTypesID['CASES_CANCELLED'] = 'cancelled';
$aTypesID['CASES_SENT'] = 'sent';
$aTypesID['CASES_PAUSED'] = 'paused';
$aTypesID['CASES_COMPLETED'] = 'completed';
$aTypesID['CASES_SELFSERVICE'] = 'selfservice';
//$aTypesID['CASES_TO_REVISE'] = 'to_revise';
//$aTypesID['CASES_TO_REASSIGN'] = 'to_reassign';
$aTypesID = Array ('CASES_INBOX' => 'to_do','CASES_DRAFT' => 'draft','CASES_CANCELLED' => 'cancelled','CASES_SENT' => 'sent','CASES_PAUSED' => 'paused','CASES_COMPLETED' => 'completed','CASES_SELFSERVICE' => 'selfservice','CASES_TO_REVISE' => 'to_revise','CASES_TO_REASSIGN' => 'to_reassign');
$aCount = $oCases->getAllCounters( Array ($aTypesID[$type]
), $userId, true );
$response = Array ();
//disabling the summary...
/*
$i=0;
foreach($aCount[$aTypesID[$type]]['sumary'] as $PRO_UID=>$process){
//{"text":"state","id":"src\/state","cls":"folder", loaded:true},
$response[$i] = new stdClass();
$response[$i]->text = $process['name'] . ' ('.$process['count'].')';
$response[$i]->id = $process['name'];
$response[$i]->cls = 'folder';
$response[$i]->loaded = true;
$i++;
}
*/
//ordering
/*for($i=0; $i<=count($response)-1; $i++){
for($j=$i+1; $j<=count($response); $j++){
echo $response[$j]->text .'<'. $response[$i]->text;
if($response[$j]->text[0] < $response[$i]->text[0]){
$x = $response[$i];
$response[$i] = $response[$j];
$response[$j] = $x;
}
}
}*/
echo G::json_encode( $response );
}
/*----------------------------------********---------------------------------*/
function getAllCountersEnterprise()
{

19
workflow/engine/methods/cases/cases_Ajax.php
View File

@@ -1019,20 +1019,23 @@ switch (($_POST['action']) ? $_POST['action'] : $_REQUEST['action']) {
if (is_array( $aApplication )) {
$response['exists'] = true;
$objCase = new \ProcessMaker\BusinessModel\Cases();
$aUserCanAccess = $objCase->userAuthorization(
$_SESSION['USER_LOGGED'],
$aApplication['PRO_UID'],
$aApplication['APP_UID'],
array('PM_ALLCASES'),
array('SUMMARY_FORM'=>'VIEW')
);
//Check if the user is a supervisor to this Process
if(isset($_POST['actionFromList']) && $_POST['actionFromList']==='to_revise'){
$oAppCache = new AppCacheView();
$aProcesses = $oAppCache->getProUidSupervisor($_SESSION['USER_LOGGED']);
if(!in_array($aApplication['PRO_UID'], $aProcesses)){
if (isset($_POST['actionFromList']) && $_POST['actionFromList']==='to_revise') {
if (!$aUserCanAccess['supervisor']) {
$response['exists'] = false;
$response['message'] = G::LoadTranslation('ID_NO_PERMISSION_NO_PARTICIPATED');
}
} else {//Check if the user participated in this case
$oParticipated = new ListParticipatedLast();
$aParticipated = $oParticipated->loadList($_SESSION['USER_LOGGED'], array(), null, $aApplication['APP_UID']);
if(!sizeof($aParticipated)){
//Check in the selfservice list
if (!$aUserCanAccess['participated'] && !$aUserCanAccess['rolesPermissions']['PM_ALLCASES'] && !$aUserCanAccess['objectPermissions']['SUMMARY_FORM']) {
$response['exists'] = false;
$response['message'] = G::LoadTranslation('ID_NO_PERMISSION_NO_PARTICIPATED');
}

