fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged master into dashboards2

Browse Source
This commit is contained in:
Dante Loayza
2015-04-28 09:49:05 -04:00
parent f60ed87fcd 6fdb3308af
commit 7981b7a2e9
34 changed files with 211 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
gulliver/core/Session/PmSessionHandler.php
View File

@@ -229,7 +229,7 @@ class PmSessionHandler //implements SessionHandlerInterface
/** /**
* Garbase Collection method * Garbase Collection method
* *
* @param int $maxlifetime max time that especify if the session is active or not * @param int $maxlifetime max time that specifies if the session is active or not
* @return bool always returns true * @return bool always returns true
*/ */
public function gc($maxlifetime) public function gc($maxlifetime)
@@ -255,4 +255,4 @@ class PmSessionHandler //implements SessionHandlerInterface
error_log('PM Session Handler :: ' . print_r($data, true)); error_log('PM Session Handler :: ' . print_r($data, true));
} }
} }

4
gulliver/js/highlight/core/test.html
View File

@@ -160,7 +160,7 @@ abstract class Zend_Uri
*/ */
$uri = explode(':', $uri, 2); $uri = explode(':', $uri, 2);
$scheme = strtolower($uri[0]); $scheme = strtolower($uri[0]);
$schemeSpecific = isset($uri[1]) ? $uri[1] : ''; $schemeSpecify = isset($uri[1]) ? $uri[1] : '';
if (!strlen($scheme)) { if (!strlen($scheme)) {
throw new Zend_Uri_Exception('An empty string was supplied for the scheme'); throw new Zend_Uri_Exception('An empty string was supplied for the scheme');
@@ -617,4 +617,4 @@ public boolean unpack(container packedClass)
<pre><code class="no-highlight">&lt;div id="contents"&gt; <pre><code class="no-highlight">&lt;div id="contents"&gt;
&lt;p&gt;Hello, World! &lt;p&gt;Hello, World!
&lt;/div&gt; &lt;/div&gt;
</code></pre> </code></pre>

11
gulliver/system/class.bootstrap.php
View File

@@ -463,7 +463,7 @@ class Bootstrap
$filter = new InputFilter(); $filter = new InputFilter();
$file = $filter->xssFilterHard($file); $file = $filter->xssFilterHard($file);
$downloadFileName = $filter->xssFilterHard($downloadFileName); $downloadFileName = $filter->xssFilterHard($downloadFileName);
$fileNameIni = $file; $fileNameIni = $file;
$browserCacheFilesUid = G::browserCacheFilesGetUid(); $browserCacheFilesUid = G::browserCacheFilesGetUid();
@@ -1273,7 +1273,7 @@ class Bootstrap
$checkSum = ''; $checkSum = '';
foreach ($files as $file) { foreach ($files as $file) {
if (is_file($file)) { if (is_file($file)) {
$checkSum .= md5_file($file); $checkSum .= Bootstrap::encryptFileOld($file);
} }
} }
return Bootstrap::encryptOld($checkSum . $key); return Bootstrap::encryptOld($checkSum . $key);
@@ -1376,7 +1376,7 @@ class Bootstrap
{ {
global $translation; global $translation;
// if the second parameter $lang is an array does mean it was especified to use as data // if the second parameter ($lang) is an array, it was specified to use it as data
if (is_array($lang)) { if (is_array($lang)) {
$data = $lang; $data = $lang;
$lang = SYS_LANG; $lang = SYS_LANG;
@@ -1409,7 +1409,7 @@ class Bootstrap
* *
* @param $path path to scan recursively the write permission * @param $path path to scan recursively the write permission
* @param $flags to notive glob function * @param $flags to notive glob function
* @param $pattern pattern to filter some especified files * @param $pattern pattern to filter some specified files
* @return <array> array containing the recursive glob results * @return <array> array containing the recursive glob results
*/ */
public function rglob($pattern = '*', $flags = 0, $path = '') public function rglob($pattern = '*', $flags = 0, $path = '')
@@ -2894,7 +2894,7 @@ class Bootstrap
if ($hashType == '') { if ($hashType == '') {
$hashType = Bootstrap::getPasswordHashType(); $hashType = Bootstrap::getPasswordHashType();
} }
G::LoadSystem('inputfilter'); G::LoadSystem('inputfilter');
$filter = new InputFilter(); $filter = new InputFilter();
$hashType = $filter->validateInput($hashType); $hashType = $filter->validateInput($hashType);
@@ -2934,4 +2934,3 @@ class Bootstrap
return md5($string); return md5($string);
} }
} }

35
gulliver/system/class.g.php
View File

@@ -2095,7 +2095,7 @@ class G
{ {
global $translation; global $translation;
// if the second parameter $lang is an array does mean it was especified to use as data // if the second parameter ($lang) is an array, it was specified to use as data
if (is_array( $lang )) { if (is_array( $lang )) {
$data = $lang; $data = $lang;
$lang = SYS_LANG; $lang = SYS_LANG;
@@ -2634,8 +2634,8 @@ class G
$oldumask = umask( 0 ); $oldumask = umask( 0 );
if (! is_dir( $path )) { if (! is_dir( $path )) {
G::verifyPath( $path, true ); G::verifyPath( $path, true );
} }
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
$file = str_replace("\\\\","\\",$file,$count); $file = str_replace("\\\\","\\",$file,$count);
if(!$count) { if(!$count) {
@@ -2647,13 +2647,13 @@ class G
} }
} }
$file = substr($file,0,-1); $file = substr($file,0,-1);
} }
} }
G::LoadSystem('inputfilter'); G::LoadSystem('inputfilter');
$filter = new InputFilter(); $filter = new InputFilter();
$file = $filter->validateInput($file, "path"); $file = $filter->validateInput($file, "path");
move_uploaded_file( $file, $path . "/" . $nameToSave ); move_uploaded_file( $file, $path . "/" . $nameToSave );
@chmod( $path . "/" . $nameToSave, $permission ); @chmod( $path . "/" . $nameToSave, $permission );
umask( $oldumask ); umask( $oldumask );
@@ -3133,6 +3133,9 @@ class G
*/ */
public function evalJScript ($c) public function evalJScript ($c)
{ {
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$c = $filter->xssFilterHard($c);
print ("<script language=\"javascript\">{$c}</script>") ; print ("<script language=\"javascript\">{$c}</script>") ;
} }
@@ -3634,7 +3637,7 @@ class G
* @author Erik Amaru Ortiz <erik@colosa.com> * @author Erik Amaru Ortiz <erik@colosa.com>
* *
* @param $path path to scan recursively the write permission * @param $path path to scan recursively the write permission
* @param $pattern pattern to filter some especified files * @param $pattern pattern to filter some specified files
* @return <boolean> if the $path, assuming that is a directory -> all files in it are writeables or not * @return <boolean> if the $path, assuming that is a directory -> all files in it are writeables or not
*/ */
public function is_rwritable($path, $pattern = '*') public function is_rwritable($path, $pattern = '*')
@@ -3655,7 +3658,7 @@ class G
* *
* @param $path path to scan recursively the write permission * @param $path path to scan recursively the write permission
* @param $flags to notive glob function * @param $flags to notive glob function
* @param $pattern pattern to filter some especified files * @param $pattern pattern to filter some specified files
* @return <array> array containing the recursive glob results * @return <array> array containing the recursive glob results
*/ */
public static function rglob($pattern = '*', $flags = 0, $path = '') public static function rglob($pattern = '*', $flags = 0, $path = '')
@@ -4582,7 +4585,7 @@ class G
$checkSum = ''; $checkSum = '';
foreach ($files as $file) { foreach ($files as $file) {
if (is_file( $file )) { if (is_file( $file )) {
$checkSum .= md5_file( $file ); $checkSum .= G::encryptFileOld( $file );
} }
} }
return G::encryptOld( $checkSum . $key ); return G::encryptOld( $checkSum . $key );
@@ -5600,6 +5603,17 @@ class G
return md5($string); return md5($string);
} }
/** /**
* encryptFileOld
*
* @param string $string
*
* @return md5_file($string)
*/
public function encryptFileOld ($string)
{
return md5_file($string);
}
/**
* crc32 * crc32
* *
* @param string $string * @param string $string
@@ -5705,4 +5719,3 @@ function __ ($msgID, $lang = SYS_LANG, $data = null)
{ {
return G::LoadTranslation( $msgID, $lang, $data ); return G::LoadTranslation( $msgID, $lang, $data );
} }

