From d6177988948632bb01a93e2e52500b523edcbbcf Mon Sep 17 00:00:00 2001 From: jennylee Date: Wed, 13 Nov 2013 14:09:32 -0400 Subject: [PATCH 01/17] BUG-13421 Ordenamiento en el listado de procesos 'Designer'. Validacion de la obtencion de la variable SORT, para que no se trabaje con un valor vacio lo cual proboca error. --- workflow/engine/classes/model/Process.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/workflow/engine/classes/model/Process.php b/workflow/engine/classes/model/Process.php index 15160879d..a31f6f014 100755 --- a/workflow/engine/classes/model/Process.php +++ b/workflow/engine/classes/model/Process.php @@ -879,6 +879,9 @@ class Process extends BaseProcess public function ordProcessAsc ($a, $b) { + if (($this->sort) == '') { + $this->sort = 'PRO_TITLE'; + } if ($a[$this->sort] > $b[$this->sort]) { return 1; } elseif ($a[$this->sort] < $b[$this->sort]) { @@ -889,7 +892,10 @@ class Process extends BaseProcess } public function ordProcessDesc ($a, $b) - { + { + if (($this->sort) == '') { + $this->sort = 'PRO_TITLE'; + } if ($a[$this->sort] > $b[$this->sort]) { return - 1; } elseif ($a[$this->sort] < $b[$this->sort]) { From fffe98cc3c9a0c0215700dbf9763393919c584ce Mon Sep 17 00:00:00 2001 From: Roly Gutierrez Date: Wed, 13 Nov 2013 16:20:08 -0400 Subject: [PATCH 02/17] =?UTF-8?q?BUG-13538=20SOLVED=20Cuando=20se=20cambia?= =?UTF-8?q?=20la=20configuraci=C3=B3n=20de=20la=20fecha=20por=20defecto=20?= =?UTF-8?q?en=20la=20secci=C3=B3n:=20'ADMIN=20/=20Environment',=20opci?= =?UTF-8?q?=C3=B3n:=20'Regional=20Settings',=20y=20la=20misma=20contiene?= =?UTF-8?q?=20un=20literal,=20por=20ejemplo:=20=20mes=20o=20d=C3=ADa,=20en?= =?UTF-8?q?=20algunos=20idiomas=20se=20muestran=20caracteres=20extra=C3=B1?= =?UTF-8?q?os=20en=20la=20parte=20superior=20derecha=20de=20ProcessMaker,?= =?UTF-8?q?=20secci=C3=B3n:=20usuario,=20logout,=20workspace=20y=20fecha.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- workflow/engine/classes/class.configuration.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/workflow/engine/classes/class.configuration.php b/workflow/engine/classes/class.configuration.php index 5bc5cc9be..52431100c 100755 --- a/workflow/engine/classes/class.configuration.php +++ b/workflow/engine/classes/class.configuration.php @@ -601,8 +601,8 @@ class Configurations // extends Configuration } } - setlocale(LC_TIME, $langLocate); - $dateTime = utf8_encode(strftime($newCreation, mktime($h, $i, $s, $m, $d, $y))); + setlocale(LC_TIME, $langLocate . ".utf8"); + $dateTime = strftime($newCreation, mktime($h, $i, $s, $m, $d, $y)); if (strpos($dateTime, ' ') !== false) { $dateTime = ucwords($dateTime); From a9ec34482c6f4551f3b31e3dba646218c452084a Mon Sep 17 00:00:00 2001 From: Luis Fernando Saisa Lopez Date: Wed, 13 Nov 2013 17:08:39 -0400 Subject: [PATCH 03/17] BUG 13558 "Pagination of Documents Menu is not wortking" SOLVED - Pagination of Documents Menu is not wortking. - Problema: Cuando se lista los documentos en HOME>Documents, y seleccionado una carpeta del arbol, se muestra los documentos generados; al momento de pasar a la siguiente pagina se muestra una pagina en blanco. Solucion: Se completa en la siguiente funcion a la condicion que se tiene una condicion mas "options.params.dir": datastore.on("beforeload", function(ds, options) { ... var dirAux = (itemSelected.length == 0 && options.params.dir)? ... : ...; var nodeAux = (itemSelected.length == 0 && options.params.dir)? ... : ...; ... }); Con esta condicion al pasar de una pagina a otra, el listado de documentos se mostrara correctamente. Este cambio estara disponible a partir de la version 2.5.2 --- workflow/engine/templates/cases/casesDocuments.js | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/workflow/engine/templates/cases/casesDocuments.js b/workflow/engine/templates/cases/casesDocuments.js index b558c9b10..34a918663 100755 --- a/workflow/engine/templates/cases/casesDocuments.js +++ b/workflow/engine/templates/cases/casesDocuments.js @@ -466,12 +466,12 @@ function openActionDialog(caller, action, dataAux) icon: Ext.MessageBox.ERROR, buttons: Ext.MessageBox.OK, fn : function(btn) { - try + try { prnt = parent.parent; top.location = top.location; } - catch (err) + catch (err) { parent.location = parent.location; } @@ -865,8 +865,12 @@ var datastore = new Ext.data.Store({ datastore.on("beforeload", function(ds, options) { - options.params.dir = (itemSelected.length === 0) ? options.params.dir : ds.directory; - options.params.node = (itemSelected.length === 0) ? options.params.dir : ds.directory; + var dirAux = (itemSelected.length == 0 && options.params.dir)? options.params.dir : ds.directory; + var nodeAux = (itemSelected.length == 0 && options.params.dir)? options.params.dir : ds.directory; + + options.params.dir = dirAux; + options.params.node = nodeAux; + options.params.option = "gridDocuments"; options.params.sendWhat = datastore.sendWhat; if (options.params.dir == "ASC" || options.params.dir == "DESC") { From c7ea75bdfb88c986483dd3bc40be4b73e618fa6b Mon Sep 17 00:00:00 2001 From: jennylee Date: Thu, 14 Nov 2013 17:28:59 -0400 Subject: [PATCH 04/17] BUG-13396 Ordenamiento en MessageHistory Se agrego el odenamiento de todo el listado en MessageHistory y no solo porpagina como estaba funcionando. --- workflow/engine/classes/class.case.php | 41 ++++++++++++------- .../templates/cases/caseMessageHistory.js | 1 + 2 files changed, 28 insertions(+), 14 deletions(-) diff --git a/workflow/engine/classes/class.case.php b/workflow/engine/classes/class.case.php index da53de364..26608cd76 100755 --- a/workflow/engine/classes/class.case.php +++ b/workflow/engine/classes/class.case.php @@ -3904,13 +3904,6 @@ class Cases if (AppDelegationPeer::doCount($oCriteria) == 1) { $aFields['APP_STATUS'] = 'CANCELLED'; $oApplication->update($aFields); - - G::LoadClass('reportTables'); - require_once 