74
workflow/engine/methods/cases/cases_Resume.php
View File

@@ -49,20 +49,34 @@ $G_ID_SUB_MENU_SELECTED = '_';
/* Prepare page before to show */
$oCase = new Cases();
//$Fields = $oCase->loadCase( $_SESSION['APPLICATION'], $_SESSION['INDEX'] );
//Check the authorization
$objCase = new \ProcessMaker\BusinessModel\Cases();
$aUserCanAccess = $objCase->userAuthorization(
$_SESSION['USER_LOGGED'],
$_SESSION['PROCESS'],
$_GET['APP_UID'],
array('PM_ALLCASES'),
array('SUMMARY_FORM' => 'VIEW')
);
if (isset($_SESSION['ACTION']) && ($_SESSION['ACTION'] == 'jump')) {
$Fields = $oCase->loadCase( $_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['ACTION']);
$process = new Process();
$processData = $process->load($Fields['PRO_UID']);
if (isset($processData['PRO_DYNAFORMS']['PROCESS']) && $processData['PRO_DYNAFORMS']['PROCESS'] != '' &&
$aUserCanAccess['objectPermissions']['SUMMARY_FORM']
) {
$_REQUEST['APP_UID'] = $Fields['APP_UID'];
$_REQUEST['DEL_INDEX'] = $Fields['DEL_INDEX'];
$_REQUEST['DYN_UID'] = $processData['PRO_DYNAFORMS']['PROCESS'];
require_once(PATH_METHODS . 'cases' . PATH_SEP . 'summary.php');
exit();
}
} else {
$Fields = $oCase->loadCase( $_SESSION['APPLICATION'], $_SESSION['INDEX']);
}
//Check the participated
$participated = $oCase->userParticipatedInCase( $_GET['APP_UID'], $_SESSION['USER_LOGGED'] );
//Check if is Supervisor
$processUser = new ProcessUser();
$userAccess = $processUser->validateUserAccess($Fields['PRO_UID'], $_SESSION['USER_LOGGED']);
if ($RBAC->userCanAccess( 'PM_ALLCASES' ) < 0 && !$participated && !$userAccess) {
if (!$aUserCanAccess['participated'] && !$aUserCanAccess['supervisor'] && !$aUserCanAccess['rolesPermissions']['PM_ALLCASES'] && !$aUserCanAccess['objectPermissions']['SUMMARY_FORM']) {
$aMessage['MESSAGE'] = G::LoadTranslation( 'ID_NO_PERMISSION_NO_PARTICIPATED' );
$G_PUBLISH = new Publisher();
$G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'login/showMessage', '', $aMessage );
@@ -133,36 +147,30 @@ if ($nTasksInParallel > 1) {
$Fields['TAS_TITLE'] = $aTask['TAS_TITLE'];
$objUser = new Users();
$oHeadPublisher = & headPublisher::getSingleton();
$oHeadPublisher->addScriptFile( '/jscore/cases/core/cases_Step.js' );
$G_PUBLISH = new Publisher();
$G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'cases/cases_Resume.xml', '', $Fields, '' );
if($Fields['APP_STATUS'] != 'COMPLETED'){
$G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'cases/cases_Resume_Current_Task_Title.xml', '', $Fields, '' );
$objDel = new AppDelegation();
$parallel = $objDel->LoadParallel ($Fields['APP_UID'],$_GET['DEL_INDEX']);
$FieldsPar = $Fields;
if(empty($parallel)){
$G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'cases/cases_Resume_Current_Task.xml', '', $Fields, '' );
}else{
foreach($parallel as $row){
$FieldsPar['TAS_UID'] = $row['TAS_UID'];
$aTask = $objTask->load( $row['TAS_UID'] );
$FieldsPar['TAS_TITLE'] = $aTask['TAS_TITLE'];
$FieldsPar['USR_UID'] = $row['USR_UID'];
if(isset($row['USR_UID']) && !empty($row['USR_UID'])) {
$aUser = $objUser->loadDetails ($row['USR_UID']);
$FieldsPar['CURRENT_USER'] = $aUser['USR_FULLNAME'];
}
$FieldsPar['DEL_DELEGATE_DATE'] = $row['DEL_DELEGATE_DATE'];
$FieldsPar['DEL_INIT_DATE'] = $row['DEL_INIT_DATE'];
$FieldsPar['DEL_TASK_DUE_DATE'] = $row['DEL_TASK_DUE_DATE'];
$FieldsPar['DEL_FINISH_DATE'] = $row['DEL_FINISH_DATE'];
$G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'cases/cases_Resume_Current_Task.xml', '', $FieldsPar, '' );
if ($Fields['APP_STATUS'] != 'COMPLETED') {
$G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'cases/cases_Resume_Current_Task_Title.xml', '', $Fields, '' );
$objDel = new AppDelegation();
$parallel = $objDel->LoadParallel($Fields['APP_UID']);
$FieldsPar = $Fields;
foreach ($parallel as $row) {
$FieldsPar['TAS_UID'] = $row['TAS_UID'];
$aTask = $objTask->load( $row['TAS_UID'] );
$FieldsPar['TAS_TITLE'] = $aTask['TAS_TITLE'];
$FieldsPar['USR_UID'] = $row['USR_UID'];
if (isset($row['USR_UID']) && !empty($row['USR_UID'])) {
$aUser = $objUser->loadDetails ($row['USR_UID']);
$FieldsPar['CURRENT_USER'] = $aUser['USR_FULLNAME'];
}
$FieldsPar['DEL_DELEGATE_DATE'] = $row['DEL_DELEGATE_DATE'];
$FieldsPar['DEL_INIT_DATE'] = $row['DEL_INIT_DATE'];
$FieldsPar['DEL_TASK_DUE_DATE'] = $row['DEL_TASK_DUE_DATE'];
$FieldsPar['DEL_FINISH_DATE'] = $row['DEL_FINISH_DATE'];
$G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'cases/cases_Resume_Current_Task.xml', '', $FieldsPar);
}
}
}
G::RenderPage('publish', 'blank');