58
gulliver/thirdparty/creole/drivers/pgsql/metadata/PgSQLTableInfo.php vendored
View File

@@ -80,8 +80,7 @@ class PgSQLTableInfo extends TableInfo {
require_once($pathTrunk.'gulliver/system/class.inputfilter.php'); require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
$filter = new InputFilter(); $filter = new InputFilter();
$this->oid = $filter->validateInput($this->oid, 'int'); $this->oid = $filter->validateInput($this->oid, 'int');
$query = "SELECT
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
att.attname, att.attname,
att.atttypmod, att.atttypmod,
att.atthasdef, att.atthasdef,
@@ -102,7 +101,9 @@ class PgSQLTableInfo extends TableInfo {
LEFT OUTER JOIN pg_attrdef def ON adrelid=att.attrelid AND adnum=att.attnum LEFT OUTER JOIN pg_attrdef def ON adrelid=att.attrelid AND adnum=att.attnum
WHERE att.attrelid = %d AND att.attnum > 0 WHERE att.attrelid = %d AND att.attnum > 0
AND att.attisdropped IS FALSE AND att.attisdropped IS FALSE
ORDER BY att.attnum", $this->oid)); ORDER BY att.attnum";
$query = $filter->preventSqlInjection($query);
$result = pg_query ($this->conn->getResource(), sprintf ($query, $this->oid));
if (!$result) { if (!$result) {
throw new SQLException("Could not list fields for table: " . $this->name, pg_last_error($this->conn->getResource())); throw new SQLException("Could not list fields for table: " . $this->name, pg_last_error($this->conn->getResource()));
@@ -224,8 +225,7 @@ class PgSQLTableInfo extends TableInfo {
require_once($pathTrunk.'gulliver/system/class.inputfilter.php'); require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
$filter = new InputFilter(); $filter = new InputFilter();
$strDomain = $filter->validateInput($strDomain); $strDomain = $filter->validateInput($strDomain);
$query = "SELECT
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
d.typname as domname, d.typname as domname,
b.typname as basetype, b.typname as basetype,
d.typlen, d.typlen,
@@ -237,7 +237,9 @@ class PgSQLTableInfo extends TableInfo {
WHERE WHERE
d.typtype = 'd' d.typtype = 'd'
AND d.typname = '%s' AND d.typname = '%s'
ORDER BY d.typname", $strDomain)); ORDER BY d.typname";
$query = $filter->preventSqlInjection($query);
$result = pg_query ($this->conn->getResource(), sprintf ($query, $strDomain));
if (!$result) { if (!$result) {
throw new SQLException("Query for domain [" . $strDomain . "] failed.", pg_last_error($this->conn->getResource())); throw new SQLException("Query for domain [" . $strDomain . "] failed.", pg_last_error($this->conn->getResource()));
@@ -276,7 +278,7 @@ class PgSQLTableInfo extends TableInfo {
$filter = new InputFilter(); $filter = new InputFilter();
$this->oid = $filter->validateInput($this->oid, 'int'); $this->oid = $filter->validateInput($this->oid, 'int');
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT $query = "SELECT
conname, conname,
confupdtype, confupdtype,
confdeltype, confdeltype,
@@ -294,7 +296,9 @@ class PgSQLTableInfo extends TableInfo {
AND conrelid = %d AND conrelid = %d
AND a2.attnum = ct.conkey[1] AND a2.attnum = ct.conkey[1]
AND a1.attnum = ct.confkey[1] AND a1.attnum = ct.confkey[1]
ORDER BY conname", $this->oid)); ORDER BY conname";
$query = $filter->preventSqlInjection($query);
$result = pg_query ($this->conn->getResource(), sprintf ($query, $this->oid));
if (!$result) { if (!$result) {
throw new SQLException("Could not list foreign keys for table: " . $this->name, pg_last_error($this->conn->getResource())); throw new SQLException("Could not list foreign keys for table: " . $this->name, pg_last_error($this->conn->getResource()));
} }
@@ -371,15 +375,17 @@ class PgSQLTableInfo extends TableInfo {
$filter = new InputFilter(); $filter = new InputFilter();
$this->oid = $filter->validateInput($this->oid, 'int'); $this->oid = $filter->validateInput($this->oid, 'int');
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT $query = "SELECT
DISTINCT ON(cls.relname) DISTINCT ON(cls.relname)
cls.relname as idxname, cls.relname as idxname,
indkey, indkey,
indisunique indisunique
FROM pg_index idx FROM pg_index idx
JOIN pg_class cls ON cls.oid=indexrelid JOIN pg_class cls ON cls.oid=indexrelid
WHERE indrelid = %d AND NOT indisprimary WHERE indrelid = %d AND NOT indisprimary
ORDER BY cls.relname", $this->oid)); ORDER BY cls.relname";
$query = $filter->preventSqlInjection($query);
$result = pg_query ($this->conn->getResource(), sprintf ($query, $this->oid));
if (!$result) { if (!$result) {
@@ -407,10 +413,12 @@ class PgSQLTableInfo extends TableInfo {
{ {
$intColNum = $filter->validateInput($intColNum, 'int'); $intColNum = $filter->validateInput($intColNum, 'int');
$result2 = pg_query ($this->conn->getResource(), sprintf ("SELECT a.attname $query = "SELECT a.attname
FROM pg_catalog.pg_class c JOIN pg_catalog.pg_attribute a ON a.attrelid = c.oid FROM pg_catalog.pg_class c JOIN pg_catalog.pg_attribute a ON a.attrelid = c.oid
WHERE c.oid = '%s' AND a.attnum = %d AND NOT a.attisdropped WHERE c.oid = '%s' AND a.attnum = %d AND NOT a.attisdropped
ORDER BY a.attnum", $this->oid, $intColNum)); ORDER BY a.attnum";
$query = $filter->preventSqlInjection($query);
$result2 = pg_query ($this->conn->getResource(), sprintf ($query, $this->oid, $intColNum));
if (!$result2) if (!$result2)
{ {
throw new SQLException("Could not list indexes keys for table: " . $this->name, pg_last_error($this->conn->getResource())); throw new SQLException("Could not list indexes keys for table: " . $this->name, pg_last_error($this->conn->getResource()));
@@ -444,7 +452,7 @@ class PgSQLTableInfo extends TableInfo {
$filter = new InputFilter(); $filter = new InputFilter();
$this->oid = $filter->validateInput($this->oid); $this->oid = $filter->validateInput($this->oid);
$result = pg_query($this->conn->getResource(), sprintf ("SELECT $query = "SELECT
DISTINCT ON(cls.relname) DISTINCT ON(cls.relname)
cls.relname as idxname, cls.relname as idxname,
indkey, indkey,
@@ -452,7 +460,9 @@ class PgSQLTableInfo extends TableInfo {
FROM pg_index idx FROM pg_index idx
JOIN pg_class cls ON cls.oid=indexrelid JOIN pg_class cls ON cls.oid=indexrelid
WHERE indrelid = %s AND indisprimary WHERE indrelid = %s AND indisprimary
ORDER BY cls.relname", $this->oid)); ORDER BY cls.relname";
$query = $filter->preventSqlInjection($query);
$result = pg_query($this->conn->getResource(), sprintf ($query, $this->oid));
if (!$result) { if (!$result) {
throw new SQLException("Could not list primary keys for table: " . $this->name, pg_last_error($this->conn->getResource())); throw new SQLException("Could not list primary keys for table: " . $this->name, pg_last_error($this->conn->getResource()));
} }
@@ -477,10 +487,12 @@ class PgSQLTableInfo extends TableInfo {
{ {
$intColNum = $filter->validateInput($intColNum, 'int'); $intColNum = $filter->validateInput($intColNum, 'int');
$result2 = pg_query ($this->conn->getResource(), sprintf ("SELECT a.attname $query = "SELECT a.attname
FROM pg_catalog.pg_class c JOIN pg_catalog.pg_attribute a ON a.attrelid = c.oid FROM pg_catalog.pg_class c JOIN pg_catalog.pg_attribute a ON a.attrelid = c.oid
WHERE c.oid = '%s' AND a.attnum = %d AND NOT a.attisdropped WHERE c.oid = '%s' AND a.attnum = %d AND NOT a.attisdropped
ORDER BY a.attnum", $this->oid, $intColNum)); ORDER BY a.attnum";
$query = $filter->preventSqlInjection($query);
$result2 = pg_query ($this->conn->getResource(), sprintf ($query, $this->oid, $intColNum));
if (!$result2) if (!$result2)
{ {
throw new SQLException("Could not list indexes keys for table: " . $this->name, pg_last_error($this->conn->getResource())); throw new SQLException("Could not list indexes keys for table: " . $this->name, pg_last_error($this->conn->getResource()));

