fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in bugfix/HOR-4609 (pull request #6503)

Browse Source 
HOR-4609

Approved-by: Dante Loayza <dante.loayza@colosa.com>
Approved-by: Paula Quispe <paula.quispe@processmaker.com>
Approved-by: Julio Cesar Laura Avendaño <contact@julio-laura.com>
This commit is contained in:
Julio Cesar Laura Avendaño
2018-06-05 18:18:52 +00:00
parent e53fc33551 0dc59aa919
commit 4f06dfa45b
11 changed files with 57 additions and 202 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
workflow/engine/methods/login/authentication.php
View File

@@ -1,27 +1,4 @@
<?php <?php
/**
* authentication.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*
*/
use ProcessMaker\Core\System; use ProcessMaker\Core\System;
use ProcessMaker\Plugins\PluginRegistry; use ProcessMaker\Plugins\PluginRegistry;
@@ -229,16 +206,6 @@ try {
} }
} }
/*----------------------------------********---------------------------------*/
if (PMLicensedFeatures::getSingleton()->verifyfeature('oq3S29xemxEZXJpZEIzN01qenJUaStSekY4cTdJVm5vbWtVM0d4S2lJSS9qUT0=')) {
//Update User Time Zone
if (isset($_POST['form']['BROWSER_TIME_ZONE'])) {
$user = new Users();
$user->update(['USR_UID' => $_SESSION['USER_LOGGED'], 'USR_TIME_ZONE' => $_POST['form']['BROWSER_TIME_ZONE']]);
}
}
/*----------------------------------********---------------------------------*/
//Set User Time Zone //Set User Time Zone
$user = UsersPeer::retrieveByPK($_SESSION['USER_LOGGED']); $user = UsersPeer::retrieveByPK($_SESSION['USER_LOGGED']);
@@ -263,20 +230,7 @@ try {
if ($timeZoneOffset === false || $timeZoneOffset != (int)($_POST['form']['BROWSER_TIME_ZONE_OFFSET'])) { if ($timeZoneOffset === false || $timeZoneOffset != (int)($_POST['form']['BROWSER_TIME_ZONE_OFFSET'])) {
$_SESSION['__TIME_ZONE_FAILED__'] = true; $_SESSION['__TIME_ZONE_FAILED__'] = true;
$_SESSION['USR_USERNAME'] = $usr; $_SESSION['BROWSER_TIME_ZONE'] = $dateTime->getTimeZoneIdByTimeZoneOffset((int)$_POST['form']['BROWSER_TIME_ZONE_OFFSET'], false);
$_SESSION['USR_PASSWORD'] = $pwd;
$_SESSION['BROWSER_TIME_ZONE'] = $dateTime->getTimeZoneIdByTimeZoneOffset((int)($_POST['form']['BROWSER_TIME_ZONE_OFFSET']), false);
$_SESSION['URL'] = (isset($_POST['form']['URL']))? $_POST['form']['URL'] : ((isset($_REQUEST['u']))? $_REQUEST['u'] : '');
$_SESSION['USER_LANG'] = $lang;
if (strpos($_SERVER['HTTP_REFERER'], 'home/login') !== false) {
$d = serialize(['u' => $usr, 'p' => $pwd, 'm' => '', 'timeZoneFailed' => 1, 'userTimeZone' => $_SESSION['USR_TIME_ZONE'], 'browserTimeZone' => $_SESSION['BROWSER_TIME_ZONE'],'USER_LANG' => $lang]);
$urlLogin = $urlLogin . '?d=' . base64_encode($d);
}
G::header('Location: ' . $urlLogin);
exit(0);
} }
} }
} }