2
workflow/engine/methods/cases/cases_Step.php
View File

@@ -1009,7 +1009,7 @@ try {
$aFields['TASK'][$sKey]['NEXT_TASK']['TAS_TRANSFER_HIDDEN_FLY'] = "<input type=hidden name='" . $hiddenName . "[NEXT_TASK][TAS_TRANSFER_HIDDEN_FLY]' id='" . $hiddenName . "[NEXT_TASK][TAS_TRANSFER_HIDDEN_FLY]' value=" . $aValues['NEXT_TASK']['TAS_TRANSFER_FLY'] . ">";
if ($aValues['NEXT_TASK']['TAS_TRANSFER_FLY'] == 'true') {
$aFields['TASK'][$sKey]['NEXT_TASK']['TAS_DURATION'] = '<input type="text" size="5" name="' . $hiddenName . '[NEXT_TASK][TAS_DURATION]" id="' . $hiddenName . '[NEXT_TASK][TAS_DURATION]" value="' . $aValues['NEXT_TASK']['TAS_DURATION'] . '">';
$hoursSelected = $daysSelected = '';
$hoursSelected = $daysSelected = $minSelected = '';
if ($aFields['TASK'][$sKey]['NEXT_TASK']['TAS_TIMEUNIT'] == 'HOURS') {
$hoursSelected = "selected = 'selected'";
} else {

7
workflow/engine/methods/cases/proxyNewCasesList.php
View File

@@ -10,9 +10,6 @@ if (!isset($_SESSION['USER_LOGGED'])) {
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$_GET = $filter->xssFilterHard($_GET);
$_REQUEST = $filter->xssFilterHard($_REQUEST);
$_SESSION['USER_LOGGED'] = $filter->xssFilterHard($_SESSION['USER_LOGGED']);
try {
$userUid = $_SESSION['USER_LOGGED'];
@@ -162,7 +159,7 @@ try {
$record["APP_UPDATE_DATE"] = $record["DEL_DELEGATE_DATE"];
}
if (isset($record['DEL_CURRENT_TAS_TITLE'])) {
if (isset($record['DEL_CURRENT_TAS_TITLE']) && $record['DEL_CURRENT_TAS_TITLE'] != '') {
$record['APP_TAS_TITLE'] = $record['DEL_CURRENT_TAS_TITLE'];
}
@@ -195,8 +192,6 @@ try {
$response['filters'] = $filtersData;
$response['totalCount'] = $list->countTotal($userUid, $filtersData);
$response = $filter->xssFilterHard($response);
$response['data'] = \ProcessMaker\Util\DateTime::convertUtcToTimeZone($result);
echo G::json_encode($response);

1
workflow/engine/methods/cases/summary.php
View File

@@ -69,7 +69,6 @@ try {
$result = DynaformPeer::doSelectRS($criteria);
$result->setFetchmode(ResultSet::FETCHMODE_ASSOC);
if ($result->next()) {
G::LoadClass('pmDynaform');
G::LoadClass('pmDynaform');
$FieldsPmDynaform = $applicationFields;
$FieldsPmDynaform["CURRENT_DYNAFORM"] = $_REQUEST['DYN_UID'];

14
workflow/engine/methods/setup/pluginsChange.php
View File

@@ -92,16 +92,12 @@ if ($handle = opendir( PATH_PLUGINS )) {
/**
* Calls PMExtensionClass Builder to include Plugins changes.
*/
$config = Bootstrap::getSystemConfiguration();
if (!empty($config['experimental_features'])) {
$phpBuilder = new ProcessMakerPhpBuilderHelper();
$phpBuilder->enabledExtensions = $oPluginRegistry->getEnabledPlugins();
if (!empty($phpBuilder->enabledExtensions)) {
$phpBuilder->extension = true;
}
$phpBuilder->buildAll();
$phpBuilder = new ProcessMakerPhpBuilderHelper();
$phpBuilder->enabledExtensions = $oPluginRegistry->getEnabledPlugins();
if (!empty($phpBuilder->enabledExtensions)) {
$phpBuilder->extension = true;
}
$phpBuilder->buildAll();
}
//$oPluginRegistry->showArrays();

45
workflow/engine/src/ProcessMaker/BusinessModel/Cases.php
View File

@@ -3252,4 +3252,49 @@ class Cases
$result = $case->updateCase($applicationUid, $arrayApplicationData);
}
}
/**
* Get Permissions, Participate, Access
*
* @param string $usrUid
* @param string $proUid
* @param string $appUid
* @param array $rolesPermissions
* @param array $objectPermissions
* @return array Returns array with all access
*/
public function userAuthorization($usrUid, $proUid, $appUid, $rolesPermissions = array(), $objectPermissions = array()) {
$arrayAccess = array();
//User has participated
$oParticipated = new \ListParticipatedLast();
$aParticipated = $oParticipated->loadList($usrUid, array(), null, $appUid);
$arrayAccess['participated'] = (count($aParticipated) == 0) ? false : true;
//User is supervisor
$supervisor = new \ProcessMaker\BusinessModel\ProcessSupervisor();
$isSupervisor = $supervisor->isUserProcessSupervisor($proUid, $usrUid);
$arrayAccess['supervisor'] = ($isSupervisor) ? true : false;
//Roles Permissions
if (count($rolesPermissions) > 0) {
global $RBAC;
foreach ($rolesPermissions as $value) {
$arrayAccess['rolesPermissions'][$value] = ($RBAC->userCanAccess($value) < 0) ? false : true;
}
}
//Object Permissions
if (count($objectPermissions) > 0) {
$oCase = new \Cases();
foreach ($objectPermissions as $key => $value) {
$resPermission = $oCase->getAllObjectsFrom($proUid, $appUid, '', $usrUid, $value);
if (isset($resPermission[$key])) {
$arrayAccess['objectPermissions'][$key] = $resPermission[$key];
}
}
}
return $arrayAccess;
}
}