4
gulliver/thirdparty/creole/drivers/sqlite/metadata/SQLiteTableInfo.php vendored
View File

@@ -123,7 +123,9 @@ class SQLiteTableInfo extends TableInfo {
$this->indexes[$name] = new IndexInfo($name); $this->indexes[$name] = new IndexInfo($name);
// get columns for that index // get columns for that index
$res2 = sqlite_query($this->conn->getResource(), "PRAGMA index_info('$name')"); $query = "PRAGMA index_info('$name')";
$query = $filter->preventSqlInjection($query);
$res2 = sqlite_query($this->conn->getResource(), $query);
while($row2 = sqlite_fetch_array($res2, SQLITE_ASSOC)) { while($row2 = sqlite_fetch_array($res2, SQLITE_ASSOC)) {
$colname = $row2['name']; $colname = $row2['name'];
$this->indexes[$name]->addColumn($this->columns[ $colname ]); $this->indexes[$name]->addColumn($this->columns[ $colname ]);

19
gulliver/thirdparty/pear/PEAR/Frontend/CLI.php vendored
View File

@@ -72,6 +72,15 @@ class PEAR_Frontend_CLI extends PEAR
function _displayLine($text) function _displayLine($text)
{ {
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( '/', $realdocuroot );
array_pop( $docuroot );
$pathhome = implode( '/', $docuroot ) . '/';
array_pop( $docuroot );
$pathTrunk = implode( '/', $docuroot ) . '/';
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
$filter = new InputFilter();
$text = $filter->xssFilterHard($text);
print "$this->lp$text\n"; print "$this->lp$text\n";
} }
@@ -124,15 +133,25 @@ class PEAR_Frontend_CLI extends PEAR
function userDialog($command, $prompts, $types = array(), $defaults = array()) function userDialog($command, $prompts, $types = array(), $defaults = array())
{ {
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( '/', $realdocuroot );
array_pop( $docuroot );
$pathhome = implode( '/', $docuroot ) . '/';
array_pop( $docuroot );
$pathTrunk = implode( '/', $docuroot ) . '/';
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
$filter = new InputFilter();
$result = array(); $result = array();
if (is_array($prompts)) { if (is_array($prompts)) {
$fp = fopen("php://stdin", "r"); $fp = fopen("php://stdin", "r");
foreach ($prompts as $key => $prompt) { foreach ($prompts as $key => $prompt) {
$type = $types[$key]; $type = $types[$key];
$default = @$defaults[$key]; $default = @$defaults[$key];
$default = $filter->xssFilterHard($default);
if ($type == 'password') { if ($type == 'password') {
system('stty -echo'); system('stty -echo');
} }
$prompt = $filter->xssFilterHard($prompt);
print "$this->lp$prompt "; print "$this->lp$prompt ";
if ($default) { if ($default) {
print "[$default] "; print "[$default] ";

13
gulliver/thirdparty/pear/SOAP/Interop/interop_client_run.php vendored
View File

