fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

BUG-FILES Upload files templates IMPROVEMENT

Browse Source 
- Al subir los templates no se valida el tipo.

- Se agrego la validacion del PRO_UID, ademas de tener el permiso PM_FACTORY y se quita cualquier tipo de codigo que no sea html en los archivos processes_doUpload.php, processes_Ajax.php, processes_UploadFiles.php.
This commit is contained in:
Marco Antonio Nina
2013-12-17 16:52:40 -04:00
parent aa69448003
commit 5cf9716f0b
3 changed files with 139 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

68
workflow/engine/methods/processes/processes_Ajax.php
View File

@@ -498,30 +498,54 @@ try {
case 'saveFile':
global $G_PUBLISH;
$G_PUBLISH = new Publisher();
$sDir = "";
if (isset($_REQUEST['MAIN_DIRECTORY'])) {
$sDir = $_REQUEST['MAIN_DIRECTORY'];
global $RBAC;
if ( $RBAC->userCanAccess('PM_FACTORY') == 1) {
G::LoadClass('processes');
$app = new Processes();
if (!$app->processExists($_REQUEST['pro_uid'])) {
echo G::LoadTranslation('ID_PROCESS_UID_NOT_DEFINED');
die;
}
$sDir = "";
if (isset($_REQUEST['MAIN_DIRECTORY'])) {
$sDir = $_REQUEST['MAIN_DIRECTORY'];
}
switch ($sDir) {
case 'mailTemplates':
$sDirectory = PATH_DATA_MAILTEMPLATES . $_REQUEST['pro_uid'] . PATH_SEP . $_REQUEST['filename'];
break;
case 'public':
$sDirectory = PATH_DATA_PUBLIC . $_REQUEST['pro_uid'] . PATH_SEP . $_REQUEST['filename'];
break;
default:
$sDirectory = PATH_DATA_MAILTEMPLATES . $_REQUEST['pro_uid'] . PATH_SEP . $_REQUEST['filename'];
break;
}
$fp = fopen($sDirectory, 'w');
$content = stripslashes($_REQUEST['fcontent']);
$content = str_replace("@amp@", "&", $content);
$content = base64_decode($content);
$fields = array('!--', '--', '!DOCTYPE', 'a', 'abbr', 'acronym', 'address', 'applet', 'area',
'article', 'aside', 'audio', 'b', 'base', 'basefont', 'bdi', 'bdo', 'big',
'blockquote', 'body', 'br', 'button', 'canvas', 'caption', 'center', 'cite',
'code', 'col', 'colgroup', 'command', 'datalist', 'dd', 'del', 'details', 'dfn',
'dialog', 'dir', 'div', 'dl', 'dt', 'em', 'embed', 'fieldset', 'figcaption',
'figure', 'font', 'footer', 'form', 'frame', 'frameset', 'h1', 'h2', 'h3', 'h4',
'h5', 'h6', 'head', 'header', 'hr', 'html', 'i', 'iframe', 'img', 'input', 'ins',
'kbd', 'keygen', 'label', 'legend', 'li', 'link', 'map', 'mark', 'menu', 'meta',
'meter', 'nav', 'noframes', 'noscript', 'object', 'ol', 'optgroup', 'option',
'output', 'p', 'param', 'pre', 'progress', 'q', 'rp', 'rt', 'ruby', 's', 'samp',
'script', 'section', 'select', 'small', 'source', 'span', 'strike', 'strong', 'style',
'sub', 'summary', 'sup', 'table', 'tbody', 'td', 'textarea', 'tfoot', 'th', 'thead',
'time', 'title', 'tr', 'track', 'tt', 'u', 'ul', 'var', 'video', 'wbr');
$content = G::sanitizeInput($content, $fields, array(), 0, 1, 0);
fwrite($fp, $content);
fclose($fp);
echo 'saved: ' . $sDirectory;
}
switch ($sDir) {
case 'mailTemplates':
$sDirectory = PATH_DATA_MAILTEMPLATES . $_REQUEST['pro_uid'] . PATH_SEP . $_REQUEST['filename'];
break;
case 'public':
$sDirectory = PATH_DATA_PUBLIC . $_REQUEST['pro_uid'] . PATH_SEP . $_REQUEST['filename'];
break;
default:
$sDirectory = PATH_DATA_MAILTEMPLATES . $_REQUEST['pro_uid'] . PATH_SEP . $_REQUEST['filename'];
break;
}
$fp = fopen($sDirectory, 'w');
$content = stripslashes($_REQUEST['fcontent']);
$content = str_replace("@amp@", "&", $content);
$content = base64_decode($content);
fwrite($fp, $content);
fclose($fp);
echo 'saved: ' . $sDirectory;
break;
case 'events':
$oProcessMap->eventsList($oData->pro_uid, $oData->type);