10
workflow/engine/src/ProcessMaker/BusinessModel/Cases/InputDocument.php
View File

@@ -971,6 +971,16 @@ class InputDocument
$aFields = array("APP_UID" => $appUid, "DEL_INDEX" => $delIndex, "USR_UID" => $userUid, "DOC_UID" => -1, "APP_DOC_TYPE" => "ATTACHED", "APP_DOC_CREATE_DATE" => date("Y-m-d H:i:s"), "APP_DOC_COMMENT" => "", "APP_DOC_TITLE" => "", "APP_DOC_FILENAME" => $arrayFileName[$i], "APP_DOC_FIELDNAME" => $fieldName);
}
$sExtension = pathinfo($aFields["APP_DOC_FILENAME"]);
if (\Bootstrap::getDisablePhpUploadExecution() === 1 && $sExtension["extension"] === 'php') {
$message = \G::LoadTranslation('THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED');
\Bootstrap::registerMonologPhpUploadExecution('phpUpload', 550, $message, $sFileName);
\G::SendMessageText($message, "ERROR");
$backUrlObj = explode("sys" . SYS_SYS, $_SERVER['HTTP_REFERER']);
\G::header("location: " . "/sys" . SYS_SYS . $backUrlObj[1]);
die();
}
$oAppDocument = new \AppDocument();
$oAppDocument->create($aFields);

5
workflow/engine/src/ProcessMaker/BusinessModel/FilesManager.php
View File

@@ -187,6 +187,11 @@ class FilesManager
if ($extention == '.exe') {
throw new \Exception(\G::LoadTranslation('ID_FILE_UPLOAD_INCORRECT_EXTENSION'));
}
if (\Bootstrap::getDisablePhpUploadExecution() === 1 && $extention === '.php') {
$message = \G::LoadTranslation('THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED');
\Bootstrap::registerMonologPhpUploadExecution('phpUpload', 550, $message, $aData['prf_filename']);
throw new \Exception($message);
}
break;
default:
$sDirectory = PATH_DATA_MAILTEMPLATES . $sProcessUID . PATH_SEP . $sSubDirectory . $aData['prf_filename'];

10
workflow/engine/src/ProcessMaker/BusinessModel/Light.php
View File

@@ -902,6 +902,16 @@ class Light
$response = array();
if (is_array($request_data)) {
foreach ($request_data as $k => $file) {
$ext = pathinfo($file['name'], PATHINFO_EXTENSION);
if (\Bootstrap::getDisablePhpUploadExecution() === 1 && $ext === 'php') {
$message = \G::LoadTranslation('THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED');
\Bootstrap::registerMonologPhpUploadExecution('phpUpload', 550, $message, $file['name']);
$response[$k]['error'] = array(
"code" => "400",
"message" => $message
);
continue;
}
$oCase = new \Cases();
$delIndex = $oCase->getCurrentDelegation($app_uid, $userUid);
$docUid = !empty($file['docUid']) ? $file['docUid'] : -1;

5
workflow/engine/src/ProcessMaker/BusinessModel/Light/NotificationDevice.php
View File

@@ -199,11 +199,6 @@ class NotificationDevice
$devices = $oNoti->loadUsersArrayId($userIds);
} else {
$devices = $oNoti->loadByUsersId($userIds);
$lists = new \ProcessMaker\BusinessModel\Lists();
$counter = $lists->getCounters($userIds);
$light = new \ProcessMaker\Services\Api\Light();
$result = $light->parserCountersCases($counter);
$data['counters'] = $result;
}
$devicesAndroidIds = array();

