From 78b73256f25adcc194d5c30d094494918ace7dbc Mon Sep 17 00:00:00 2001 From: Marco Antonio Nina Date: Tue, 21 Oct 2014 15:35:39 -0400 Subject: [PATCH] Improvemenet name file support --- gulliver/system/class.g.php | 418 +++++++++++---------- workflow/engine/controllers/adminProxy.php | 14 +- 2 files changed, 230 insertions(+), 202 deletions(-) diff --git a/gulliver/system/class.g.php b/gulliver/system/class.g.php index 02523e5db..e19bcebae 100755 --- a/gulliver/system/class.g.php +++ b/gulliver/system/class.g.php @@ -5309,7 +5309,8 @@ class G return $arrayData; } - public static function buildFrom($configuration, $from = '') { + public static function buildFrom($configuration, $from = '') + { if (!isset($configuration['MESS_FROM_NAME'])) { $configuration['MESS_FROM_NAME'] = ''; } @@ -5352,215 +5353,234 @@ class G * * */ - public function verifyInputDocExtension($InpDocAllowedFiles, $filesName, $filesTmpName){ - $allowedTypes = explode(", ", $InpDocAllowedFiles); - $flag = 0; - $res = new stdclass(); + public function verifyInputDocExtension($InpDocAllowedFiles, $filesName, $filesTmpName) + { + $allowedTypes = explode(", ", $InpDocAllowedFiles); + $flag = 0; + $res = new stdclass(); - if (!extension_loaded('fileinfo')) { - $dtype = explode(".", $filesName); + if (!extension_loaded('fileinfo')) { + $dtype = explode(".", $filesName); - foreach ($allowedTypes as $types => $val) { - if((preg_match('/^\*\.?[a-z]{2,8}$/', $val)) || ($val == '*.*')){ - $allowedDocTypes = substr($val, 2); - if(($dtype[count($dtype) -1]) == $allowedDocTypes || $allowedDocTypes == '*'){ - $res->status = true; - return $res; - break; - } else { - $flag = 1; - } - } else { - $res->status = false; - $res->message = G::LoadTranslation('ID_UPLOAD_ERR_WRONG_ALLOWED_EXTENSION_FORMAT' ); - return $res; - } - } - } else { - $finfo = new finfo(FILEINFO_MIME_TYPE); - $finfo_ = $finfo->file($filesTmpName); - $docType = explode("/", $finfo_); + foreach ($allowedTypes as $types => $val) { + if ((preg_match('/^\*\.?[a-z]{2,8}$/', $val)) || ($val == '*.*')) { + $allowedDocTypes = substr($val, 2); + if (($dtype[count($dtype) -1]) == $allowedDocTypes || $allowedDocTypes == '*') { + $res->status = true; + return $res; + break; + } else { + $flag = 1; + } + } else { + $res->status = false; + $res->message = G::LoadTranslation('ID_UPLOAD_ERR_WRONG_ALLOWED_EXTENSION_FORMAT' ); + return $res; + } + } + } else { + $finfo = new finfo(FILEINFO_MIME_TYPE); + $finfo_ = $finfo->file($filesTmpName); + $docType = explode("/", $finfo_); - foreach ($allowedTypes as $types => $val) { - if((preg_match('/^\*\.?[a-z]{2,8}$/', $val)) || ($val == '*.*')){ - $allowedDocTypes = substr($val, 2); - $dtype = explode(".", $filesName); + foreach ($allowedTypes as $types => $val) { + if ((preg_match('/^\*\.?[a-z]{2,8}$/', $val)) || ($val == '*.*')) { + $allowedDocTypes = substr($val, 2); + $dtype = explode(".", $filesName); - switch($allowedDocTypes){ - case '*': - $res->status = true; - return $res; - break; - case 'xls': - if($docType[1] == 'vnd.ms-excel' || ($dtype[count($dtype) - 1] == 'xls' && $docType[1] == 'plain')){ - $res->status = true; - return $res; - } else { - $flag = 1; - } - break; - case 'doc': - if($docType[1] == 'msword' || ($dtype[count($dtype) - 1] == 'doc' && $docType[1] == 'html')){ - $res->status = true; - return $res; - } else { - $flag = 1; - } - break; - case 'ppt': - if($docType[1] != 'vnd.ms-office'){ - $flag = 1; - } else { - $res->status = true; - return $res; - } - break; - case 'docx': - case 'pptx': - case 'xlsx': - if($docType[1] != 'zip'){ - $flag = 1; - } else { - $res->status = true; - return $res; - } - break; - case 'exe': - case 'wmv': - if($docType[1] != 'octet-stream'){ - $flag = 1; - } else { - $res->status = true; - return $res; - } - break; - case 'jpg': - if ($docType[1] != 'jpeg'){ - $flag = 1; - } else { - $res->status = true; - return $res; - } - break; - case 'mp3': - if ($docType[1] != 'mpeg'){ - $flag = 1; - } else { - $res->status = true; - return $res; - } - break; - case 'rar': - if ($docType[1] != 'x-rar'){ - $flag = 1; - } else { - $res->status = true; - return $res; - } - break; - case 'txt': - case 'pm': - if ($docType[1] != 'plain'){ - $flag = 1; - } else { - $res->status = true; - return $res; - } - break; - case 'htm': - case 'html': - if ($docType[1] != 'html'){ - $flag = 1; - } else { - $res->status = true; - return $res; - } - break; - case 'po': - if ($docType[1] != 'x-po'){ - $flag = 1; - } else { - $res->status = true; - return $res; - } - break; - case 'pdf': - case 'png': - case 'jpeg': - case 'gif': - case 'zip': - case 'mp4': - if ($docType[1] != $allowedDocTypes){ - $flag = 1; - } else { - $res->status = true; - return $res; - } - break; - default: - if(($dtype[count($dtype) - 1]) != $allowedDocTypes){ - $flag = 1; - } else { - $res->status = true; - return $res; - } - } - } else { - $res->status = false; - $res->message = G::LoadTranslation('ID_UPLOAD_ERR_WRONG_ALLOWED_EXTENSION_FORMAT' ); - return $res; - } - } - } - if( $flag == 1){ - $res->status = false; - $res->message = G::LoadTranslation('ID_UPLOAD_ERR_NOT_ALLOWED_EXTENSION' ) . ' ' . $filesName; - return $res; - } + switch($allowedDocTypes){ + case '*': + $res->status = true; + return $res; + break; + case 'xls': + if($docType[1] == 'vnd.ms-excel' || ($dtype[count($dtype) - 1] == 'xls' && $docType[1] == 'plain')){ + $res->status = true; + return $res; + } else { + $flag = 1; + } + break; + case 'doc': + if($docType[1] == 'msword' || ($dtype[count($dtype) - 1] == 'doc' && $docType[1] == 'html')){ + $res->status = true; + return $res; + } else { + $flag = 1; + } + break; + case 'ppt': + if ($docType[1] != 'vnd.ms-office') { + $flag = 1; + } else { + $res->status = true; + return $res; + } + break; + case 'docx': + case 'pptx': + case 'xlsx': + if ($docType[1] != 'zip') { + $flag = 1; + } else { + $res->status = true; + return $res; + } + break; + case 'exe': + case 'wmv': + if($docType[1] != 'octet-stream'){ + $flag = 1; + } else { + $res->status = true; + return $res; + } + break; + case 'jpg': + if ($docType[1] != 'jpeg'){ + $flag = 1; + } else { + $res->status = true; + return $res; + } + break; + case 'mp3': + if ($docType[1] != 'mpeg'){ + $flag = 1; + } else { + $res->status = true; + return $res; + } + break; + case 'rar': + if ($docType[1] != 'x-rar'){ + $flag = 1; + } else { + $res->status = true; + return $res; + } + break; + case 'txt': + case 'pm': + if ($docType[1] != 'plain'){ + $flag = 1; + } else { + $res->status = true; + return $res; + } + break; + case 'htm': + case 'html': + if ($docType[1] != 'html'){ + $flag = 1; + } else { + $res->status = true; + return $res; + } + break; + case 'po': + if ($docType[1] != 'x-po'){ + $flag = 1; + } else { + $res->status = true; + return $res; + } + break; + case 'pdf': + case 'png': + case 'jpeg': + case 'gif': + case 'zip': + case 'mp4': + if ($docType[1] != $allowedDocTypes){ + $flag = 1; + } else { + $res->status = true; + return $res; + } + break; + default: + if(($dtype[count($dtype) - 1]) != $allowedDocTypes){ + $flag = 1; + } else { + $res->status = true; + return $res; + } + } + } else { + $res->status = false; + $res->message = G::LoadTranslation('ID_UPLOAD_ERR_WRONG_ALLOWED_EXTENSION_FORMAT' ); + return $res; + } + } + } + if ( $flag == 1) { + $res->status = false; + $res->message = G::LoadTranslation('ID_UPLOAD_ERR_NOT_ALLOWED_EXTENSION' ) . ' ' . $filesName; + return $res; + } } /** * Get the actual browser. */ - public function getActualBrowser(){ - $browser=array("TRIDENT","IE","OPERA","MOZILLA","NETSCAPE","FIREFOX","SAFARI","CHROME"); - $info['browser'] = "OTHER"; - - foreach($browser as $parent){ - if($parent == 'TRIDENT'){ - $parent = "RV"; - } - $s = strpos(strtoupper($_SERVER['HTTP_USER_AGENT']), $parent); - $f = $s + strlen($parent); - $version = substr($_SERVER['HTTP_USER_AGENT'], $f, 15); - $version = preg_replace('/[^0-9,.]/','',$version); - if ($s){ - $info['browser'] = $parent; - $info['version'] = $version; - } - } - - $info['browser'] = ($info['browser']=='RV')? 