@@ -82,10 +82,19 @@ function print_test_names()
function print_endpoint_names() function print_endpoint_names()
{ {
global $iop; global $iop;
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( '/', $realdocuroot );
array_pop( $docuroot );
$pathhome = implode( '/', $docuroot ) . '/';
array_pop( $docuroot );
$pathTrunk = implode( '/', $docuroot ) . '/';
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
$filter = new InputFilter();
$currTest = $filter->xssFilterHard($iop->currentTest);
if (!$iop->getEndpoints($iop->currentTest)) { if (!$iop->getEndpoints($iop->currentTest)) {
die("Unable to retrieve endpoints for $iop->currentTest\n"); die("Unable to retrieve endpoints for $currTest\n");
} }
print "Interop Servers for $iop->currentTest:\n"; print "Interop Servers for $currTestt:\n";
foreach ($iop->endpoints as $server) { foreach ($iop->endpoints as $server) {
print " $server->name\n"; print " $server->name\n";
} }

17
gulliver/thirdparty/pear/class.wsdlcache.php vendored
View File

@@ -134,7 +134,7 @@ class wsdlcache {
$this->debug("Lock for $filename already exists"); $this->debug("Lock for $filename already exists");
return false; return false;
} }
$this->fplock[md5($filename)] = fopen($filename.".lock", "w"); $this->fplock[G::encryptOld($filename)] = fopen($filename.".lock", "w");
if ($mode == "r") { if ($mode == "r") {
return flock($this->fplock[G::encryptOld($filename)], LOCK_SH); return flock($this->fplock[G::encryptOld($filename)], LOCK_SH);
} else { } else {
@@ -173,9 +173,18 @@ class wsdlcache {
* @access private * @access private
*/ */
function releaseMutex($filename) { function releaseMutex($filename) {
$ret = flock($this->fplock[md5($filename)], LOCK_UN); if(!class_exists('G')){
fclose($this->fplock[md5($filename)]); $realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
unset($this->fplock[md5($filename)]); $docuroot = explode( '/', $realdocuroot );
array_pop( $docuroot );
$pathhome = implode( '/', $docuroot ) . '/';
array_pop( $docuroot );
$pathTrunk = implode( '/', $docuroot ) . '/';
require_once($pathTrunk.'gulliver/system/class.g.php');
}
$ret = flock($this->fplock[G::encryptOld($filename)], LOCK_UN);
fclose($this->fplock[G::encryptOld($filename)]);
unset($this->fplock[G::encryptOld($filename)]);
if (! $ret) { if (! $ret) {
$this->debug("Not able to release lock for $filename"); $this->debug("Not able to release lock for $filename");
} }

2
gulliver/thirdparty/phpmailer/class.phpmailer.php vendored
View File

@@ -2527,7 +2527,7 @@ class PHPMailer {
$mimeType = self::_mime_types($ext); $mimeType = self::_mime_types($ext);
if ( strlen($basedir) > 1 && substr($basedir, -1) != '/') { $basedir .= '/'; } if ( strlen($basedir) > 1 && substr($basedir, -1) != '/') { $basedir .= '/'; }
if ( strlen($directory) > 1 && substr($directory, -1) != '/') { $directory .= '/'; } if ( strlen($directory) > 1 && substr($directory, -1) != '/') { $directory .= '/'; }
if ( $this->AddEmbeddedImage($basedir.$directory.$filename, md5($url), $filename, 'base64', $mimeType) ) { if ( $this->AddEmbeddedImage($basedir.$directory.$filename, G::encryptOld($url), $filename, 'base64', $mimeType) ) {
$message = preg_replace("/".$images[1][$i]."=[\"']".preg_quote($url, '/')."[\"']/Ui", $images[1][$i]."=\"".$cid."\"", $message); $message = preg_replace("/".$images[1][$i]."=[\"']".preg_quote($url, '/')."[\"']/Ui", $images[1][$i]."=\"".$cid."\"", $message);
} }
} }

6
workflow/engine/bin/rest-gen
View File

@@ -24,8 +24,8 @@ Usage: {$argv[0]} [build-crud] [gen-ini] [-p <plugin name>] [-w <workspace name>
Options: Options:
build-crud : Task, build Rest Crud API. build-crud : Task, build Rest Crud API.
gen-ini : Task, generates the rest config ini file. gen-ini : Task, generates the rest config ini file.
-p : Especify a plugin to set as enviroment to perform the tasks. -p : Specifies a plugin to set as environment to perform the tasks.
-w : Especify a workspace to set as enviroment to perform the tasks. -w : Specifies a workspace to set as environment to perform the tasks.
EOT; EOT;
@@ -42,7 +42,7 @@ try {
case 'gen-ini': case 'gen-ini':
if (isset($argv[2])) { if (isset($argv[2])) {
if (! isset($argv[3])) { if (! isset($argv[3])) {
throw new Exception("Missing option, need especify a valid argument after option '{$argv[2]}'"); throw new Exception("Missing option, need specify a valid argument after option '{$argv[2]}'");
} }
switch ($argv[2]) { switch ($argv[2]) {

2
workflow/engine/bin/tasks/cliUpgrade.php
View File

@@ -217,7 +217,7 @@ function run_unify_database($args)
if ($count > 1) { if ($count > 1) {
if(!Bootstrap::isLinuxOs()){ if(!Bootstrap::isLinuxOs()){
CLI::error("This is not a Linux enviroment, please especify workspace.\n"); CLI::error("This is not a Linux enviroment, please specify workspace.\n");
return; return;
} }
} }

2
workflow/engine/classes/class.Upgrade.php
View File

@@ -98,7 +98,7 @@ class Upgrade
$installedMD5 = ""; $installedMD5 = "";
} else { } else {
$time = microtime(1); $time = microtime(1);
$installedMD5 = md5_file($installedFile); $installedMD5 = G::encryptFileOld($installedFile);
$checksumTime += microtime(1) - $time; $checksumTime += microtime(1) - $time;
} }
$archiveMD5 = $checksum; $archiveMD5 = $checksum;

4
workflow/engine/classes/class.system.php
View File

@@ -260,7 +260,7 @@ class System
continue; continue;
} }
if (file_exists( realpath( $filename ) )) { if (file_exists( realpath( $filename ) )) {
if (strcmp( $checksum, md5_file( realpath( $filename ) ) ) != 0) { if (strcmp( $checksum, G::encryptFileOld( realpath( $filename ) ) ) != 0) {
$result['diff'][] = $filename; $result['diff'][] = $filename;
} }
} else { } else {
@@ -542,7 +542,7 @@ class System
$file = PATH_TRUNK . trim( $line[2] ); $file = PATH_TRUNK . trim( $line[2] );
if (is_readable( $file )) { if (is_readable( $file )) {
$size = sprintf( "%07d", filesize( $file ) ); $size = sprintf( "%07d", filesize( $file ) );
$checksum = sprintf( "%010u", crc32( file_get_contents( $file ) ) ); $checksum = sprintf( "%010u", G::encryptCrc32( file_get_contents( $file ) ) );
if (! ($line[0] == $size && $line[1] == $checksum) && substr( $file, - 4 ) != '.xml') { if (! ($line[0] == $size && $line[1] == $checksum) && substr( $file, - 4 ) != '.xml') {
$distinctFiles .= $file . "\n"; $distinctFiles .= $file . "\n";
$distinct ++; $distinct ++;