26
workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php
View File

@@ -129,14 +129,14 @@ class ProcessSupervisor
$sql = "
SELECT DISTINCT " . \GroupUserPeer::GRP_UID . "
FROM " . \GroupUserPeer::TABLE_NAME . ", " . \UsersPeer::TABLE_NAME . ",
" . \UsersRolesPeer::TABLE_NAME . ", " . \RolesPermissionsPeer::TABLE_NAME . ", " . \PermissionsPeer::TABLE_NAME . "
" . DB_RBAC_NAME . '.' . \UsersRolesPeer::TABLE_NAME . ", " . DB_RBAC_NAME . '.' . \RolesPermissionsPeer::TABLE_NAME . ", " . DB_RBAC_NAME . '.' . \PermissionsPeer::TABLE_NAME . "
WHERE " . \GroupUserPeer::GRP_UID . " = " . \GroupwfPeer::GRP_UID . " AND
" . \GroupUserPeer::USR_UID . " = " . \UsersPeer::USR_UID . " AND " . \UsersPeer::USR_STATUS . " = " . $delimiter . "ACTIVE" . $delimiter . " AND
" . \UsersPeer::USR_UID . " = " . \UsersRolesPeer::USR_UID . " AND
" . \UsersRolesPeer::ROL_UID . " = " . \RolesPermissionsPeer::ROL_UID . " AND
" . \RolesPermissionsPeer::PER_UID . " = " . \PermissionsPeer::PER_UID . " AND
" . \PermissionsPeer::PER_CODE . " = " . $delimiter . "PM_SUPERVISOR" . $delimiter . " AND
" . \PermissionsPeer::PER_SYSTEM . " = " . $delimiter . $arrayRbacSystemData["SYS_CODE"] . $delimiter . "
" . \UsersPeer::USR_UID . " = " . DB_RBAC_NAME . '.' . \UsersRolesPeer::USR_UID . " AND
" . DB_RBAC_NAME . '.' . \UsersRolesPeer::ROL_UID . " = " . DB_RBAC_NAME . '.' . \RolesPermissionsPeer::ROL_UID . " AND
" . DB_RBAC_NAME . '.' . \RolesPermissionsPeer::PER_UID . " = " . DB_RBAC_NAME . '.' . \PermissionsPeer::PER_UID . " AND
" . DB_RBAC_NAME . '.' . \PermissionsPeer::PER_CODE . " = " . $delimiter . "PM_SUPERVISOR" . $delimiter . " AND
" . DB_RBAC_NAME . '.' . \PermissionsPeer::PER_SYSTEM . " = " . $delimiter . $arrayRbacSystemData["SYS_CODE"] . $delimiter . "
";
$criteriaGroup->add(
@@ -209,13 +209,13 @@ class ProcessSupervisor
break;
case "AVAILABLE":
$sql = "
SELECT DISTINCT " . \UsersRolesPeer::USR_UID . "
FROM " . \UsersRolesPeer::TABLE_NAME . ", " . \RolesPermissionsPeer::TABLE_NAME . ", " . \PermissionsPeer::TABLE_NAME . "
WHERE " . \UsersRolesPeer::USR_UID . " = " . \UsersPeer::USR_UID . " AND
" . \UsersRolesPeer::ROL_UID . " = " . \RolesPermissionsPeer::ROL_UID . " AND
" . \RolesPermissionsPeer::PER_UID . " = " . \PermissionsPeer::PER_UID . " AND
" . \PermissionsPeer::PER_CODE . " = " . $delimiter . "PM_SUPERVISOR" . $delimiter . " AND
" . \PermissionsPeer::PER_SYSTEM . " = " . $delimiter . $arrayRbacSystemData["SYS_CODE"] . $delimiter . "
SELECT DISTINCT " . DB_RBAC_NAME . '.' . \UsersRolesPeer::USR_UID . "
FROM " . DB_RBAC_NAME . '.' . \UsersRolesPeer::TABLE_NAME . ", " . DB_RBAC_NAME . '.' . \RolesPermissionsPeer::TABLE_NAME . ", " . DB_RBAC_NAME . '.' . \PermissionsPeer::TABLE_NAME . "
WHERE " . DB_RBAC_NAME . '.' . \UsersRolesPeer::USR_UID . " = " . \UsersPeer::USR_UID . " AND
" . DB_RBAC_NAME . '.' . \UsersRolesPeer::ROL_UID . " = " . DB_RBAC_NAME . '.' . \RolesPermissionsPeer::ROL_UID . " AND
" . DB_RBAC_NAME . '.' . \RolesPermissionsPeer::PER_UID . " = " . DB_RBAC_NAME . '.' . \PermissionsPeer::PER_UID . " AND
" . DB_RBAC_NAME . '.' . \PermissionsPeer::PER_CODE . " = " . $delimiter . "PM_SUPERVISOR" . $delimiter . " AND
" . DB_RBAC_NAME . '.' . \PermissionsPeer::PER_SYSTEM . " = " . $delimiter . $arrayRbacSystemData["SYS_CODE"] . $delimiter . "
";
$criteriaUser->add(

3
workflow/engine/src/ProcessMaker/Core/RoutingScreen.php
View File

@@ -65,6 +65,9 @@ class RoutingScreen extends \Derivation
} else {
$aDataMerged[$key]['NEXT_ROUTING'][] = $post[$i];
}
if (isset($post[$i]['NEXT_TASK'])) {
$aDataMerged[$key]['NEXT_TASK'] = $post[$i]['NEXT_TASK'];
}
}
}
}