49
workflow/engine/methods/login/authenticationSso.php
View File

@@ -30,16 +30,6 @@ try {
$userUid = (isset($_SESSION['USER_LOGGED']))? $_SESSION['USER_LOGGED'] : ((isset($_SESSION['__USER_LOGGED_SSO__']))? $_SESSION['__USER_LOGGED_SSO__'] : ''); $userUid = (isset($_SESSION['USER_LOGGED']))? $_SESSION['USER_LOGGED'] : ((isset($_SESSION['__USER_LOGGED_SSO__']))? $_SESSION['__USER_LOGGED_SSO__'] : '');
/*----------------------------------********---------------------------------*/
if (PMLicensedFeatures::getSingleton()->verifyfeature('oq3S29xemxEZXJpZEIzN01qenJUaStSekY4cTdJVm5vbWtVM0d4S2lJSS9qUT0=')) {
//Update User Time Zone
if (isset($_POST['form']['BROWSER_TIME_ZONE'])) {
$user = new Users();
$user->update(['USR_UID' => $userUid, 'USR_TIME_ZONE' => $_POST['form']['BROWSER_TIME_ZONE']]);
}
}
/*----------------------------------********---------------------------------*/
$arraySystemConfiguration = System::getSystemConfiguration('', '', config("system.workspace")); $arraySystemConfiguration = System::getSystemConfiguration('', '', config("system.workspace"));
//Set User Time Zone //Set User Time Zone
@@ -85,43 +75,8 @@ try {
} }
if ($timeZoneOffset === false || $timeZoneOffset != $browserTimeZoneOffset) { if ($timeZoneOffset === false || $timeZoneOffset != $browserTimeZoneOffset) {
$userUtcOffset = $dateTime->getUtcOffsetByTimeZoneOffset($timeZoneOffset); $_SESSION['__TIME_ZONE_FAILED__'] = true;
$browserUtcOffset = $dateTime->getUtcOffsetByTimeZoneOffset($browserTimeZoneOffset); $_SESSION['BROWSER_TIME_ZONE'] = $dateTime->getTimeZoneIdByTimeZoneOffset((int)$_POST['form']['BROWSER_TIME_ZONE_OFFSET'], false);
$arrayTimeZoneId = $dateTime->getTimeZoneIdByTimeZoneOffset($browserTimeZoneOffset);
array_unshift($arrayTimeZoneId, 'false');
array_walk(
$arrayTimeZoneId,
function (&$value, $key, $parameter)
{
$value = ['TZ_UID' => $value, 'TZ_NAME' => '(UTC ' . $parameter . ') ' . $value];
},
$browserUtcOffset
);
$_SESSION['_DBArray'] = ['TIME_ZONE' => $arrayTimeZoneId];
$arrayData = [
'USR_USERNAME' => '',
'USR_PASSWORD' => '',
'USR_TIME_ZONE' => '(UTC ' . $userUtcOffset . ') ' . $_SESSION['USR_TIME_ZONE'],
'BROWSER_TIME_ZONE' => $dateTime->getTimeZoneIdByTimeZoneOffset($browserTimeZoneOffset, false),
'USER_LANG' => SYS_LANG,
'URL' => $location
];
$G_PUBLISH = new Publisher();
$G_PUBLISH->AddContent(
'xmlform',
'xmlform',
'login' . PATH_SEP . 'TimeZoneAlert',
'',
$arrayData, SYS_URI . 'login/authenticationSso.php'
);
G::RenderPage('publish');
exit(0);
} }
} }
} }