2
workflow/engine/classes/model/AddonsManager.php
View File

@@ -61,7 +61,7 @@ class AddonsManager extends BaseAddonsManager
if ($download_md5 == null) { if ($download_md5 == null) {
return null; return null;
} }
return (strcasecmp(md5_file($filename), $download_md5) == 0); return (strcasecmp(G::encryptFileOld($filename), $download_md5) == 0);
} }
/** /**

2
workflow/engine/classes/model/Application.php
View File

@@ -367,7 +367,7 @@ class Application extends BaseApplication
$pin = G::generateCode(4, 'ALPHANUMERIC'); $pin = G::generateCode(4, 'ALPHANUMERIC');
$this->setAppData(serialize(array('PIN' => $pin))); $this->setAppData(serialize(array('PIN' => $pin)));
$this->setAppPin(md5($pin)); $this->setAppPin(G::encryptOld($pin));
$c = new Criteria(); $c = new Criteria();
$c->clearSelectColumns(); $c->clearSelectColumns();

8
workflow/engine/controllers/installer.php
View File

@@ -848,7 +848,7 @@ class Installer extends Controller
// Write the paths_installed.php file (contains all the information configured so far) // Write the paths_installed.php file (contains all the information configured so far)
if (! file_exists( FILE_PATHS_INSTALLED )) { if (! file_exists( FILE_PATHS_INSTALLED )) {
$sh = md5( filemtime( PATH_GULLIVER . '/class.g.php' ) ); $sh = G::encryptOld( filemtime( PATH_GULLIVER . '/class.g.php' ) );
$h = G::encrypt( $db_hostname . $sh . $db_username . $sh . $db_password, $sh ); $h = G::encrypt( $db_hostname . $sh . $db_username . $sh . $db_password, $sh );
$dbText = "<?php\n"; $dbText = "<?php\n";
$dbText .= sprintf( " define('PATH_DATA', '%s');\n", $pathShared ); $dbText .= sprintf( " define('PATH_DATA', '%s');\n", $pathShared );
@@ -1152,18 +1152,18 @@ class Installer extends Controller
$query = sprintf( "USE %s;", $wf ); $query = sprintf( "USE %s;", $wf );
$this->mssqlQuery( $query ); $this->mssqlQuery( $query );
$query = sprintf( "UPDATE USERS SET USR_USERNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, md5( $adminPassword ) ); $query = sprintf( "UPDATE USERS SET USR_USERNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, G::encryptOld( $adminPassword ) );
$this->mssqlQuery( $query ); $this->mssqlQuery( $query );
$query = sprintf( "USE %s;", $wf ); $query = sprintf( "USE %s;", $wf );
$this->mssqlQuery( $query ); $this->mssqlQuery( $query );
$query = sprintf( "UPDATE RBAC_USERS SET USR_USERNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, md5( $adminPassword ) ); $query = sprintf( "UPDATE RBAC_USERS SET USR_USERNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, G::encryptOld( $adminPassword ) );
$this->mssqlQuery( $query ); $this->mssqlQuery( $query );
// Write the paths_installed.php file (contains all the information configured so far) // Write the paths_installed.php file (contains all the information configured so far)
if (! file_exists( FILE_PATHS_INSTALLED )) { if (! file_exists( FILE_PATHS_INSTALLED )) {
$sh = md5( filemtime( PATH_GULLIVER . '/class.g.php' ) ); $sh = G::encryptOld( filemtime( PATH_GULLIVER . '/class.g.php' ) );
$h = G::encrypt( $db_hostname . $sh . $db_username . $sh . $db_password . '1', $sh ); $h = G::encrypt( $db_hostname . $sh . $db_username . $sh . $db_password . '1', $sh );
$dbText = "<?php\n"; $dbText = "<?php\n";
$dbText .= sprintf( " define ('PATH_DATA', '%s' );\n", $pathShared ); $dbText .= sprintf( " define ('PATH_DATA', '%s' );\n", $pathShared );

2
workflow/engine/methods/cases/caseHistory_Ajax.php
View File

@@ -137,7 +137,7 @@ if ($actionAjax == "showDynaformHistoryGetNomDynaform_JXP") {
$dynTitle = $contentObjeto->getConValue(); $dynTitle = $contentObjeto->getConValue();
} }
$md5Hash = md5( $idDin . $dynDate ); $md5Hash = G::encryptOld( $idDin . $dynDate );
//assign task //assign task
$result = new stdClass(); $result = new stdClass();

2
workflow/engine/methods/cases/cases_StepToRevise.php
View File

@@ -138,7 +138,7 @@ if (! isset( $_GET['ex'] )) {
// DEPRECATED this JS section is marked for removal // DEPRECATED this JS section is marked for removal
function setSelect() function setSelect()
{ {
var ex=<?php echo $_GET['ex']?>; var ex=<?php echo $filter->xssFilterHard($_GET['ex'])?>;
try { try {
for(i=1; i<50; i++) { for(i=1; i<50; i++) {
if (i == ex) { if (i == ex) {

2
workflow/engine/methods/cases/cases_StepToReviseInputs.php
View File

@@ -140,7 +140,7 @@ G::RenderPage( 'publish', 'blank' );
//Deprecated Section since the interface are now movig to ExtJS //Deprecated Section since the interface are now movig to ExtJS
function setSelect() function setSelect()
{ {
var ex=<?php echo $_GET['ex']?>; var ex=<?php echo $filter->xssFilterHard($_GET['ex'])?>;
try { try {
for (i=1; i<50; i++) { for (i=1; i<50; i++) {
if (i == ex) { if (i == ex) {

2
workflow/engine/methods/cases/cases_StepToReviseOutputs.php
View File

@@ -84,7 +84,7 @@ if (! isset( $_GET['ex'] )) {
//Deprecated Section since the interface are now movig to ExtJS //Deprecated Section since the interface are now movig to ExtJS
function setSelect() function setSelect()
{ {
var ex=<?php echo $_GET['ex']?>; var ex=<?php echo $filter->xssFilterHard($_GET['ex'])?>;
try{ try{
for (i=1; i<50; i++) { for (i=1; i<50; i++) {
if (i == ex) { if (i == ex) {

2
workflow/engine/methods/cases/cases_ToReviseOutputDocView.php
View File

@@ -104,7 +104,7 @@ if (! isset( $_GET['ex'] )) {
/*------------------------------ To Revise Routines ---------------------------*/ /*------------------------------ To Revise Routines ---------------------------*/
function setSelect() function setSelect()
{ {
var ex=<?php echo $_GET['ex']?>; var ex=<?php echo $filter->xssFilterHard($_GET['ex'])?>;
try{ try{
for(i=1; i<50; i++) for(i=1; i<50; i++)
{ {