27
workflow/engine/src/ProcessMaker/Services/Api/Light.php
View File

@@ -30,6 +30,31 @@ class Light extends Api
'delRiskDate'
];
public function __isAllowed()
{
try {
$methodName = $this->restler->apiMethodInfo->methodName;
$arrayArgs = $this->restler->apiMethodInfo->arguments;
switch ($methodName) {
case 'doIfAlreadyRoute':
$applicationUid = $this->parameters[$arrayArgs['app_uid']];
$delIndex = $this->parameters[$arrayArgs['cas_index']];
$userUid = $this->getUserId();
//Check if the user has the case
$appDelegation = new \AppDelegation();
$aCurUser = $appDelegation->getCurrentUsers($applicationUid, $delIndex);
if (!empty($aCurUser) && in_array($userUid, $aCurUser)) {
return true;
}
return false;
break;
}
return false;
} catch (\Exception $e) {
throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage());
}
}
/**
* Constructor of the class
*
@@ -793,6 +818,8 @@ class Light extends Api
/**
* Get Already Route
*
* @access protected
* @class AccessControl {@className \ProcessMaker\Services\Api\Light}
* @param string $app_uid {@min 1}{@max 32}
* @param int $cas_index
*

3
workflow/engine/templates/cases/casesList.js
View File

@@ -2050,7 +2050,8 @@ Ext.onReady ( function() {
btnReassign,
"->",
_("ID_USER"),
comboAllUsers,
suggestUser,
resetSuggestButton,
"-",
_("ID_CATEGORY"),
comboCategory,

52
workflow/engine/templates/cases/main.js
View File

@@ -16,7 +16,6 @@ var propStore;
var triggerStore;
var debugVariablesFilter;
var ReloadTreeMenuItemDetail;
var NOTIFIER_FLAG = false;
var result;
var _action = '';
@@ -258,39 +257,6 @@ Ext.onReady(function(){
}
});
var treeMenuItemDetail = new Ext.tree.TreePanel({
id: 'tree_menuItem_detail',
region: 'south',
animate:true,
autoScroll:true,
loader: new Ext.tree.TreeLoader({
dataUrl:'casesMenuLoader?action=getProcess'
}),
enableDD:true,
containerScroll: true,
border: false,
width: 250,
height: 120,
dropConfig: {appendOnly:true},
collapsible: true,
split: true,
margins: '0 2 2 2',
cmargins: '2 2 2 2',
rootVisible: false,
root: new Ext.tree.AsyncTreeNode()/*,
tbar: [{
text: 'reload',
handler: ReloadTreeMenuItemDetail
}]*/
});
ReloadTreeMenuItemDetail = function(params){
treeMenuItemDetail.loader.dataUrl = 'casesMenuLoader?action=getProcess&item='+params.item;
treeMenuItemDetail.root.reload();
}
// set the root node
var root = new Ext.tree.AsyncTreeNode({
text: 'Ext JS',
@@ -300,8 +266,6 @@ Ext.onReady(function(){
expanded:true
});
treeMenuItemDetail.setRootNode(root);
mainMenu = new Ext.Panel({
id:'menuTreePanel',
title: '',
@@ -317,8 +281,7 @@ Ext.onReady(function(){
margins: '0 0 0 2',
items: [
treeMenuItems,
treeMenuItemDetail
treeMenuItems
]
});
mainMenu.setTitle("<div style=\"height: 18px;\"><a href=\"javascript:;\"><img id=\"refreshNotifiers\" src=\"/images/refresh.gif\" onclick=\"updateCasesTree(); updateCasesView();\" /></a></div>");
@@ -530,15 +493,6 @@ Ext.onReady(function(){
menuPanelC.hide();
menuPanelC.ownerCt.doLayout();
/**show*/
//w.show();
//w.ownerCt.doLayout();
//w.expand();
var menuPanelDetail = Ext.getCmp('tree_menuItem_detail');
menuPanelDetail.hide();
menuPanelDetail.ownerCt.doLayout();
//FORMATS.casesListRefreshTime is in seconds
setTimeout("timer()", parseInt(FORMATS.casesListRefreshTime) * 1000);
});
@@ -571,9 +525,7 @@ function updateCasesTree() {
document.getElementById('refreshNotifiers').src = '/images/ext/default/grid/loading.gif';
itemsTypes = Array('CASES_INBOX', 'CASES_DRAFT', 'CASES_CANCELLED', 'CASES_SENT', 'CASES_PAUSED', 'CASES_COMPLETED', 'CASES_SELFSERVICE');
if (currentSelectedTreeMenuItem) {
ReloadTreeMenuItemDetail({item: currentSelectedTreeMenuItem});
}
Ext.Ajax.request({
url: urlProxy + Math.random(),
success: function (response) {

2
workflow/engine/templates/cases/reassignList.js
View File

@@ -32,7 +32,7 @@
var storeUsersToReassign = new Ext.data.Store({
remoteSort: false,
autoLoad:true,
autoLoad:false,
proxy : proxyUsersToReassignList,
reader: readerUsersToReassignList,
writer: writerUsersToReassignList, // <-- plug a DataWriter into the store just as you would a Reader