55
workflow/engine/methods/login/login.php
View File

@@ -163,25 +163,6 @@ if (isset ($_SESSION['USER_LOGGED'])) {
} }
//end log //end log
/*----------------------------------********---------------------------------*/
$timeZoneFailed = false;
if (isset($_SESSION['__TIME_ZONE_FAILED__']) && $_SESSION['__TIME_ZONE_FAILED__']) {
$timeZoneFailed = true;
$userUsername = $_SESSION['USR_USERNAME'];
$userPassword = $_SESSION['USR_PASSWORD'];
$userTimeZone = $_SESSION['USR_TIME_ZONE'];
$browserTimeZone = $_SESSION['BROWSER_TIME_ZONE'];
$url = $_SESSION['URL'];
if(isset($_SESSION['USER_LANG'])){
$lang = $_SESSION['USER_LANG'];
}else{
$lang = SYS_LANG;
}
}
/*----------------------------------********---------------------------------*/
//start new session //start new session
@session_destroy(); @session_destroy();
session_start(); session_start();
@@ -223,42 +204,6 @@ if (in_array(G::encryptOld($licenseManager->result), array('38afd7ae34bd5e3e6fc1
die(); die();
} }
if ($timeZoneFailed) {
$dateTime = new \ProcessMaker\Util\DateTime();
$userTimeZoneOffset = $dateTime->getTimeZoneOffsetByTimeZoneId($userTimeZone);
$browserTimeZoneOffset = $dateTime->getTimeZoneOffsetByTimeZoneId($browserTimeZone);
$userUtcOffset = $dateTime->getUtcOffsetByTimeZoneOffset($userTimeZoneOffset);
$browserUtcOffset = $dateTime->getUtcOffsetByTimeZoneOffset($browserTimeZoneOffset);
$arrayTimeZoneId = $dateTime->getTimeZoneIdByTimeZoneOffset($browserTimeZoneOffset);
array_unshift($arrayTimeZoneId, 'false');
array_walk($arrayTimeZoneId, function (&$value, $key, $parameter) { $value = ['TZ_UID' => $value, 'TZ_NAME' => '(UTC ' . $parameter . ') ' . $value]; }, $browserUtcOffset);
$_SESSION['_DBArray'] = ['TIME_ZONE' => $arrayTimeZoneId];
$arrayData = [
'USR_USERNAME' => $userUsername,
'USR_PASSWORD' => $userPassword,
'USR_TIME_ZONE' => '(UTC ' . $userUtcOffset . ') ' . $userTimeZone,
'BROWSER_TIME_ZONE' => $browserTimeZone,
'USER_LANG' => $lang,
'URL' => $url
];
$G_PUBLISH = new Publisher();
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'login' . PATH_SEP . 'TimeZoneAlert', '', $arrayData, SYS_URI . 'login/authentication.php');
G::RenderPage('publish');
// Destroy a significant value in session
global $G_FORM;
unset($_SESSION[$G_FORM->id]['USR_PASSWORD']);
exit(0);
}
/*----------------------------------********---------------------------------*/ /*----------------------------------********---------------------------------*/
//translation //translation

3
workflow/engine/methods/login/sysLogin.php
View File

@@ -32,9 +32,6 @@ if ($browserSupported==false){
} }
/*----------------------------------********---------------------------------*/ /*----------------------------------********---------------------------------*/
if (isset ($_POST['form']['USER_ENV'])) { if (isset ($_POST['form']['USER_ENV'])) {
@session_destroy();
session_start();
$_SESSION['sysLogin'] = $_POST['form'];
$data = base64_encode(serialize($_POST)); $data = base64_encode(serialize($_POST));
$url = sprintf('/sys%s/%s/%s/login/sysLoginVerify?d=%s', $_POST['form']['USER_ENV'], SYS_LANG, SYS_SKIN, $data); $url = sprintf('/sys%s/%s/%s/login/sysLoginVerify?d=%s', $_POST['form']['USER_ENV'], SYS_LANG, SYS_SKIN, $data);
G::header("location: $url"); G::header("location: $url");

30
workflow/engine/methods/login/sysLoginVerify.php
View File

@@ -1,29 +1,5 @@
<?php <?php
/**
* sysLoginVerify.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*
*/
if (array_key_exists("d", $_GET)) { if (array_key_exists("d", $_GET)) {
$str = base64_decode($_GET["d"]); $str = base64_decode($_GET["d"]);
if (preg_match('/^a:[0-9]+:{/', $str) && !preg_match('/(^|;|{|})O:\+?[0-9]+:"/', $str)) { if (preg_match('/^a:[0-9]+:{/', $str) && !preg_match('/(^|;|{|})O:\+?[0-9]+:"/', $str)) {
@@ -34,11 +10,5 @@ if (array_key_exists("d", $_GET)) {
if (!isset($_POST)) { if (!isset($_POST)) {
G::header('location: /sys/' . $lang . '/' . SYS_SKIN . '/' . 'login/login'); G::header('location: /sys/' . $lang . '/' . SYS_SKIN . '/' . 'login/login');
} }
if (isset($_SESSION['sysLogin'])) {
$_POST['form'] = $_SESSION['sysLogin'];
// Destroy variables already assigned to the global variable $_POST
unset($_SESSION['sysLogin']);
}
require_once 'authentication.php'; require_once 'authentication.php';