55
workflow/engine/methods/processes/processes_UploadFiles.php
View File

@@ -1,19 +1,44 @@
<?php
switch ($_POST['form']['MAIN_DIRECTORY']) {
case 'mailTemplates':
$sDirectory = PATH_DATA_MAILTEMPLATES . $_POST['form']['PRO_UID'] . PATH_SEP . ($_POST['form']['CURRENT_DIRECTORY'] != '' ? $_POST['form']['CURRENT_DIRECTORY'] . PATH_SEP : '');
break;
case 'public':
$sDirectory = PATH_DATA_PUBLIC . $_POST['form']['PRO_UID'] . PATH_SEP . ($_POST['form']['CURRENT_DIRECTORY'] != '' ? $_POST['form']['CURRENT_DIRECTORY'] . PATH_SEP : '');
break;
default:
die();
break;
}
for ($i = 1; $i <= 5; $i ++) {
if ($_FILES['form']['tmp_name']['FILENAME' . (string) $i] != '') {
G::uploadFile( $_FILES['form']['tmp_name']['FILENAME' . (string) $i], $sDirectory, $_FILES['form']['name']['FILENAME' . (string) $i] );
if ( $RBAC->userCanAccess('PM_FACTORY') == 1) {
G::LoadClass('processes');
$app = new Processes();
if (!$app->processExists($_REQUEST['pro_uid'])) {
echo G::LoadTranslation('ID_PROCESS_UID_NOT_DEFINED');
die;
}
switch ($_POST['form']['MAIN_DIRECTORY']) {
case 'mailTemplates':
$sDirectory = PATH_DATA_MAILTEMPLATES . $_POST['form']['PRO_UID'] . PATH_SEP . ($_POST['form']['CURRENT_DIRECTORY'] != '' ? $_POST['form']['CURRENT_DIRECTORY'] . PATH_SEP : '');
break;
case 'public':
$sDirectory = PATH_DATA_PUBLIC . $_POST['form']['PRO_UID'] . PATH_SEP . ($_POST['form']['CURRENT_DIRECTORY'] != '' ? $_POST['form']['CURRENT_DIRECTORY'] . PATH_SEP : '');
break;
default:
die();
break;
}
for ($i = 1; $i <= 5; $i ++) {
if ($_FILES['form']['tmp_name']['FILENAME' . (string) $i] != '') {
G::uploadFile( $_FILES['form']['tmp_name']['FILENAME' . (string) $i], $sDirectory, $_FILES['form']['name']['FILENAME' . (string) $i] );
$fp = fopen($sDirectory, $_FILES['form']['name']['FILENAME' . (string) $i] , 'rw');
$content = fread($fp, filesize($sDirectory, $_FILES['form']['name']['FILENAME' . (string) $i] ));
$fields = array('!--', '--', '!DOCTYPE', 'a', 'abbr', 'acronym', 'address', 'applet', 'area',
'article', 'aside', 'audio', 'b', 'base', 'basefont', 'bdi', 'bdo', 'big',
'blockquote', 'body', 'br', 'button', 'canvas', 'caption', 'center', 'cite',
'code', 'col', 'colgroup', 'command', 'datalist', 'dd', 'del', 'details', 'dfn',
'dialog', 'dir', 'div', 'dl', 'dt', 'em', 'embed', 'fieldset', 'figcaption',
'figure', 'font', 'footer', 'form', 'frame', 'frameset', 'h1', 'h2', 'h3', 'h4',
'h5', 'h6', 'head', 'header', 'hr', 'html', 'i', 'iframe', 'img', 'input', 'ins',
'kbd', 'keygen', 'label', 'legend', 'li', 'link', 'map', 'mark', 'menu', 'meta',
'meter', 'nav', 'noframes', 'noscript', 'object', 'ol', 'optgroup', 'option',
'output', 'p', 'param', 'pre', 'progress', 'q', 'rp', 'rt', 'ruby', 's', 'samp',
'script', 'section', 'select', 'small', 'source', 'span', 'strike', 'strong', 'style',
'sub', 'summary', 'sup', 'table', 'tbody', 'td', 'textarea', 'tfoot', 'th', 'thead',
'time', 'title', 'tr', 'track', 'tt', 'u', 'ul', 'var', 'video', 'wbr');
$content = G::sanitizeInput($content, $fields, array(), 0, 1, 0);
fwrite( $fp, $content );
fclose($fp);
}
}
}
die( '<script type="text/javascript">parent.goToDirectoryforie(\'' . $_POST['form']['PRO_UID'] . '\', \'' . $_POST['form']['MAIN_DIRECTORY'] . '\', \'' . $_POST['form']['CURRENT_DIRECTORY'] . '\');</script>' );