'classes/model/AdditionalTables.php'; - $oReportTables = new ReportTables(); - $addtionalTables = new additionalTables(); - $oReportTables->updateTables($aFields['PRO_UID'], $aFields['APP_UID'], $aFields['APP_NUMBER'], $aFields['APP_DATA']); - $addtionalTables->updateReportTables($aFields['PRO_UID'], $aFields['APP_UID'], $aFields['APP_NUMBER'], $aFields['APP_DATA'], $aFields['APP_STATUS']); } $this->CloseCurrentDelegation($sApplicationUID, $iIndex); $oAppDel = new AppDelegation(); @@ -5908,12 +5901,7 @@ class Cases $oCriteria->add(AppMessagePeer::APP_MSG_SHOW_MESSAGE, 1); } $oCriteria->addAscendingOrderByColumn(AppMessagePeer::APP_MSG_DATE); - if (!is_null($start)) { - $oCriteria->setOffset($start); - } - if (!is_null($limit)) { - $oCriteria->setLimit($limit); - } + $oDataset = AppMessagePeer::doSelectRS($oCriteria); $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); $oDataset->next(); @@ -5946,7 +5934,9 @@ class Cases $oCriteria = new Criteria('dbarray'); $oCriteria->setDBArrayTable('messages'); - + + usort( $aMessages, 'ordProcess' ); + $aMessages = array_splice($aMessages, $start, $limit); return $aMessages; } @@ -6761,3 +6751,26 @@ class Cases } } } + +function ordProcess ($a, $b) +{ + if (isset($_POST['sort'])) { + if ($_POST['dir']=='ASC') { + if ($a[$_POST['sort']] > $b[$_POST['sort']]) { + return 1; + } elseif ($a[$_POST['sort']] < $b[$_POST['sort']]) { + return - 1; + } else { + return 0; + } + } else { + if ($a[$_POST['sort']] > $b[$_POST['sort']]) { + return - 1; + } elseif ($a[$_POST['sort']] < $b[$_POST['sort']]) { + return 1; + } else { + return 0; + } + } + } +} diff --git a/workflow/engine/templates/cases/caseMessageHistory.js b/workflow/engine/templates/cases/caseMessageHistory.js index 70c3d929b..365273d2e 100644 --- a/workflow/engine/templates/cases/caseMessageHistory.js +++ b/workflow/engine/templates/cases/caseMessageHistory.js @@ -328,6 +328,7 @@ var ActionTabFrameGlobal = ''; function messageHistoryGridList(){ store = new Ext.data.GroupingStore({ + remoteSort: true, proxy : new Ext.data.HttpProxy ( { From 8a895b84f0bfa38e966a51af1b09c5fdeaf4ad31 Mon Sep 17 00:00:00 2001 From: jennylee Date: Thu, 14 Nov 2013 17:35:35 -0400 Subject: [PATCH 05/17] BUG-13396 Ordenamiento en MessageHistory Se agrego el odenamiento de todo el listado en MessageHistory y no solo porpagina como estaba funcionando. --- workflow/engine/classes/class.case.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/workflow/engine/classes/class.case.php b/workflow/engine/classes/class.case.php index 26608cd76..ee2d53902 100755 --- a/workflow/engine/classes/class.case.php +++ b/workflow/engine/classes/class.case.php @@ -3904,6 +3904,13 @@ class Cases if (AppDelegationPeer::doCount($oCriteria) == 1) { $aFields['APP_STATUS'] = 'CANCELLED'; $oApplication->update($aFields); + + G::LoadClass('reportTables'); + require_once 'classes/model/AdditionalTables.php'; + $oReportTables = new ReportTables(); + $addtionalTables = new additionalTables(); + $oReportTables->updateTables($aFields['PRO_UID'], $aFields['APP_UID'], $aFields['APP_NUMBER'], $aFields['APP_DATA']); + $addtionalTables->updateReportTables($aFields['PRO_UID'], $aFields['APP_UID'], $aFields['APP_NUMBER'], $aFields['APP_DATA'], $aFields['APP_STATUS']); } $this->CloseCurrentDelegation($sApplicationUID, $iIndex); $oAppDel = new AppDelegation(); From 604cf9310dfc40556a79d4f190a3ede1ded521d6 Mon Sep 17 00:00:00 2001 From: jennylee Date: Fri, 15 Nov 2013 12:03:58 -0400 Subject: [PATCH 06/17] BUG-13396 Ordenamiento en MessageHistory Se agrego el odenamiento de todo el listado en MessageHistory y no solo porpagina como estaba funcionando. --- workflow/engine/classes/class.case.php | 30 ++++++++++--------- .../methods/cases/caseMessageHistory_Ajax.php | 7 +++++ 2 files changed, 23 insertions(+), 14 deletions(-) diff --git a/workflow/engine/classes/class.case.php b/workflow/engine/classes/class.case.php index ee2d53902..0aa369cd9 100755 --- a/workflow/engine/classes/class.case.php +++ b/workflow/engine/classes/class.case.php @@ -71,6 +71,8 @@ class Cases { private $appSolr = null; + public $dir = 'ASC'; + public $sort = 'APP_MSG_DATE'; public function __construct() { @@ -5941,9 +5943,8 @@ class Cases $oCriteria = new Criteria('dbarray'); $oCriteria->setDBArrayTable('messages'); - - usort( $aMessages, 'ordProcess' ); - $aMessages = array_splice($aMessages, $start, $limit); + + usort( $aMessages, array($this, "ordProcess") ); return $aMessages; } @@ -6757,27 +6758,28 @@ class Cases } } } -} -function ordProcess ($a, $b) -{ - if (isset($_POST['sort'])) { - if ($_POST['dir']=='ASC') { - if ($a[$_POST['sort']] > $b[$_POST['sort']]) { + public function ordProcess ($a, $b) + { + if ($this->sort == '') { + $this->sort = 'APP_MSG_DATE'; + } + if ($this->dir=='ASC') { + if ($a[$this->sort] > $b[$this->sort]) { return 1; - } elseif ($a[$_POST['sort']] < $b[$_POST['sort']]) { + } elseif ($a[$this->sort] < $b[$this->sort]) { return - 1; } else { return 0; } } else { - if ($a[$_POST['sort']] > $b[$_POST['sort']]) { + if ($a[$this->sort] > $b[$this->sort]) { return - 1; - } elseif ($a[$_POST['sort']] < $b[$_POST['sort']]) { + } elseif ($a[$this->sort] < $b[$this->sort]) { return 1; } else { return 0; } - } + } } -} +} \ No newline at end of file diff --git a/workflow/engine/methods/cases/caseMessageHistory_Ajax.php b/workflow/engine/methods/cases/caseMessageHistory_Ajax.php index ca860287a..4a71313f5 100755 --- a/workflow/engine/methods/cases/caseMessageHistory_Ajax.php +++ b/workflow/engine/methods/cases/caseMessageHistory_Ajax.php @@ -36,9 +36,14 @@ if ($actionAjax == 'messageHistoryGridList_JXP') { G::LoadClass( 'case' ); G::LoadClass( "BasePeer" ); + + $dir = isset( $_POST['dir'] ) ? $_POST['dir'] : 'ASC'; + $sort = isset( $_POST['sort'] ) ? $_POST['sort'] : ''; global $G_PUBLISH; $oCase = new Cases(); + $oCase->dir = $dir; + $oCase->sort = $sort; $appMessageArray = $oCase->getHistoryMessagesTrackerExt( $_SESSION['APPLICATION'], true, $_REQUEST['start'], $_REQUEST['limit']); $appMessageCountArray = $oCase->getHistoryMessagesTrackerExt( $_SESSION['APPLICATION'], true); @@ -98,6 +103,8 @@ if ($actionAjax == 'messageHistoryGridList_JXP') { } } + $aProcesses = array_splice($aProcesses, $_REQUEST['start'], $_REQUEST['limit']); + $newDir = '/tmp/test/directory'; $r = G::verifyPath( $newDir ); $r->data = $aProcesses; From da5c4da83df6a550571c72fba178289323170923 Mon Sep 17 00:00:00 2001 From: jennylee Date: Fri, 15 Nov 2013 13:56:20 -0400 Subject: [PATCH 07/17] BUG-13321 PmTables: Confucion TIMESTAMP - DATETIME. Cuando se crea un nuevo campo en una pmtable del tipo DATETIME, a la hora de editar la misma PMtable Este campo se muestra como TIMESTAMP. Esto ocurre por que la version de propel que usa PM, no genera clases con el campo DATETIME, esto al crear la PMTable, sino en cambio utiliza el tipo de dato TIMESTAMP. Por lo tanto se agrego una validacion para que a la hora de recuperar los campos a editarse, se muestre el valor correcto, en este caso DATETIME. --- workflow/engine/classes/model/AdditionalTables.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/workflow/engine/classes/model/AdditionalTables.php b/workflow/engine/classes/model/AdditionalTables.php index 104275c1e..87574c662 100755 --- a/workflow/engine/classes/model/AdditionalTables.php +++ b/workflow/engine/classes/model/AdditionalTables.php @@ -112,6 +112,13 @@ class AdditionalTables extends BaseAdditionalTables $this->fields[] = $oDataset->getRow(); } + foreach ($this->fields as $field) { + if ($field['FLD_TYPE'] == 'TIMESTAMP') { + $indx = $field['FLD_INDEX']; + $this->fields[$indx]['FLD_TYPE'] = 'DATETIME'; + } + } + return $this->fields; } From e40ca19dcccfc55f35d2f10098cd470f68475fb4 Mon Sep 17 00:00:00 2001 From: Marco Antonio Nina Date: Fri, 15 Nov 2013 15:29:07 -0400 Subject: [PATCH 08/17] Security Issues - Improvements MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Se añadieron validaciones para sanitizar los valores enviados. --- gulliver/system/class.g.php | 17 + gulliver/system/class.inputfilter.php | 368 ++++++++++++++++++ workflow/engine/controllers/dashboard.php | 2 +- .../engine/methods/cases/casesMenuLoader.php | 4 +- .../engine/methods/login/authentication.php | 6 +- workflow/engine/methods/setup/mainAjax.php | 2 +- 6 files changed, 393 insertions(+), 6 deletions(-) create mode 100644 gulliver/system/class.inputfilter.php diff --git a/gulliver/system/class.g.php b/gulliver/system/class.g.php index 0d3911c95..7fac7ff42 100755 --- a/gulliver/system/class.g.php +++ b/gulliver/system/class.g.php @@ -5230,6 +5230,23 @@ class G } return in_array(strtolower($functionName), $allFunctions['user']); } + + /** + * Constructor for inputFilter class. Only first parameter is required. + * @access constructor + * @data Mixed - input string/array-of-string to be 'cleaned' + * @param Array $tagsArray - list of user-defined tags + * @param Array $attrArray - list of user-defined attributes + * @param int $tagsMethod - 0= allow just user-defined, 1= allow all but user-defined + * @param int $attrMethod - 0= allow just user-defined, 1= allow all but user-defined + * @param int $xssAuto - 0= only auto clean essentials, 1= allow clean blacklisted tags/attr + */ + public function sanitizeInput($data, $tagsArray = array(), $attrArray = array(), $tagsMethod = 0, $attrMethod = 0, $xssAuto = 1) + { + G::LoadSystem('inputfilter'); + $filtro = new InputFilter($tagsArray , $attrArray, $tagsMethod, $attrMethod, $xssAuto); + return $filtro->process($data); + } } /** diff --git a/gulliver/system/class.inputfilter.php b/gulliver/system/class.inputfilter.php new file mode 100644 index 000000000..d3f6c9c4f --- /dev/null +++ b/gulliver/system/class.inputfilter.php @@ -0,0 +1,368 @@ +tagsArray = (array) $tagsArray; + $this->attrArray = (array) $attrArray; + $this->tagsMethod = $tagsMethod; + $this->attrMethod = $attrMethod; + $this->xssAuto = $xssAuto; + } + + /** + * Method to be called by another php script. Processes for XSS and specified bad code. + * @access public + * @param Mixed $source - input string/array-of-string to be 'cleaned' + * @return String $source - 'cleaned' version of input parameter + */ + public function process($source) + { + // clean all elements in this array + if (is_array($source)) { + foreach ($source as $key => $value) { + // filter element for XSS and other 'bad' code etc. + if (is_string($value)) { + $source[$key] = $this->remove($this->decode($value)); + } + } + return $source; + // clean this string + } elseif (is_string($source)) { + // filter source for XSS and other 'bad' code etc. + return $this->remove($this->decode($source)); + } else { + // return parameter as given + return $source; + } + } + + /** + * Internal method to iteratively remove all unwanted tags and attributes + * @access protected + * @param String $source - input string to be 'cleaned' + * @return String $source - 'cleaned' version of input parameter + */ + public function remove($source) + { + $loopCounter=0; + // provides nested-tag protection + while ($source != $this->filterTags($source)) { + $source = $this->filterTags($source); + $loopCounter++; + } + return $source; + } + + /** + * Internal method to strip a string of certain tags + * @access protected + * @param String $source - input string to be 'cleaned' + * @return String $source - 'cleaned' version of input parameter + */ + public function filterTags($source) + { + // filter pass setup + $preTag = null; + $postTag = $source; + // find initial tag's position + $tagOpen_start = strpos($source, '<'); + // interate through string until no tags left + while ($tagOpen_start !== false) { + // process tag interatively + $preTag .