15
workflow/engine/methods/login/updateTimezone.php Normal file
View File

@@ -0,0 +1,15 @@
<?php
// Update the selected timezone for the user
if (PMLicensedFeatures::getSingleton()->verifyfeature('oq3S29xemxEZXJpZEIzN01qenJUaStSekY4cTdJVm5vbWtVM0d4S2lJSS9qUT0=')) {
// Update User Time Zone
if (isset($_POST['form']['BROWSER_TIME_ZONE'])) {
$user = new Users();
$user->update(['USR_UID' => $_SESSION['USER_LOGGED'], 'USR_TIME_ZONE' => $_POST['form']['BROWSER_TIME_ZONE']]);
$_SESSION['USR_TIME_ZONE'] = $_POST['form']['BROWSER_TIME_ZONE'];
unset($_SESSION['__TIME_ZONE_FAILED__'], $_SESSION['BROWSER_TIME_ZONE']);
}
// Redirect to origin page
G::header('Location: ' . $_SERVER['HTTP_REFERER']);
}

4
workflow/engine/skinEngine/neoclassic/layout.html
View File

@@ -7,8 +7,8 @@
<link rel="shortcut icon" href="/images/favicon.ico" type="image/x-icon" /> <link rel="shortcut icon" href="/images/favicon.ico" type="image/x-icon" />
{$header} {$header}
</head> </head>
{if $user_logged neq '' or $tracker neq ''} {if ($user_logged neq '' or $tracker neq '') and $timezone_status neq 'failed'}
<body> <body>
<table width="100%" height="100%" cellpadding="0" cellspacing="0" border="0" id="pm_main_table"> <table width="100%" height="100%" cellpadding="0" cellspacing="0" border="0" id="pm_main_table">
<tr> <tr>
<td id="pm_header" valign="top" {if $user_logged neq '' or $tracker neq ''}style="border-bottom:1px solid #e7e7e7;"{/if}> <td id="pm_header" valign="top" {if $user_logged neq '' or $tracker neq ''}style="border-bottom:1px solid #e7e7e7;"{/if}>

1
workflow/engine/skinEngine/skinEngine.php
View File

@@ -763,6 +763,7 @@ class SkinEngine
$smarty->assign('tracker', $smarty->assign('tracker',
(SYS_COLLECTION == 'tracker') ? (($G_PUBLISH->Parts[0]['File'] != 'tracker/login') ? true : '') : ''); (SYS_COLLECTION == 'tracker') ? (($G_PUBLISH->Parts[0]['File'] != 'tracker/login') ? true : '') : '');
} }
$smarty->assign('timezone_status', (isset($_SESSION['__TIME_ZONE_FAILED__']) && $_SESSION['__TIME_ZONE_FAILED__']) ? 'failed' : 'ok');
$smarty->assign('switch_interface', $switch_interface); $smarty->assign('switch_interface', $switch_interface);
$smarty->assign('switch_interface_label', G::LoadTranslation('ID_SWITCH_INTERFACE')); $smarty->assign('switch_interface_label', G::LoadTranslation('ID_SWITCH_INTERFACE'));
$smarty->assign('rolename', isset($_SESSION['USR_ROLENAME']) ? $_SESSION['USR_ROLENAME'] . '' : ''); $smarty->assign('rolename', isset($_SESSION['USR_ROLENAME']) ? $_SESSION['USR_ROLENAME'] . '' : '');

7
workflow/engine/xmlform/login/TimeZoneAlert.html
View File

@@ -8,13 +8,7 @@
<form id="{$form_id}" method="post" enctype="multipart/form-data" action="{$form_action}" class="form-signin" style="margin:0px;" accept-charset="UTF-8" role="form"> <form id="{$form_id}" method="post" enctype="multipart/form-data" action="{$form_action}" class="form-signin" style="margin:0px;" accept-charset="UTF-8" role="form">
{$form.BROWSER_TIME_ZONE_OFFSET} {$form.BROWSER_TIME_ZONE_OFFSET}
{$form.URL}
{$form.USR_USERNAME}
{$form.USR_PASSWORD}
{$form.USER_LANG}
{$form.USR_TIME_ZONE} {$form.USR_TIME_ZONE}
<fieldset> <fieldset>
<label class="panel-login"> <label class="panel-login">
<div class="login_result" style="text-align: left;"> <div class="login_result" style="text-align: left;">
@@ -35,4 +29,3 @@
</form> </form>
<script src="/lib/pmdynaform/libs/respondjs/respond.min.js"></script> <script src="/lib/pmdynaform/libs/respondjs/respond.min.js"></script>
<script src="/lib/pmdynaform/libs/html5shiv/html5shiv.js"></script> <script src="/lib/pmdynaform/libs/html5shiv/html5shiv.js"></script>