2
workflow/public_html/.htaccess
View File

@@ -3,7 +3,7 @@
Deny from all
</FilesMatch>
<FilesMatch "^(app|sysGeneric)\.php$">
<FilesMatch "^(app|sysGeneric|gmail)\.php">
Order Allow,Deny
Allow from All
</FilesMatch>

45
workflow/public_html/sysGeneric.php
View File

@@ -117,6 +117,10 @@ if (file_exists($requestFile)) {
header( "location: /errors/error404.php?url=" . urlencode( $_SERVER['REQUEST_URI'] ) );
die;
}
if ($request === "app.php" || $request === "sysGeneric.php") {
//HTTP/1.0 403 Forbidden
http_response_code(403);
}
$pos = strripos($request, ".") + 1;
$size = strlen($request);
if($pos < $size) {
@@ -307,20 +311,11 @@ if (!(array_key_exists('REMOTE_USER', $_SERVER) && (string)($_SERVER['REMOTE_USE
ini_set('session.cookie_httponly', 1);
ini_set('session.cookie_secure', 1);
}
//$e_all = defined( 'E_DEPRECATED' ) ? E_ALL & ~ E_DEPRECATED : E_ALL;
//$e_all = defined( 'E_STRICT' ) ? $e_all & ~ E_STRICT : $e_all;
//$e_all = $config['debug'] ? $e_all : $e_all & ~ E_NOTICE;
//$e_all = E_ALL & ~ E_DEPRECATED & ~ E_STRICT & ~ E_NOTICE & ~E_WARNING;
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$config['display_errors'] = $filter->validateInput($config['display_errors']);
$config['error_reporting'] = $filter->validateInput($config['error_reporting']);
$config['memory_limit'] = $filter->validateInput($config['memory_limit']);
$config['wsdl_cache'] = $filter->validateInput($config['wsdl_cache'],'int');
$config['time_zone'] = $filter->validateInput($config['time_zone']);
// Do not change any of these settings directly, use env.ini instead
ini_set( 'display_errors', $config['display_errors']);
ini_set( 'error_reporting', $config['error_reporting']);
@@ -342,6 +337,7 @@ define ('WS_IN_LOGIN', isset($config['WS_IN_LOGIN']) ? $config['WS_IN_LOGIN'] :
define('LOAD_HEADERS_IE', $config['load_headers_ie']);
define('LEAVE_CASE_WARNING', $config['leave_case_warning']);
define('REDIRECT_TO_MOBILE', $config['redirect_to_mobile']);
define('DISABLE_PHP_UPLOAD_EXECUTION', $config['disable_php_upload_execution']);
// IIS Compatibility, SERVER_ADDR doesn't exist on that env, so we need to define it.
$_SERVER['SERVER_ADDR'] = isset( $_SERVER['SERVER_ADDR'] ) ? $_SERVER['SERVER_ADDR'] : $_SERVER['SERVER_NAME'];
@@ -515,7 +511,6 @@ if (defined( 'PATH_DATA' ) && file_exists( PATH_DATA )) {
$oServerConf = & serverConf::getSingleton();
}
$pathFile = PATH_THIRDPARTY . '/pear/PEAR.php';
$pathFile = $filter->validateInput($pathFile,'path');
require_once $pathFile;
//Bootstrap::LoadSystem( 'pmException' );
@@ -531,7 +526,6 @@ if (! defined( 'PATH_DATA' ) || ! file_exists( PATH_DATA )) {
//NewRelic Snippet - By JHL
transactionLog(PATH_CONTROLLERS.'installer.php');
$pathFile = PATH_CONTROLLERS . 'installer.php';
$pathFile = $filter->validateInput($pathFile,'path');
require_once ($pathFile);
$controller = 'Installer';
@@ -578,7 +572,6 @@ if ($oServerConf->isWSDisabled( SYS_TEMP )) {
if (defined( 'SYS_TEMP' ) && SYS_TEMP != '') {
//this is the default, the workspace db.php file is in /shared/workflow/sites/SYS_SYS
$pathFile = PATH_DB . SYS_TEMP . '/db.php';
$pathFile = $filter->validateInput($pathFile,'path');
if (file_exists( $pathFile )) {
require_once ($pathFile);
define( 'SYS_SYS', SYS_TEMP );
@@ -600,7 +593,6 @@ if (defined( 'SYS_TEMP' ) && SYS_TEMP != '') {
} else { //when we are in global pages, outside any valid workspace
if (SYS_TARGET === 'newSite') {
$phpFile = G::ExpandPath( 'methods' ) . SYS_COLLECTION . "/" . SYS_TARGET . '.php';
$phpFile = $filter->validateInput($phpFile,'path');
//NewRelic Snippet - By JHL
transactionLog($phpFile);
require_once ($phpFile);
@@ -608,12 +600,11 @@ if (defined( 'SYS_TEMP' ) && SYS_TEMP != '') {
} else {
if (SYS_TARGET == "dbInfo") { //Show dbInfo when no SYS_SYS
$pathFile = PATH_METHODS . "login/dbInfo.php";