= substr($postTag, 0, $tagOpen_start); + $postTag = substr($postTag, $tagOpen_start); + $fromTagOpen = substr($postTag, 1); + // end of tag + $tagOpen_end = strpos($fromTagOpen, '>'); + if ($tagOpen_end === false) { + break; + } + // next start of tag (for nested tag assessment) + $tagOpen_nested = strpos($fromTagOpen, '<'); + if (($tagOpen_nested !== false) && ($tagOpen_nested < $tagOpen_end)) { + $preTag .= substr($postTag, 0, ($tagOpen_nested+1)); + $postTag = substr($postTag, ($tagOpen_nested+1)); + $tagOpen_start = strpos($postTag, '<'); + continue; + } + $tagOpen_nested = (strpos($fromTagOpen, '<') + $tagOpen_start + 1); + $currentTag = substr($fromTagOpen, 0, $tagOpen_end); + $tagLength = strlen($currentTag); + if (!$tagOpen_end) { + $preTag .= $postTag; + $tagOpen_start = strpos($postTag, '<'); + } + // iterate through tag finding attribute pairs - setup + $tagLeft = $currentTag; + $attrSet = array(); + $currentSpace = strpos($tagLeft, ' '); + // is end tag + if (substr($currentTag, 0, 1) == "/") { + $isCloseTag = true; + list($tagName) = explode(' ', $currentTag); + $tagName = substr($tagName, 1); + // is start tag + } else { + $isCloseTag = false; + list($tagName) = explode(' ', $currentTag); + } + // excludes all "non-regular" tagnames OR no tagname OR remove if xssauto is on and tag is blacklisted + if ((!preg_match("/^[a-z][a-z0-9]*$/i",$tagName)) || (!$tagName) || ((in_array(strtolower($tagName), $this->tagBlacklist)) && ($this->xssAuto))) { + $postTag = substr($postTag, ($tagLength + 2)); + $tagOpen_start = strpos($postTag, '<'); + // don't append this tag + continue; + } + // this while is needed to support attribute values with spaces in! + while ($currentSpace !== false) { + $fromSpace = substr($tagLeft, ($currentSpace+1)); + $nextSpace = strpos($fromSpace, ' '); + $openQuotes = strpos($fromSpace, '"'); + $closeQuotes = strpos(substr($fromSpace, ($openQuotes+1)), '"') + $openQuotes + 1; + // another equals exists + if (strpos($fromSpace, '=') !== false) { + // opening and closing quotes exists + if (($openQuotes !== false) && (strpos(substr($fromSpace, ($openQuotes+1)), '"') !== false)) { + $attr = substr($fromSpace, 0, ($closeQuotes+1)); + } else { + // one or neither exist + $attr = substr($fromSpace, 0, $nextSpace); + } + // no more equals exist + } else { + $attr = substr($fromSpace, 0, $nextSpace); + } + // last attr pair + if (!$attr) { + $attr = $fromSpace; + } + // add to attribute pairs array + $attrSet[] = $attr; + // next inc + $tagLeft = substr($fromSpace, strlen($attr)); + $currentSpace = strpos($tagLeft, ' '); + } + // appears in array specified by user + $tagFound = in_array(strtolower($tagName), $this->tagsArray); + // remove this tag on condition + if ((!$tagFound && $this->tagsMethod) || ($tagFound && !$this->tagsMethod)) { + // reconstruct tag with allowed attributes + if (!$isCloseTag) { + $attrSet = $this->filterAttr($attrSet); + $preTag .= '<' . $tagName; + for ($i = 0; $i < count($attrSet); $i++) { + $preTag .= ' ' . $attrSet[$i]; + } + // reformat single tags to XHTML + if (strpos($fromTagOpen, "'; + } else { + $preTag .= ' />'; + } + // just the tagname + } else { + $preTag .= ''; + } + } + // find next tag's start + $postTag = substr($postTag, ($tagLength + 2)); + $tagOpen_start = strpos($postTag, '<'); + } + // append any code after end of tags + $preTag .= $postTag; + return $preTag; + } + + /** + * Internal method to strip a tag of certain attributes + * @access protected + * @param Array $attrSet + * @return Array $newSet + */ + public function filterAttr($attrSet) + { + $newSet = array(); + // process attributes + for ($i = 0; $i xssAuto) && ((in_array(strtolower($attrSubSet[0]), $this->attrBlacklist)) || (substr($attrSubSet[0], 0, 2) == 'on')))) { + continue; + } + // xss attr value filtering + if ($attrSubSet[1]) { + // strips unicode, hex, etc + $attrSubSet[1] = str_replace('&#', '', $attrSubSet[1]); + // strip normal newline within attr value + $attrSubSet[1] = preg_replace('/\s+/', '', $attrSubSet[1]); + // strip double quotes + $attrSubSet[1] = str_replace('"', '', $attrSubSet[1]); + // [requested feature] convert single quotes from either side to doubles (Single quotes shouldn't be used to pad attr value) + if ((substr($attrSubSet[1], 0, 1) == "'") && (substr($attrSubSet[1], (strlen($attrSubSet[1]) - 1), 1) == "'")) { + $attrSubSet[1] = substr($attrSubSet[1], 1, (strlen($attrSubSet[1]) - 2)); + } + // strip slashes + $attrSubSet[1] = stripslashes($attrSubSet[1]); + } + // auto strip attr's with "javascript: + if (((strpos(strtolower($attrSubSet[1]), 'expression') !== false) &&(strtolower($attrSubSet[0]) == 'style')) || + (strpos(strtolower($attrSubSet[1]), 'javascript:') !== false) || + (strpos(strtolower($attrSubSet[1]), 'behaviour:') !== false) || + (strpos(strtolower($attrSubSet[1]), 'vbscript:') !== false) || + (strpos(strtolower($attrSubSet[1]), 'mocha:') !== false) || + (strpos(strtolower($attrSubSet[1]), 'livescript:') !== false) + ) { + continue; + } + + // if matches user defined array + $attrFound = in_array(strtolower($attrSubSet[0]), $this->attrArray); + // keep this attr on condition + if ((!$attrFound && $this->attrMethod) || ($attrFound && !