6
workflow/engine/xmlform/login/TimeZoneAlert.xml
View File

@@ -1,11 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<dynaForm type="xmlform" name="login/TimeZoneAlert" enabletemplate="1"> <dynaForm type="xmlform" name="login/TimeZoneAlert" enabletemplate="1">
<BROWSER_TIME_ZONE_OFFSET type="hidden" /> <BROWSER_TIME_ZONE_OFFSET type="hidden" />
<URL type="hidden" />
<USR_USERNAME type="hidden" />
<USR_PASSWORD type="hidden" />
<USER_LANG type="hidden" />
<USR_TIME_ZONE type="hidden" /> <USR_TIME_ZONE type="hidden" />
@@ -46,4 +41,3 @@
]]> ]]>
</JS> </JS>
</dynaForm> </dynaForm>

41
workflow/public_html/sysGeneric.php
View File

@@ -1038,13 +1038,44 @@ if (! defined( 'EXECUTE_BY_CRON' )) {
} }
$_SESSION['phpLastFileFound'] = $_SERVER['REQUEST_URI']; $_SESSION['phpLastFileFound'] = $_SERVER['REQUEST_URI'];
/*----------------------------------********---------------------------------*/
// Check if the timezone for the user is valid
if (!empty($_SESSION['USER_LOGGED']) && isset($_SESSION['__TIME_ZONE_FAILED__']) && $_SESSION['__TIME_ZONE_FAILED__'] &&
(SYS_COLLECTION != 'login' && SYS_TARGET != 'login')) {
$userTimeZone = $_SESSION['USR_TIME_ZONE'];
$browserTimeZone = $_SESSION['BROWSER_TIME_ZONE'];
$dateTime = new \ProcessMaker\Util\DateTime();
$userTimeZoneOffset = $dateTime->getTimeZoneOffsetByTimeZoneId($userTimeZone);
$browserTimeZoneOffset = $dateTime->getTimeZoneOffsetByTimeZoneId($browserTimeZone);
$userUtcOffset = $dateTime->getUtcOffsetByTimeZoneOffset($userTimeZoneOffset);
$browserUtcOffset = $dateTime->getUtcOffsetByTimeZoneOffset($browserTimeZoneOffset);
$arrayTimeZoneId = $dateTime->getTimeZoneIdByTimeZoneOffset($browserTimeZoneOffset);
array_unshift($arrayTimeZoneId, 'false');
array_walk($arrayTimeZoneId, function (&$value, $key, $parameter) { $value = ['TZ_UID' => $value, 'TZ_NAME' => '(UTC ' . $parameter . ') ' . $value]; }, $browserUtcOffset);
$_SESSION['_DBArray'] = ['TIME_ZONE' => $arrayTimeZoneId];
$arrayData = [
'USR_TIME_ZONE' => '(UTC ' . $userUtcOffset . ') ' . $userTimeZone,
'BROWSER_TIME_ZONE' => $browserTimeZone
];
global $G_PUBLISH;
$G_PUBLISH = new Publisher();
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'login' . PATH_SEP . 'TimeZoneAlert', '', $arrayData, SYS_URI . 'login/updateTimezone');
G::RenderPage('publish');
exit(0);
}
/*----------------------------------********---------------------------------*/
// Initialization functions plugins // Initialization functions plugins
$oPluginRegistry->init(); $oPluginRegistry->init();
/**
* New feature for Gulliver framework to support Controllers & HttpProxyController classes handling
*
* @author <erik@colosa.com
*/
if ($isControllerCall) { //Instance the Controller object and call the request method if ($isControllerCall) { //Instance the Controller object and call the request method
$controller = new $controllerClass(); $controller = new $controllerClass();
$controller->setHttpRequestData($_REQUEST);//NewRelic Snippet - By JHL $controller->setHttpRequestData($_REQUEST);//NewRelic Snippet - By JHL