'IE':$info['browser']; - return $info; + public function getActualBrowser () + { + $browser=array("TRIDENT","IE","OPERA","MOZILLA","NETSCAPE","FIREFOX","SAFARI","CHROME"); + $info['browser'] = "OTHER"; + + foreach ($browser as $parent) { + if( $parent == 'TRIDENT') { + $parent = "RV"; + } + $s = strpos(strtoupper($_SERVER['HTTP_USER_AGENT']), $parent); + $f = $s + strlen($parent); + $version = substr($_SERVER['HTTP_USER_AGENT'], $f, 15); + $version = preg_replace('/[^0-9,.]/','',$version); + if ($s) { + $info['browser'] = $parent; + $info['version'] = $version; + } + } + $info['browser'] = ($info['browser']=='RV')? 'IE':$info['browser']; + return $info; } - - /** - * Check the browser compativility - */ - public function checkBrowserCompatibility($browser = null, $version = null){ - if($browser == null || $version == null){ - $info = G::getActualBrowser(); - $browser = $info['browser']; - $version = $info['version']; - } - if ((($browser== 'IE') && (($version >= 8) && ($version <= 11))) || - (($browser== 'CHROME') && ($version >= 26)) || - (($browser== 'FIREFOX') && ($version >= 20)) - ){ - return true; - } - return false; + + /* + * Check the browser compativility + */ + public function checkBrowserCompatibility($browser = null, $version = null) + { + if ($browser == null || $version == null) { + $info = G::getActualBrowser(); + $browser = $info['browser']; + $version = $info['version']; + } + if ((($browser== 'IE') && (($version >= 8) && ($version <= 11))) || + (($browser== 'CHROME') && ($version >= 26)) || + (($browser== 'FIREFOX') && ($version >= 20)) + ) { + return true; + } + return false; } + + /* + * $string - The string to sanitize. + * $lowercase - Force the string to lowercase? + * $alpha - If set to *true*, will remove all non-alphanumeric characters. + */ + public function sanitizeString ($string, $lowercase = true, $alpha = false) + { + $strip = array("~", "`", "!", "@", "#", "$", "%", "^", "&", "*", "(", ")", "_", "=", "+", "[", "{", "]", + "}", "\\", "|", ";", ":", "\"", "'", "‘", "’", "“", "”", "–", "—", + "—", "–", ",", "<", ".", ">", "/", "?"); + $clean = trim(str_replace($strip, "", strip_tags($string))); + $clean = preg_replace('/\s+/', "-", $clean); + $clean = ($alpha) ? preg_replace("/[^a-zA-Z0-9]/", "", $clean) : $clean ; + $clean = ($force_lowercase) ? (function_exists('mb_strtolower')) ? mb_strtolower($clean, 'UTF-8') : strtolower($clean) : $clean; + return $clean; + } } /** diff --git a/workflow/engine/controllers/adminProxy.php b/workflow/engine/controllers/adminProxy.php index 120246f6d..15a0f3c1b 100644 --- a/workflow/engine/controllers/adminProxy.php +++ b/workflow/engine/controllers/adminProxy.php @@ -1399,13 +1399,21 @@ class adminProxy extends HttpProxyController //Database server Version (MySQL version) $installer = new Installer(); $systemInfo = $installer->getSystemInfo(); - $params['dbVersion'] = mysql_get_server_info();//$systemInfo->mysql->version; + try { + $params['dbVersion'] = mysql_get_server_info(); + } catch (Exception $e) { + $params['dbVersion'] = ''; + } //PHP Version $params['php'] = $systemInfo->php->version; //Apache - IIS Version - $params['apache'] = apache_get_version(); + try { + $params['apache'] = apache_get_version(); + } catch (Exception $e) { + $params['apache'] = ''; + } //Installed Plugins (license info?) $arrayAddon = array (); @@ -1472,7 +1480,7 @@ class adminProxy extends HttpProxyController //Country/city (Timezone) $params["Timezone"] = (defined('TIME_ZONE') && TIME_ZONE != "Unknown") ? TIME_ZONE : date_default_timezone_get(); - $support = PATH_DATA_SITE . SYS_SYS . '-' . date('YmdHis') . '.spm'; + $support = PATH_DATA_SITE . G::sanitizeString($licenseManager->info['FIRST_NAME'] . '-' . $licenseManager->info['LAST_NAME'] . '-' . SYS_SYS . '-' . date('YmdHis'), false, false) . '.spm'; file_put_contents($support, serialize($params)); G::streamFile($support, true); G::rm_dir($support);