12
workflow/engine/methods/dynaforms/dynaforms_FlatEditor.php
View File

@@ -170,12 +170,12 @@ G::RenderPage( "publish", "raw" );
<script> <script>
var toolbar = document.getElementById('fields_Toolbar') var toolbar = document.getElementById('fields_Toolbar')
var fieldsList = document.getElementById('dynaformEditor[0]') var fieldsList = document.getElementById('dynaformEditor[0]')
var tableHeight=<?php echo $config['FieldsList']['height'] ?>; var tableHeight=<?php echo $filter->xssFilterHard($config['FieldsList']['height']) ?>;
var tableWidth=<?php echo $config['FieldsList']['width'] ?>; var tableWidth=<?php echo $filter->xssFilterHard($config['FieldsList']['width']) ?>;
var toolbarTop=<?php echo $config['Toolbar']['top'] ?>; var toolbarTop=<?php echo $filter->xssFilterHard($config['Toolbar']['top']) ?>;
var toolbarLeft=<?php echo $config['Toolbar']['left'] ?>; var toolbarLeft=<?php echo $filter->xssFilterHard($config['Toolbar']['left']) ?>;
var fieldsListTop=<?php echo $config['FieldsList']['top'] ?>//(toolbarTop+toolbar.clientHeight+44+8 ); var fieldsListTop=<?php echo $filter->xssFilterHard($config['FieldsList']['top']) ?>//(toolbarTop+toolbar.clientHeight+44+8 );
var fieldsListLeft=<?php echo $config['FieldsList']['left'] ?>; var fieldsListLeft=<?php echo $filter->xssFilterHard($config['FieldsList']['left']) ?>;
mainPanel.elements.headerBar.style.backgroundColor='#CBDAEF'; mainPanel.elements.headerBar.style.backgroundColor='#CBDAEF';
mainPanel.elements.headerBar.style.borderBottom='1px solid #808080'; mainPanel.elements.headerBar.style.borderBottom='1px solid #808080';
mainPanel.elements.headerBar.appendChild(toolbar); mainPanel.elements.headerBar.appendChild(toolbar);

2
workflow/engine/methods/enterprise/addonsStoreAction.php
View File

@@ -269,7 +269,7 @@ try {
} }
/////// ///////
$boundary = "---------------------" . substr(md5(rand(0, 32000)), 0, 10); $boundary = "---------------------" . substr(G::encryptOld(rand(0, 32000)), 0, 10);
$data = null; $data = null;
$data = $data . "--$boundary\n"; $data = $data . "--$boundary\n";

18
workflow/engine/methods/install/r.php
View File

@@ -2,25 +2,25 @@
G::LoadSystem('inputfilter'); G::LoadSystem('inputfilter');
$filter = new InputFilter(); $filter = new InputFilter();
if(isset($_GET['srv'])) { if(isset($_GET['srv'])) {
$_GET['srv'] = $filter->xssFilterHard($_GET['srv']); $srv = $filter->xssFilterHard($_GET['srv']);
} }
if(isset($_GET['usr'])) { if(isset($_GET['usr'])) {
$_GET['usr'] = $filter->xssFilterHard($_GET['usr']); $usr = $filter->xssFilterHard($_GET['usr']);
} }
if(isset($_GET['pass'])) { if(isset($_GET['pass'])) {
$_GET['pass'] = $filter->xssFilterHard($_GET['pass']); $pass = $filter->xssFilterHard($_GET['pass']);
} }
if(isset($_GET['gen'])) { if(isset($_GET['gen'])) {
$_GET['gen'] = $filter->xssFilterHard($_GET['gen']); $gen = $filter->xssFilterHard($_GET['gen']);
} }
?> ?>
<form action="r"> <form action="r">
Server: <input type="text" name="srv" Server: <input type="text" name="srv"
value="<?php echo isset($_GET['srv'])?$_GET['srv']:'';?>"> User: <input value="<?php echo isset($srv)? $srv:'';?>"> User: <input
type="text" name="usr" type="text" name="usr"
value="<?php echo isset($_GET['usr'])?$_GET['usr']:'';?>" /> Passwd: <input value="<?php echo isset($usr)? $usr:'';?>" /> Passwd: <input
type="text" name="pass" type="text" name="pass"
value="<?php echo isset($_GET['pass'])?$_GET['pass']:'';?>" /> <input value="<?php echo isset($pass)? $pass:'';?>" /> <input
type="submit" value="Gen" name="gen" /> <input type="submit" type="submit" value="Gen" name="gen" /> <input type="submit"
value="Regenerate paths_installed" name="reg" /><br /> value="Regenerate paths_installed" name="reg" /><br />
</form> </form>
@@ -28,14 +28,18 @@ if(isset($_GET['gen'])) {
if (isset( $_GET['gen'] )) { if (isset( $_GET['gen'] )) {
$sh = G::encryptOld( filemtime( PATH_GULLIVER . "/class.g.php" ) ); $sh = G::encryptOld( filemtime( PATH_GULLIVER . "/class.g.php" ) );
$sh = $filter->xssFilterHard($sh);
$h = G::encrypt( $_GET['srv'] . $sh . $_GET['usr'] . $sh . $_GET['pass'] . $sh . (1), $sh ); $h = G::encrypt( $_GET['srv'] . $sh . $_GET['usr'] . $sh . $_GET['pass'] . $sh . (1), $sh );
$h = $filter->xssFilterHard($h);
echo "HASH_INSTALLATION<br/>"; echo "HASH_INSTALLATION<br/>";
echo "<textarea cols=120>$h</textarea><br/>"; echo "<textarea cols=120>$h</textarea><br/>";
echo "SYSTEM_HASH<br/>"; echo "SYSTEM_HASH<br/>";
echo "<textarea cols=120>$sh</textarea>"; echo "<textarea cols=120>$sh</textarea>";
} elseif (isset( $_GET['reg'] )) { } elseif (isset( $_GET['reg'] )) {
$sh = G::encryptOld( filemtime( PATH_GULLIVER . "/class.g.php" ) ); $sh = G::encryptOld( filemtime( PATH_GULLIVER . "/class.g.php" ) );
$sh = $filter->xssFilterHard($sh);
$h = G::encrypt( $_GET['srv'] . $sh . $_GET['usr'] . $sh . $_GET['pass'] . $sh . (1), $sh ); $h = G::encrypt( $_GET['srv'] . $sh . $_GET['usr'] . $sh . $_GET['pass'] . $sh . (1), $sh );
$h = $filter->xssFilterHard($h);
echo "HASH_INSTALLATION<br/>"; echo "HASH_INSTALLATION<br/>";
echo "<textarea cols=120>$h</textarea><br/>"; echo "<textarea cols=120>$h</textarea><br/>";
echo "SYSTEM_HASH<br/>"; echo "SYSTEM_HASH<br/>";