$pathFile = $filter->validateInput($pathFile,'path');
require_once ($pathFile);
} else {
if (substr( SYS_SKIN, 0, 2 ) === 'ux' && SYS_TARGET != 'sysLoginVerify') { // new ux sysLogin - extjs based form
$pathFile = $filter->validateInput(PATH_CONTROLLERS . 'main.php','path');
$pathFile = PATH_CONTROLLERS . 'main.php';
require_once $pathFile;
$controllerClass = 'Main';
$controllerAction = SYS_TARGET == 'sysLoginVerify' ? SYS_TARGET : 'sysLogin';
@@ -625,7 +616,7 @@ if (defined( 'SYS_TEMP' ) && SYS_TEMP != '') {
$controller->call( $controllerAction );
}
} else { // classic sysLogin interface
$pathFile = $filter->validateInput(PATH_METHODS . "login/sysLogin.php",'path');
$pathFile = PATH_METHODS . "login/sysLogin.php";
require_once ($pathFile);
die();
}
@@ -710,9 +701,7 @@ if (defined( 'DEBUG_SQL_LOG' ) && DEBUG_SQL_LOG) {
//Set Time Zone
/*----------------------------------********---------------------------------*/
if (PMLicensedFeatures::getSingleton()->verifyfeature('oq3S29xemxEZXJpZEIzN01qenJUaStSekY4cTdJVm5vbWtVM0d4S2lJSS9qUT0=')) {
$_SESSION['__SYSTEM_UTC_TIME_ZONE__'] = (int)($config['system_utc_time_zone']) == 1;
}
$_SESSION['__SYSTEM_UTC_TIME_ZONE__'] = (int)($config['system_utc_time_zone']) == 1;
/*----------------------------------********---------------------------------*/
ini_set('date.timezone', (isset($_SESSION['__SYSTEM_UTC_TIME_ZONE__']) && $_SESSION['__SYSTEM_UTC_TIME_ZONE__'])? 'UTC' : $config['time_zone']); //Set Time Zone
@@ -737,7 +726,7 @@ ob_start();
// Rebuild the base Workflow translations if not exists
if (! is_file( PATH_LANGUAGECONT . 'translation.en' )) {
$pathFile = $filter->validateInput(PATH_CLASSES . "model" . PATH_SEP . "Translation.php", "path");
$pathFile = PATH_CLASSES . "model" . PATH_SEP . "Translation.php";
require_once ($pathFile);
@@ -747,7 +736,7 @@ if (! is_file( PATH_LANGUAGECONT . 'translation.en' )) {
// TODO: Verify if the language set into url is defined in translations env.
if (SYS_LANG != 'en' && ! is_file( PATH_LANGUAGECONT . 'translation.' . SYS_LANG )) {
$pathFile = $filter->validateInput(PATH_CLASSES . "model" . PATH_SEP . "Translation.php", "path");
$pathFile = PATH_CLASSES . "model" . PATH_SEP . "Translation.php";
require_once ($pathFile);
@@ -813,6 +802,17 @@ if (substr( SYS_COLLECTION, 0, 8 ) === 'gulliver') {
die();
}
Bootstrap::initVendors();
Bootstrap::LoadSystem( 'monologProvider' );
if (\Bootstrap::getDisablePhpUploadExecution() === 1) {
$message = \G::LoadTranslation('THE_PHP_FILES_EXECUTION_WAS_DISABLED');
\Bootstrap::registerMonologPhpUploadExecution('phpExecution', 550, $message, $phpFile);
echo $message;
die();
} else {
\Bootstrap::registerMonologPhpUploadExecution('phpExecution', 200, 'Php Execution', $phpFile);
}
$avoidChangedWorkspaceValidation = true;
$bWE = true;
//$phpFile = PATH_DATA_SITE . 'public' . PATH_SEP . SYS_COLLECTION . PATH_SEP . $auxPart[ count($auxPart)-1];
@@ -821,7 +821,7 @@ if (substr( SYS_COLLECTION, 0, 8 ) === 'gulliver') {
//erik: verify if it is a Controller Class or httpProxyController Class
if (is_file( PATH_CONTROLLERS . SYS_COLLECTION . '.php' )) {
Bootstrap::LoadSystem( 'controller' );
$pathFile = $filter->validateInput(PATH_CONTROLLERS . SYS_COLLECTION . '.php','path');
$pathFile = PATH_CONTROLLERS . SYS_COLLECTION . '.php';
require_once $pathFile;
$controllerClass = SYS_COLLECTION;
//if the method name is empty set default to index method
@@ -854,7 +854,6 @@ if (substr( SYS_COLLECTION, 0, 8 ) === 'gulliver') {
$pluginControllerPath = PATH_PLUGINS . $pluginName . PATH_SEP . 'controllers' . PATH_SEP;
$pathFile = $pluginControllerPath. $controllerClass . '.php';
$pathFile = $filter->validateInput($pathFile,'path');
if (is_file($pathFile)) {
require_once $pathFile;
} elseif (is_file($pluginControllerPath. ucfirst($controllerClass) . '.php')) {