78
workflow/engine/methods/processes/processes_doUpload.php
View File

@@ -1,29 +1,57 @@
<?php
sleep( 1 );
sleep( 1 );
global $RBAC;
if ( $RBAC->userCanAccess('PM_FACTORY') == 1) {
if (isset( $_SESSION['processes_upload'] )) {
$form = $_SESSION['processes_upload'];
switch ($form['MAIN_DIRECTORY']) {
case 'mailTemplates':
$sDirectory = PATH_DATA_MAILTEMPLATES . $form['PRO_UID'] . PATH_SEP . ($form['CURRENT_DIRECTORY'] != '' ? $form['CURRENT_DIRECTORY'] . PATH_SEP : '');
break;
case 'public':
$sDirectory = PATH_DATA_PUBLIC . $form['PRO_UID'] . PATH_SEP . ($form['CURRENT_DIRECTORY'] != '' ? $form['CURRENT_DIRECTORY'] . PATH_SEP : '');
break;
default:
die();
break;
if (isset( $_SESSION['processes_upload'] )) {
$form = $_SESSION['processes_upload'];
switch ($form['MAIN_DIRECTORY']) {
case 'mailTemplates':
$sDirectory = PATH_DATA_MAILTEMPLATES . $form['PRO_UID'] . PATH_SEP . ($form['CURRENT_DIRECTORY'] != '' ? $form['CURRENT_DIRECTORY'] . PATH_SEP : '');
break;
case 'public':
$sDirectory = PATH_DATA_PUBLIC . $form['PRO_UID'] . PATH_SEP . ($form['CURRENT_DIRECTORY'] != '' ? $form['CURRENT_DIRECTORY'] . PATH_SEP : '');
break;
default:
die();
break;
}
G::LoadClass('processes');
$app = new Processes();
if (!$app->processExists($form['PRO_UID'])) {
echo G::LoadTranslation('ID_PROCESS_UID_NOT_DEFINED');
die;
}
}
}
if ($_FILES['form']['error'] == "0") {
G::uploadFile( $_FILES['form']['tmp_name'], $sDirectory, $_FILES['form']['name'] );
$msg = "Uploaded (" . (round( (filesize( $sDirectory . $_FILES['form']['name'] ) / 1024) * 10 ) / 10) . " kb)";
$result = 1;
//echo $sDirectory.$_FILES['form']['name'];
} else {
$msg = "Failed";
$result = 0;
}
echo "{'result': $result, 'msg':'$msg'}";
if ($_FILES['form']['error'] == "0") {
G::uploadFile( $_FILES['form']['tmp_name'], $sDirectory, $_FILES['form']['name'] );
$fp = fopen($sDirectory . $_FILES['form']['name'], 'rw');
$content = fread($fp, filesize($sDirectory . $_FILES['form']['name']));
$fields = array('!--', '--', '!DOCTYPE', 'a', 'abbr', 'acronym', 'address', 'applet', 'area',
'article', 'aside', 'audio', 'b', 'base', 'basefont', 'bdi', 'bdo', 'big',
'blockquote', 'body', 'br', 'button', 'canvas', 'caption', 'center', 'cite',
'code', 'col', 'colgroup', 'command', 'datalist', 'dd', 'del', 'details', 'dfn',
'dialog', 'dir', 'div', 'dl', 'dt', 'em', 'embed', 'fieldset', 'figcaption',
'figure', 'font', 'footer', 'form', 'frame', 'frameset', 'h1', 'h2', 'h3', 'h4',
'h5', 'h6', 'head', 'header', 'hr', 'html', 'i', 'iframe', 'img', 'input', 'ins',
'kbd', 'keygen', 'label', 'legend', 'li', 'link', 'map', 'mark', 'menu', 'meta',
'meter', 'nav', 'noframes', 'noscript', 'object', 'ol', 'optgroup', 'option',
'output', 'p', 'param', 'pre', 'progress', 'q', 'rp', 'rt', 'ruby', 's', 'samp',
'script', 'section', 'select', 'small', 'source', 'span', 'strike', 'strong', 'style',
'sub', 'summary', 'sup', 'table', 'tbody', 'td', 'textarea', 'tfoot', 'th', 'thead',
'time', 'title', 'tr', 'track', 'tt', 'u', 'ul', 'var', 'video', 'wbr');
$content = G::sanitizeInput($content, $fields, array(), 0, 1, 0);
fwrite( $fp, $content );
fclose($fp);
$msg = "Uploaded (" . (round( (filesize( $sDirectory . $_FILES['form']['name'] ) / 1024) * 10 ) / 10) . " kb)";
$result = 1;
//echo $sDirectory.$_FILES['form']['name'];
} else {
$msg = "Failed";
$result = 0;
}
echo "{'result': $result, 'msg':'$msg'}";
}