2
workflow/engine/methods/setup/appCacheViewAjax.php
View File

@@ -302,7 +302,7 @@ switch ($request) {
list($sucess, $msgErr) = testConnection(DB_ADAPTER, $serverName, $user, $passwd, $port); list($sucess, $msgErr) = testConnection(DB_ADAPTER, $serverName, $user, $passwd, $port);
if ($sucess) { if ($sucess) {
$sh = md5( filemtime( PATH_GULLIVER . "/class.g.php" ) ); $sh = G::encryptOld( filemtime( PATH_GULLIVER . "/class.g.php" ) );
$h = G::encrypt( $_POST['host'] . $sh . $_POST['user'] . $sh . $_POST['password'] . $sh . (1), $sh ); $h = G::encrypt( $_POST['host'] . $sh . $_POST['user'] . $sh . $_POST['password'] . $sh . (1), $sh );
$insertStatements = "define ( 'HASH_INSTALLATION','{$h}' ); \ndefine ( 'SYSTEM_HASH', '{$sh}' ); \n"; $insertStatements = "define ( 'HASH_INSTALLATION','{$h}' ); \ndefine ( 'SYSTEM_HASH', '{$sh}' ); \n";
$lines = array (); $lines = array ();

5
workflow/engine/methods/setup/pluginsRemove.php
View File

@@ -39,7 +39,8 @@ switch ($RBAC->userCanAccess('PM_SETUP_ADVANCE'))
}*/ }*/
G::LoadClass( "plugin" ); G::LoadClass( "plugin" );
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$pluginName = $_REQUEST["pluginUid"]; $pluginName = $_REQUEST["pluginUid"];
if (file_exists( PATH_PLUGINS . $pluginName . ".php" )) { if (file_exists( PATH_PLUGINS . $pluginName . ".php" )) {
@@ -50,5 +51,5 @@ if (file_exists( PATH_PLUGINS . $pluginName . ".php" )) {
$pluginRegistry->unSerializeInstance( file_get_contents( PATH_DATA_SITE . "plugin.singleton" ) ); $pluginRegistry->unSerializeInstance( file_get_contents( PATH_DATA_SITE . "plugin.singleton" ) );
} }
G::auditLog("RemovePlugin","Plugin Name: ".$pluginName); G::auditLog("RemovePlugin","Plugin Name: ".$pluginName);
echo $pluginName . " " . nl2br( G::LoadTranslation( "ID_MSG_REMOVE_PLUGIN_SUCCESS" ) ); echo $pluginName . " " . nl2br( $filter->xssFilterHard(G::LoadTranslation( "ID_MSG_REMOVE_PLUGIN_SUCCESS" )) );

4
workflow/engine/skinEngine/neoclassic/layout.html
View File

@@ -30,7 +30,7 @@
<label class="textBlue"><a href="../../uxs/home">{$switch_interface_label}</a> | </label> <label class="textBlue"><a href="../../uxs/home">{$switch_interface_label}</a> | </label>
{/if} {/if}
<a href="{$linklogout}" class="tableOption">{$logout}</a>&nbsp;&nbsp;<br/> <a href="{$linklogout}" class="tableOption">{$logout}</a>&nbsp;&nbsp;<br/>
<label class="textBlack"><b>{$rolename}</b> {$workspace_label} <b><u>{$workspace}</u></b> &nbsp; &nbsp; <br/> <label class="textBlack"><b>{$rolename}</b> {$workspace_label} <b><u>{$workspace}</u></b><br />
{$udate}</label>&nbsp; &nbsp; {$udate}</label>&nbsp; &nbsp;
{else} {else}
{if $tracker eq 1} {if $tracker eq 1}
@@ -110,4 +110,4 @@
</div> </div>
</body> </body>
{/if} {/if}
</html> </html>

4
workflow/engine/src/ProcessMaker/Services/Api/Project/DynaForm.php
View File

@@ -47,6 +47,10 @@ class DynaForm extends Api
$dynaForm->setArrayFieldNameForException(array("processUid" => "prj_uid")); $dynaForm->setArrayFieldNameForException(array("processUid" => "prj_uid"));
$arrayData = $dynaForm->executeCreate($prj_uid, $request_data); $arrayData = $dynaForm->executeCreate($prj_uid, $request_data);
if (!array_key_exists('dyn_content', $request_data)) {
$request_data['dyn_content']="{}";
}
$arrayData = $dynaForm->update($arrayData['dyn_uid'], $request_data);
$response = $arrayData; $response = $arrayData;

6
workflow/engine/templates/admin/calendarEdit.js
View File

@@ -750,8 +750,7 @@ Ext.onReady( function() {
xtype : 'textfield' , xtype : 'textfield' ,
width : 200 , width : 200 ,
fieldLabel : _('ID_NAME') , fieldLabel : _('ID_NAME') ,
name : 'name' , name : 'name'
allowBlank : false
}, },
{ {
id : 'dynaformCalendarDescription' , id : 'dynaformCalendarDescription' ,
@@ -935,6 +934,9 @@ Ext.onReady( function() {
Ext.getCmp('dynaformCalendarName').setValue(Ext.getCmp('dynaformCalendarName').getValue().trim()); Ext.getCmp('dynaformCalendarName').setValue(Ext.getCmp('dynaformCalendarName').getValue().trim());
var canlendarName = Ext.getCmp('dynaformCalendarName').getValue().trim(); var canlendarName = Ext.getCmp('dynaformCalendarName').getValue().trim();
if(canlendarName === ""){ if(canlendarName === ""){
Ext.apply(Ext.getCmp('dynaformCalendarName'), {allowBlank: false}, {});
Ext.Msg.alert(_('ID_WARNING'), _("ID_FIELD_REQUIRED", _("ID_NAME")));
Ext.getCmp('dynaformCalendarName').setValue("");
return; return;
} }
Ext.Ajax.request({ Ext.Ajax.request({

23
workflow/engine/templates/processes/webentryPost.tpl
View File

@@ -22,11 +22,32 @@ try {
throw (new Exception("function ws_open() is not defined. File wsClient.php is missing")); throw (new Exception("function ws_open() is not defined. File wsClient.php is missing"));
} }
/*
* PMDynaform
* DYN_VERSION is 1: classic Dynaform,
* DYN_VERSION is 2: responsive form, Pmdynaform.
*/
$a = new Criteria("workflow");
$a->addSelectColumn(DynaformPeer::DYN_VERSION);
$a->add(DynaformPeer::DYN_UID, "{dynaformUid}", Criteria::EQUAL);
$a = ProcessPeer::doSelectRS($a);
$a->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$a->next();
$row = $a->getRow();
$swpmdynaform = isset($row) && $row["DYN_VERSION"] == 2;
if ($swpmdynaform) {
$pmdynaform = $_POST["form"];
}
$oForm = new Form("{processUid}" . "/" . "{dynaformUid}", PATH_DYNAFORM); $oForm = new Form("{processUid}" . "/" . "{dynaformUid}", PATH_DYNAFORM);
$oForm->validatePost(); $oForm->validatePost();
ws_open(); ws_open();
$result = ws_newCase("{processUid}", "{taskUid}", convertFormToWSObjects($_POST["form"])); if ($swpmdynaform) {
$result = ws_newCase("{processUid}", "{taskUid}", convertFormToWSObjects($pmdynaform));
} else {
$result = ws_newCase("{processUid}", "{taskUid}", convertFormToWSObjects($_POST["form"]));
}
if ($result->status_code == 0) { if ($result->status_code == 0) {
$caseId = $result->caseId; $caseId = $result->caseId;