$this->attrMethod)) { + // attr has value + if ($attrSubSet[1]) { + $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[1] . '"'; + } elseif ($attrSubSet[1] == "0") { + // attr has decimal zero as value + $newSet[] = $attrSubSet[0] . '="0"'; + } else { + // reformat single attributes to XHTML + $newSet[] = $attrSubSet[0] . '="' . $attrSubSet[0] . '"'; + } + } + } + return $newSet; + } + + /** + * Try to convert to plaintext + * @access protected + * @param String $source + * @return String $source + */ + public function decode($source) + { + // url decode + $source = html_entity_decode($source, ENT_QUOTES, "ISO-8859-1"); + // convert decimal + $source = preg_replace('/&#(\d+);/me',"chr(\\1)", $source);// decimal notation + // convert hex + $source = preg_replace('/&#x([a-f0-9]+);/mei',"chr(0x\\1)", $source);// hex notation + return $source; + } + + /** + * Method to be called by another php script. Processes for SQL injection + * @access public + * @param Mixed $source - input string/array-of-string to be 'cleaned' + * @param Buffer $connection - An open MySQL connection + * @return String $source - 'cleaned' version of input parameter + */ + public function safeSQL($source, &$connection) + { + // clean all elements in this array + if (is_array($source)) { + foreach ($source as $key => $value) { + // filter element for SQL injection + if (is_string($value)) { + $source[$key] = $this->quoteSmart($this->decode($value), $connection); + } + } + return $source; + // clean this string + } elseif (is_string($source)) { + // filter source for SQL injection + if (is_string($source)) { + return $this->quoteSmart($this->decode($source), $connection); + } + // return parameter as given + } else { + return $source; + } + } + + /** + * @author Chris Tobin + * @author Daniel Morris + * @access protected + * @param String $source + * @param Resource $connection - An open MySQL connection + * @return String $source + */ + public function quoteSmart($source, &$connection) + { + // strip slashes + if (get_magic_quotes_gpc()) { + $source = stripslashes($source); + } + // quote both numeric and text + $source = $this->escapeString($source, $connection); + return $source; + } + + /** + * @author Chris Tobin + * @author Daniel Morris + * @access protected + * @param String $source + * @param Resource $connection - An open MySQL connection + * @return String $source + */ + public function escapeString($string, &$connection) + { + // depreciated function + if (version_compare(phpversion(),"4.3.0", "<")) { + mysql_escape_string($string); + } else { + // current function + mysql_real_escape_string($string); + } + return $string; + } +} + diff --git a/workflow/engine/controllers/dashboard.php b/workflow/engine/controllers/dashboard.php index ad98e97c1..e98ad5a9b 100644 --- a/workflow/engine/controllers/dashboard.php +++ b/workflow/engine/controllers/dashboard.php @@ -155,7 +155,7 @@ class Dashboard extends Controller if ($data->DAS_INS_UID == '') { throw new Exception( 'Parameter "DAS_INS_UID" is empty.' ); } - $this->pmDashlet->setup( $data->DAS_INS_UID ); + $this->pmDashlet->setup( G::sanitizeInput($data->DAS_INS_UID) ); if (! isset( $_REQUEST['w'] )) { $width = 300; diff --git a/workflow/engine/methods/cases/casesMenuLoader.php b/workflow/engine/methods/cases/casesMenuLoader.php index 8bab327a1..a74874e97 100755 --- a/workflow/engine/methods/cases/casesMenuLoader.php +++ b/workflow/engine/methods/cases/casesMenuLoader.php @@ -1,5 +1,7 @@ redirectTo($_SESSION['USER_LOGGED'], $lang); } diff --git a/workflow/engine/methods/setup/mainAjax.php b/workflow/engine/methods/setup/mainAjax.php index 54937ba0e..d3cb2c9fa 100755 --- a/workflow/engine/methods/setup/mainAjax.php +++ b/workflow/engine/methods/setup/mainAjax.php @@ -1,7 +1,7 @@ Date: Fri, 15 Nov 2013 15:32:06 -0400 Subject: [PATCH 09/17] BUG-13321 PmTables: Confucion TIMESTAMP - DATETIME. Cuando se crea un nuevo campo en una pmtable del tipo DATETIME, a la hora de editar la misma PMtable Este campo se muestra como TIMESTAMP. Esto ocurre por que la version de propel que usa PM, no genera clases con el campo DATETIME, esto al crear la PMTable, sino en cambio utiliza el tipo de dato TIMESTAMP. Por lo tanto se agrego una validacion para que a la hora de recuperar los campos a editarse, se muestre el valor correcto, en este caso DATETIME. --- .../engine/classes/model/AdditionalTables.php | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/workflow/engine/classes/model/AdditionalTables.php b/workflow/engine/classes/model/AdditionalTables.php index 87574c662..ce5cd41d8 100755 --- a/workflow/engine/classes/model/AdditionalTables.php +++ b/workflow/engine/classes/model/AdditionalTables.php @@ -108,15 +108,12 @@ class AdditionalTables extends BaseAdditionalTables $oDataset = FieldsPeer::doSelectRS($oCriteria); $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); - while ($oDataset->next()) { - $this->fields[] = $oDataset->getRow(); - } - - foreach ($this->fields as $field) { - if ($field['FLD_TYPE'] == 'TIMESTAMP') { - $indx = $field['FLD_INDEX']; - $this->fields[$indx]['FLD_TYPE'] = 'DATETIME'; - } + while ($oDataset->next()) { + $auxField = $oDataset->getRow(); + if ($auxField['FLD_TYPE'] == 'TIMESTAMP') { + $auxField['FLD_TYPE'] = 'DATETIME'; + } + $this->fields[] = $auxField; } return $this->fields; From 7517c2a176496c022d97d3a8407872c0dd785f36 Mon Sep 17 00:00:00 2001 From: Roly Gutierrez Date: Fri, 15 Nov 2013 15:35:26 -0400 Subject: [PATCH 10/17] =?UTF-8?q?BUG-13324=20SOLVED=20Al=20actualizar=20la?= =?UTF-8?q?=20versi=C3=B3n=20de=20ProcessMaker=20v2.0.45=20a=20ProcessMake?= =?UTF-8?q?r=20v2.5.1,=20la=20visualizaci=C3=B3n=20del=20nombre=20de=20usu?= =?UTF-8?q?ario=20no=20refleja=20la=20configuraci=C3=B3n=20de=20la=20secci?= =?UTF-8?q?=C3=B3n=20'ADMIN=20/=20Environment'?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../engine/classes/class.configuration.php | 29 +++++++------------ workflow/engine/skinEngine/skinEngine.php | 10 ++++--- 2 files changed, 16 insertions(+), 23 deletions(-) diff --git a/workflow/engine/classes/class.configuration.php b/workflow/engine/classes/class.configuration.php index 5bc5cc9be..4b2cd2a63 100755 --- a/workflow/engine/classes/class.configuration.php +++ b/workflow/engine/classes/class.configuration.php @@ -315,26 +315,16 @@ class Configurations // extends Configuration } } - public function userNameFormat($username, $fullname) + public function userNameFormat($username, $fullname, $usrUid = '') { - - try { - if (!isset($this->UserConfig)) { - $this->UserConfig = $this->getConfiguration('ENVIRONMENT_SETTINGS', ''); - } - if (isset($this->UserConfig['format'])) { - $name = explode(' ',$fullname); - $aux = ''; - $aux = str_replace('@userName', trim($username), $this->UserConfig['format']); - $aux = str_replace('@firstName', isset($name[0])?