2
workflow/engine/templates/reportTables/mainLoad.php
View File

@@ -20,7 +20,7 @@ if(isset($_GET['gui'])) {
} }
</style> </style>
<body onresize="autoResizeScreen()" onload="autoResizeScreen()"> <body onresize="autoResizeScreen()" onload="autoResizeScreen()">
<iframe name="frameMain" id="frameMain" src ="../reportTables/mainInit?PRO_UID=<?php echo $gui?>" width="99%" height="200" frameborder="0"> <iframe name="frameMain" id="frameMain" src ="../reportTables/mainInit?PRO_UID=<?php echo $filter->xssFilterHard($gui)?>" width="99%" height="200" frameborder="0">
<p>Your browser does not support iframes.</p> <p>Your browser does not support iframes.</p>
</iframe> </iframe>
</body> </body>

32
workflow/engine/templates/services/login_getStarted.html
View File

@@ -33,7 +33,7 @@
border-right: #fff 1px solid; border-right: #fff 1px solid;
padding-right: 10px; padding-right: 10px;
border-top: #fff 1px solid; border-top: #fff 1px solid;
padding-top: 10px; padding-top: 5px;
border-left: #fff 1px solid; border-left: #fff 1px solid;
padding-left: 10px; padding-left: 10px;
border-bottom: #fff 1px solid; border-bottom: #fff 1px solid;
@@ -47,6 +47,16 @@
span.cLow { span.cLow {
color: #002c72; color: #002c72;
} }
span.cLow-min {
color: #002c72;
font-size: 13px;
line-height: 1.3em;
}
span.cLow-autor {
color: #002c72;
font-size: 15px;
line-height: 1.3em;
}
</style> </style>
<!--[if IE]> <!--[if IE]>
@@ -68,23 +78,23 @@
<a target="_blank" href="http://www.processmaker.com"><img src="/images/get_started.png" border="0" width="163" height="438"></a> <a target="_blank" href="http://www.processmaker.com"><img src="/images/get_started.png" border="0" width="163" height="438"></a>
</td> </td>
<td class="cell2" valign="top"> <td class="cell2" valign="top">
<p><span class="cLow">Welcome to ProcessMaker!</span></p> <p><b><span class="cLow">Welcome to ProcessMaker 3.</span></b></p>
<p><span class="cLow">To get started, log in using the following credentials. You can change them later:</span></p> <p style="text-align: justify;"><span class="cLow-min">This new version features a new process designer based upon the Business Process Management Notation 2 standard. It offers a new form designer with flexible layouts for desktops, tablets and cellphones and a new REST API to remotely access ProcessMaker.</span></p>
<p style="text-align: justify;"><span class="cLow-min">To get started, log in using the following credentials. You can change them later:</span></p>
<span class="cNeg">Username:</span><span class="cLow"> {name}</span><br> <span class="cNeg">Username:</span><span class="cLow"> {name}</span><br>
<span class="cNeg">Password:</span><span class="cLow"> {pass}</span> <span class="cNeg">Password:</span><span class="cLow"> {pass}</span><br><br>
<p><span class="cLow">We suggest you follow our 7 easy videos to automate your workflow. You can see a demo of each step at&nbsp;<a target="_blank" href="http://www.processmaker.com/demos/">http://www.processmaker.com/demos/</a> </span></p> <p style="text-align: justify;"><span class="cLow-min">We suggest you follow our 7 easy videos to automate your workflow. You can see a demo of each step at <a target="_blank" href="http://www.processmaker.com/tutorials">http://www.processmaker.com/tutorials/</a></span></p>
<span class="cLow">Other Resources:</span><br/><br/> <b><span class="cLow">Other Resources:</span></b><br/><br/>
<span class="cLow"><a target="_blank" href="http://wiki.processmaker.com">PM Wiki </a>- Manuals</span><br/> <span class="cLow"><a target="_blank" href="http://wiki.processmaker.com">PM Wiki </a>- Manuals</span><br/>
<span class="cLow"><a target="_blank" href="http://forum.processmaker.com">PM Forum </a>- Ask Questions</span><br/> <span class="cLow"><a target="_blank" href="http://forum.processmaker.com">PM Forum </a>- Ask Questions</span><br/><br/>
<p><span class="cLow">We hope you enjoy using ProcessMaker. For more information about our enterprise support and consulting services <a target="_blank" href="http://www.processmaker.com/contact-us">contact us.</a> <p style="text-align: justify;"><span class="cLow-min">We hope you enjoy using ProcessMaker. For more information about our enterprise support and consulting services <a target="_blank" href="http://www.processmaker.com/contact-us">contact us.</a></span></p>
</span></p> <p><b><span class="cLow-autor">The ProcessMaker Team</span></b></p>
<p><span class="cLow">The ProcessMaker Team</span></p>
<input type="checkbox" name="getStarted" id="getStarted" onclick="saveConfig();"><span class="cLow">Don't show me again</span> <input type="checkbox" name="getStarted" id="getStarted" onclick="saveConfig();"><span class="cLow"> Don't show me again</span>
</td> </td>
</tr> </tr>
</table> </table>

4
workflow/public_html/bootstrap.php
View File

@@ -342,7 +342,7 @@
} }
else { else {
if(SYS_TARGET=="dbInfo"){ //Show dbInfo when no SYS_SYS if(SYS_TARGET=="dbInfo"){ //Show dbInfo when no SYS_SYS
$pathFile = PATH_METHODS . "login/dbInfo.php"; $pathFile = PATH_METHODS . 'login/dbInfo.php';
$pathFile = $filter->validateInput($pathFile,'path'); $pathFile = $filter->validateInput($pathFile,'path');
require_once($pathFile); require_once($pathFile);
} }
@@ -361,7 +361,7 @@
} }
} }
else { // classic sysLogin interface else { // classic sysLogin interface
$pathFile = PATH_METHODS . "login/sysLogin.php"; $pathFile = PATH_METHODS . 'login/sysLogin.php';
$pathFile = $filter->validateInput($pathFile,'path'); $pathFile = $filter->validateInput($pathFile,'path');
require_once($pathFile) ; require_once($pathFile) ;
die(); die();