$name[0]:'', $aux); - $aux = str_replace('@lastName', isset($name[1])?$name[1]:'', $aux); - return $aux; - } else { - return $username; - } - } catch (Exception $oError) { - return null; + $aux = ''; + if ($usrUid != '') { + $oUser = UsersPeer::retrieveByPK($usrUid); + $aux = str_replace('@userName', trim($username), $this->UserConfig['format']); + $aux = str_replace('@firstName', $oUser->getUsrFirstname(), $aux); + $aux = str_replace('@lastName', $oUser->getUsrLastname(), $aux); } + return $aux; } public function usersNameFormatBySetParameters($formatUserName, $userName, $firstName, $lastName) @@ -548,7 +538,8 @@ class Configurations // extends Configuration public function getSystemDate($dateTime) { $oConf = new Configurations(); - $dateFormat = 'M d, Y'; + $oConf->getFormats(); + $dateFormat = $oConf->UserConfig['dateFormat']; $oConf->loadConfig($obj, 'ENVIRONMENT_SETTINGS', ''); $creationDateMask = isset($oConf->aConfig['dateFormat']) ? $oConf->aConfig['dateFormat'] : ''; $creationDateMask = ($creationDateMask == '') ? $dateFormat : $creationDateMask; diff --git a/workflow/engine/skinEngine/skinEngine.php b/workflow/engine/skinEngine/skinEngine.php index 7b0f1cc9d..8818edc09 100755 --- a/workflow/engine/skinEngine/skinEngine.php +++ b/workflow/engine/skinEngine/skinEngine.php @@ -420,12 +420,13 @@ class SkinEngine G::LoadClass( "configuration" ); $conf = new Configurations(); - if (defined('SYS_SYS') && $conf->exists("ENVIRONMENT_SETTINGS")) { + $conf->getFormats(); + if (defined('SYS_SYS')) { $smarty->assign('udate', $conf->getSystemDate(date('Y-m-d H:i:s'))); } else { $smarty->assign('udate', G::getformatedDate(date('Y-m-d'), 'M d, yyyy', SYS_LANG)); } - $name = $conf->userNameFormat(isset($_SESSION['USR_USERNAME']) ? $_SESSION['USR_USERNAME']: '', isset($_SESSION['USR_FULLNAME']) ? htmlentities($_SESSION['USR_FULLNAME'] , ENT_QUOTES, 'UTF-8'): ''); + $name = $conf->userNameFormat(isset($_SESSION['USR_USERNAME']) ? $_SESSION['USR_USERNAME']: '', isset($_SESSION['USR_FULLNAME']) ? htmlentities($_SESSION['USR_FULLNAME'] , ENT_QUOTES, 'UTF-8'): '', isset($_SESSION['USER_LOGGED']) ? $_SESSION['USER_LOGGED'] : ''); $smarty->assign('user',$name); } @@ -725,12 +726,13 @@ class SkinEngine G::LoadClass( "configuration" ); $conf = new Configurations(); - if ( defined('SYS_SYS') && $conf->exists("ENVIRONMENT_SETTINGS")) { + $conf->getFormats(); + if ( defined('SYS_SYS')) { $smarty->assign('udate', $conf->getSystemDate(date('Y-m-d H:i:s'))); } else { $smarty->assign('udate', G::getformatedDate(date('Y-m-d H:i:s'), 'M d, yyyy', SYS_LANG)); } - $name = $conf->userNameFormat(isset($_SESSION['USR_USERNAME']) ? $_SESSION['USR_USERNAME']: '', isset($_SESSION['USR_FULLNAME']) ? htmlentities($_SESSION['USR_FULLNAME'] , ENT_QUOTES, 'UTF-8'): ''); + $name = $conf->userNameFormat(isset($_SESSION['USR_USERNAME']) ? $_SESSION['USR_USERNAME']: '', isset($_SESSION['USR_FULLNAME']) ? htmlentities($_SESSION['USR_FULLNAME'] , ENT_QUOTES, 'UTF-8'): '', isset($_SESSION['USER_LOGGED']) ? $_SESSION['USER_LOGGED'] : ''); $smarty->assign('user',$name); } if(class_exists('pmLicenseManager')){ From aaf54b09c64ecfb07e05cd0e17aef3ecf4905206 Mon Sep 17 00:00:00 2001 From: Luis Fernando Saisa Lopez Date: Fri, 15 Nov 2013 15:48:32 -0400 Subject: [PATCH 11/17] BUG 13507 "Campos hidden en grillas." SOLVED - Campos hidden en grillas. - Problema: Cuando se crean campos de tipo "hidden" en grillas, estos campos crean columnas y cuando eran mas campos de este tipo habia mas columnas viendose como un espacio en blanco. Solucion: Se agrega una condicion en donde se determina si el campo de tipo "hidden" se oculta la columna aplicando un estilo. {if ($field->type != "hidden")} ... {else} {/if} Este cambio estara disponible a partir de la version 2.5.2 --- workflow/engine/templates/grid.html | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/workflow/engine/templates/grid.html b/workflow/engine/templates/grid.html index 1d47cc8ab..7551f6296 100755 --- a/workflow/engine/templates/grid.html +++ b/workflow/engine/templates/grid.html @@ -20,9 +20,15 @@ + {foreach from=$form->fields item=field} - + {if ($field->type != "hidden")} + + {else} + + {/if} {/foreach} + {literal} {section name=row loop=$form_rows} @@ -33,9 +39,15 @@ {/if} {/literal} + {foreach from=$form->fields item=field} - + {if ($field->type != "hidden")} + + {else} + + {/if} {/foreach} + {if $form->deleteRow == '1' } {/if} From 15d3608263648dc8990870d5ca3a7e83e1e70075 Mon Sep 17 00:00:00 2001 From: Roly Gutierrez Date: Tue, 19 Nov 2013 09:21:49 -0400 Subject: [PATCH 12/17] =?UTF-8?q?BUG-13504=20SOLVED=20Al=20realizar=20la?= =?UTF-8?q?=20ejecuci=C3=B3n=20de=20CRON,=20ProcessMaker=20no=20puede=20co?= =?UTF-8?q?nectarse=20a=20SOAP=20cuando=20se=20encuentra=20corriendo=20a?= =?UTF-8?q?=20un=20puerto=20diferente=20al=2080.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- workflow/engine/classes/model/CaseScheduler.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/workflow/engine/classes/model/CaseScheduler.php b/workflow/engine/classes/model/CaseScheduler.php index b96926825..fb86245ff 100755 --- a/workflow/engine/classes/model/CaseScheduler.php +++ b/workflow/engine/classes/model/CaseScheduler.php @@ -486,7 +486,12 @@ class CaseScheduler extends BaseCaseScheduler $this->updateDate( $sSchedulerUid, $nSchTimeNextRun, $nSchLastRunTime ); } } elseif ($sActualDataHour == $dActualSysHour && $sActualDataMinutes <= $dActualSysMinutes) { - $_PORT = (isset( $_SERVER['SERVER_PORT'] ) && $_SERVER['SERVER_PORT'] != '80') ? ':' . $_SERVER['SERVER_PORT'] : ''; + $_PORT = ''; + if ( isset($_SERVER['SERVER_PORT']) ) { + $_PORT = ($_SERVER['SERVER_PORT'] != '80') ? ':' . $_SERVER['SERVER_PORT'] : ''; + } elseif ( defined('SERVER_PORT') ) { + $_PORT = (SERVER_PORT != '80') ? ':' . SERVER_PORT : ''; + } //$defaultEndpoint = 'http://' . $_SERVER ['SERVER_NAME'] . ':' . $_PORT . '/sys' . SYS_SYS .'/'.SYS_LANG.'/classic/green/services/wsdl2'; $defaultEndpoint = 'http://' . SERVER_NAME . $_PORT . '/sys' . SYS_SYS . '/' . SYS_LANG . '/classic/services/wsdl2'; println( " - Connecting webservice: $defaultEndpoint" ); From c54d472f187c9d8d4dbbf0eaee20474b60a20b12 Mon Sep 17 00:00:00 2001 From: Marco Antonio Nina Date: Tue, 19 Nov 2013 11:06:13 -0400 Subject: [PATCH 13/17] BUG-13543: Some cases are showing triplicated in inbox using SOLR SOLVED MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Al utilizar solr y ver los listados de casos se podian observar casos repetidos. - Se produjo un error al momento de actualizar un registro en solr ya que los datos que se tenian habian caracteres extraños los cuales rompian el xml. - Se valido la formacion del XML añadiendo las etiquetas CDATA y eliminando caracteres extraños, en la class.AppSolr en la funcion buildSearchIndexDocumentPMOS2. - en el caso especifico de la bbdd se descubrio que en los casos que se reproducia el problema la tareas con las que se ponian no existian debido a que era un proceso antiguo. se recomienda cambiar los uid hacia el nuevo uid de la tarea actual. --- workflow/engine/classes/class.AppSolr.php | 66 ++++++++++++++++++----- 1 file changed, 52 insertions(+), 14 deletions(-) diff --git a/workflow/engine/classes/class.AppSolr.php b/workflow/engine/classes/class.AppSolr.php index 42f9d75a9..1603325b3 100755 --- a/workflow/engine/classes/class.AppSolr.php +++ b/workflow/engine/classes/class.AppSolr.php @@ -518,8 +518,6 @@ class AppSolr 'includeCols' => $columsToIncludeFinal, 'resultFormat' => 'json' ); - - $solrRequestData = Entity_SolrRequestData::createForRequestPagination ($data); // use search index to return list of cases $searchIndex = new BpmnEngine_Services_SearchIndex ($this->_solrIsEnabled, $this->_solrHost); @@ -622,7 +620,6 @@ class AppSolr } /*elseif ($action == 'search') { // get all the indexes - //$delIndexes = $this->getApplicationDelegationsIndex ($appUID); $indexes = $this->aaSearchRecords ($aaappsDBData, array ( 'APP_UID' => $appUID @@ -648,6 +645,7 @@ class AppSolr //var_dump($delIndexes); + $row = ''; foreach ($delIndexes as $delIndex) { $aRow = array (); @@ -1384,7 +1382,6 @@ class AppSolr 'workspace' => $this->_solrInstance, 'document' => $xmlDoc ); - $oSolrUpdateDocument = Entity_SolrUpdateDocument::createForRequest ($data); G::LoadClass ('searchIndex'); @@ -1392,7 +1389,6 @@ class AppSolr $oSearchIndex = new BpmnEngine_Services_SearchIndex ($this->_solrIsEnabled, $this->_solrHost); $oSearchIndex->updateIndexDocument ($oSolrUpdateDocument); - if($this->debug) { @@ -1401,11 +1397,11 @@ class AppSolr // commit changes no required because of the commitwithin option //$oSearchIndex->commitIndexChanges ($this->_solrInstance); //change status in db to indexed - if ($saveDBRecord) { - foreach ($aaAPPUIDs as $aAPPUID) { - $this->applicationChangedUpdateSolrQueue ($aAPPUID ['APP_UID'], 0); - } - } + if ($saveDBRecord) { + foreach ($aaAPPUIDs as $aAPPUID) { + $this->applicationChangedUpdateSolrQueue ($aAPPUID ['APP_UID'], 0); + } + } } catch(Exception $ex) { @@ -2094,17 +2090,59 @@ class AppSolr break; } if ($typeSufix != '*') { + $value = trim($value); + $pairs = array( + "\x03" => "", + "\x04" => "", + "\x05" => "", + "\x06" => "", + "\x07" => "", + "\x08" => "", + "\x0E" => "", + "\x16" => "", + "\x00-" => "", + "\x09" => "", + "\x11" => "", + "\x12" => "", + "\x14-" => "", + "\x1f" => "", + "\x7f" => "", + ); + $value = strtr($value, $pairs); $writer->startElement ("field"); $writer->writeAttribute ('name', trim ($k) . $typeSufix); + $writer->startCData (); $writer->text ($value); + $writer->endCData(); $writer->endElement (); } } else { - $writer->startElement ("field"); - $writer->writeAttribute ('name', trim ($k) . '_t'); - $writer->text ($value); - $writer->endElement (); + $value = trim($value); + $pairs = array( + "\x03" => "", + "\x04" => "", + "\x05" => "", + "\x06" => "", + "\x07" => "", + "\x08" => "", + "\x0E" => "", + "\x16" => "", + "\x00-" => "", + "\x09" => "", + "\x11" => "", + "\x12" => "", + "\x14-" => "", + "\x1f" => "", + "\x7f" => "", + ); + $value = strtr($value, $pairs); + $writer->startElement ("field"); + $writer->writeAttribute ('name', trim ($k) . '_t'); + $writer->startCData (); + $writer->text ($value); + $writer->endCData(); + $writer->endElement (); } } } // foreach unserialized data From 099fb3674e4503359d4ab26cfdf323375113054b Mon Sep 17 00:00:00 2001 From: norahmollo Date: Tue, 19 Nov 2013 11:39:11 -0400 Subject: [PATCH 14/17] BUG-13576 Date Field Size BUG-13576 Date Field Size # Please enter the commit message for your changes. Lines starting --- gulliver/system/class.xmlform.php | 3 ++- workflow/engine/xmlform/dynaforms/fields/date.html | 6 +++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/gulliver/system/class.xmlform.php b/gulliver/system/class.xmlform.php index 25686d335..10fa7c75b 100755 --- a/gulliver/system/class.xmlform.php +++ b/gulliver/system/class.xmlform.php @@ -4555,7 +4555,8 @@ class XmlForm_Field_Date extends XmlForm_Field_SimpleText $Time = "true"; } - $sizeend = strlen($valueDemo) + 3; + //$sizeend = strlen($valueDemo) + 3; + $sizeend = $this->size; if ($this->required) { $isRequired = '1'; diff --git a/workflow/engine/xmlform/dynaforms/fields/date.html b/workflow/engine/xmlform/dynaforms/fields/date.html index 4aefb8242..cf4122849 100755 --- a/workflow/engine/xmlform/dynaforms/fields/date.html +++ b/workflow/engine/xmlform/dynaforms/fields/date.html @@ -122,11 +122,11 @@ - - + + From 365e4ab10ab53ddb2bc399134a00b98ab9488d4c Mon Sep 17 00:00:00 2001 From: Marco Antonio Nina Date: Wed, 20 Nov 2013 11:45:58 -0400 Subject: [PATCH 15/17] BUG-13543: Some cases are showing triplicated in inbox using SOLR SOLVED MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Al utilizar solr y ver los listados de casos se podian observar casos repetidos. - Se produjo un error al momento de actualizar un registro en solr ya que los datos que se tenian habian caracteres extraños los cuales rompian el xml. - Se valido la formacion del XML añadiendo las etiquetas CDATA y eliminando caracteres extraños, en la class.AppSolr en la funcion buildSearchIndexDocumentPMOS2. - en el caso especifico de la bbdd se descubrio que en los casos que se reproducia el problema la tareas con las que se ponian no existian debido a que era un proceso antiguo. se recomienda cambiar los uid hacia el nuevo uid de la tarea actual. --- workflow/engine/classes/class.AppSolr.php | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/workflow/engine/classes/class.AppSolr.php b/workflow/engine/classes/class.AppSolr.php index 1603325b3..b57cdf1b6 100755 --- a/workflow/engine/classes/class.AppSolr.php +++ b/workflow/engine/classes/class.AppSolr.php @@ -641,11 +641,9 @@ class AppSolr } //remove duplicated $delIndexes = array_unique($delIndexes); - + //var_dump($delIndexes); - - $row = ''; foreach ($delIndexes as $delIndex) { $aRow = array (); @@ -676,25 +674,25 @@ class AppSolr $localDate = date ('Y-m-d H:i:s', strtotime ($solrdate)); $aRow ['APP_UPDATE_DATE'] = $localDate; */ - + // get delegation data from DB //filter data from db $indexes = $this->aaSearchRecords ($aaappsDBData, array ( 'APP_UID' => $appUID, 'DEL_INDEX' => $delIndex )); - + $row = ''; foreach ($indexes as $index) { $row = $aaappsDBData [$index]; - } - - if(!isset($row)) + } + + if (empty($row)) { $fh = fopen("SolrAppWithoutDelIndex.txt", 'a') or die("can't open file to store Solr search time."); fwrite($fh, sprintf("Solr AppUid: %s DelIndex: %s not found.\r\n", $appUID, $delIndex)); fclose($fh); continue; - } + } //$row = $this->getAppDelegationData ($appUID, $delIndex); $aRow ['APP_CREATE_DATE'] = $row ['APP_CREATE_DATE']; $aRow ['APP_UPDATE_DATE'] = $row ['APP_UPDATE_DATE']; From 2d3ab22db3f55ab88f10841619eabf64ea29a21d Mon Sep 17 00:00:00 2001 From: jennylee Date: Thu, 21 Nov 2013 11:55:48 -0400 Subject: [PATCH 16/17] BUG-13421 Arreglando el contador de registros al realizar una busqueda de un proceso en Designer. --- workflow/engine/classes/model/Process.php | 5 +++-- workflow/engine/methods/processes/processesList.php | 6 ++++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/workflow/engine/classes/model/Process.php b/workflow/engine/classes/model/Process.php index a31f6f014..8e43d6d09 100755 --- a/workflow/engine/classes/model/Process.php +++ b/workflow/engine/classes/model/Process.php @@ -754,8 +754,9 @@ class Process extends BaseProcess usort( $aProcesses, array($this, "ordProcessAsc") ); } else { usort( $aProcesses, array($this, "ordProcessDesc") ); - } - $aProcesses = array_splice($aProcesses, $start, $limit); + } + //$countTot = count($aProcesses);//mmmmmmmmmmmmmmmmmmmmmmmmm + //$aProcesses = array_splice($aProcesses, $start, $limit); return $aProcesses; } diff --git a/workflow/engine/methods/processes/processesList.php b/workflow/engine/methods/processes/processesList.php index caf7613b2..c80131f6b 100755 --- a/workflow/engine/methods/processes/processesList.php +++ b/workflow/engine/methods/processes/processesList.php @@ -51,7 +51,8 @@ if (isset( $_POST['category'] ) && $_POST['category'] !== '') { if ($proData === false) { $proData = $oProcess->getAllProcesses( $start, $limit, null, $_POST['processName']); $memcache->set( $memkey, $proData, PMmemcached::ONE_HOUR ); - $totalCount = $oProcess->getAllProcessesCount(); + $totalCount = count($proData); + $proData = array_splice($proData, $start, $limit); $memcacheUsed = 'no'; } else { $proData = $oProcess->orderMemcache($proData, $start, $limit); @@ -64,7 +65,8 @@ if (isset( $_POST['category'] ) && $_POST['category'] !== '') { $memcacheUsed = 'yes'; if (($proData = $memcache->get( $memkey )) === false || ($totalCount = $memcache->get( $memkeyTotal )) === false) { $proData = $oProcess->getAllProcesses( $start, $limit); - $totalCount = $oProcess->getAllProcessesCount(); + $totalCount = count($proData); + $proData = array_splice($proData, $start, $limit); $memcache->set( $memkey, $proData, PMmemcached::ONE_HOUR ); $memcache->set( $memkeyTotal, $totalCount, PMmemcached::ONE_HOUR ); $memcacheUsed = 'no'; From b5bf4aac2b2a8fe90299fc904dd628d535ca0ee0 Mon Sep 17 00:00:00 2001 From: jennylee Date: Thu, 21 Nov 2013 11:59:10 -0400 Subject: [PATCH 17/17] BUG-13421 Arreglando el contador de registros al realizar una busqueda de un proceso en Designer. --- workflow/engine/classes/model/Process.php | 2 -- 1 file changed, 2 deletions(-) diff --git a/workflow/engine/classes/model/Process.php b/workflow/engine/classes/model/Process.php index 8e43d6d09..a8bdfd8bf 100755 --- a/workflow/engine/classes/model/Process.php +++ b/workflow/engine/classes/model/Process.php @@ -755,8 +755,6 @@ class Process extends BaseProcess } else { usort( $aProcesses, array($this, "ordProcessDesc") ); } - //$countTot = count($aProcesses);//mmmmmmmmmmmmmmmmmmmmmmmmm - //$aProcesses = array_splice($aProcesses, $start, $limit); return $aProcesses; }
{if (isset($field->required)&&$field->required&&$field->mode==='edit')}* {/if}{$field->label}{$field->renderHint()}{if (isset($field->required) && $field->required && $field->mode == "edit")}* {/if}{$field->label}{$field->renderHint()}
{$smarty.section.row.index+1} {$field->field}{$field->field}{$field->field}{$form->DeleteLabel} 
{$form.PME_SUBTITLE}
{$form.PME_SIZE}
{$PME_MODE}