fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

BUG 10396 Mensaje de Invalid Response al crear Dynaform SOLVED

Browse Source 
- Missing validation when session is expired
- Add validation when session is expired
This commit is contained in:
Julio Cesar Laura
2013-01-28 20:41:39 -04:00
parent 7a1753baaa
commit a1e527265c
8 changed files with 112 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
gulliver/js/form/core/form.js
View File

@@ -3326,7 +3326,15 @@ function dynaformVerifyFieldName(){
return true;
}
function verifyFieldName1(){
function verifyFieldName1() {
if (getField('PME_VALIDATE_NAME').value == '__error_session__') {
showPrompt('refreshDynaformEditor');
return;
}
verifyFieldNameFunction();
}
function verifyFieldNameFunction() {
var newFieldName=fieldName.value;
var msj = _('DYNAFIELD_ALREADY_EXIST');
var validatedFieldName=getField("PME_VALIDATE_NAME",fieldForm).value;
@@ -3358,6 +3366,9 @@ function verifyFieldName1(){
return valid;
}
function refreshDynaformEditor() {
window.location.href = window.location.href.replace('#', '');
}
var objectsWithFormula = Array();

5
gulliver/js/maborak/core/maborak.js
View File

@@ -1228,10 +1228,13 @@ return oAux;};var saveAndRefreshForm=function(oObject){if(oObject){oObject.form.
else{var oAux=window.document.getElementsByTagName('form');if(oAux.length>0){oAux[0].action+='&_REFRESH_=1';oAux[0].submit();}}};var saveForm=function(oObject){if(oObject){ajax_post(oObject.form.action,oObject.form,'POST');}
else{var oAux=window.document.getElementsByTagName('form');if(oAux.length>0){ajax_post(oAux[0].action,oAux[0],'POST');}}};var validateURL=function(url){var regexp=/http?s?:\/\/([-\w\.]+)+(:\d+)?(\/([\w/_\.]*(\?\S+)?)?)?/;if(regexp.test(url)){return true;}else{return false;}};var saveAndRedirectForm=function(oObject,oLocation){saveForm(oObject);if(validateURL(oLocation)){if(typeof(parent)!="undefined"){parent.location.href=oLocation;}else{document.location.href=oLocation;}}};var removeRequiredById=function(sFieldName){if(!notValidateThisFields.inArray(sFieldName)){notValidateThisFields.push(sFieldName);var oAux=document.getElementById('__notValidateThisFields__');if(oAux){oAux.value=notValidateThisFields.toJSONString();}}};var enableRequiredById=function(sFieldName){if(notValidateThisFields.inArray(sFieldName)){var i;var aAux=[];for(i=0;i<notValidateThisFields.length;i++){if(notValidateThisFields[i]!=sFieldName){aAux.push(notValidateThisFields[i]);}}
notValidateThisFields=aAux;var oAux=document.getElementById('__notValidateThisFields__');if(oAux){oAux.value=notValidateThisFields.toJSONString();}}};function dynaformVerifyFieldName(){pme_validating=true;setTimeout('verifyFieldName1();',0);return true;}
function verifyFieldName1(){var newFieldName=fieldName.value;var msj=_('DYNAFIELD_ALREADY_EXIST');var validatedFieldName=getField("PME_VALIDATE_NAME",fieldForm).value;var dField=new input(getField('PME_XMLNODE_NAME'));var valid=(newFieldName!=='')&&(((newFieldName!==savedFieldName)&&(validatedFieldName===''))||((newFieldName===savedFieldName)));if(newFieldName.length==0){valid=false;msj=_('DYNAFIELD_EMPTY');}
function verifyFieldName1(){if(getField('PME_VALIDATE_NAME').value=='__error_session__'){showPrompt('refreshDynaformEditor');return;}
verifyFieldNameFunction();}
function verifyFieldNameFunction(){var newFieldName=fieldName.value;var msj=_('DYNAFIELD_ALREADY_EXIST');var validatedFieldName=getField("PME_VALIDATE_NAME",fieldForm).value;var dField=new input(getField('PME_XMLNODE_NAME'));var valid=(newFieldName!=='')&&(((newFieldName!==savedFieldName)&&(validatedFieldName===''))||((newFieldName===savedFieldName)));if(newFieldName.length==0){valid=false;msj=_('DYNAFIELD_EMPTY');}
if(!(isNaN(parseInt(newFieldName.substr(0,1))))){valid=false;msj=_('DYNAFIELD_NODENAME_NUMBER');}
if(valid){dField.passed();getField("PME_ACCEPT",fieldForm).disabled=false;}else{getField("PME_ACCEPT",fieldForm).disabled=true;dField.failed();new leimnud.module.app.alert().make({label:msj});dField.focus();}
pme_validating=false;return valid;}
function refreshDynaformEditor(){window.location.href=window.location.href.replace('#','');}
var objectsWithFormula=Array();function sumaformu(ee,fma,mask){afma=fma;var operators=['+','-','*','/','(','[','{','}',']',')',',','Math.pow','Math.PI','Math.sqrt'];var wos;for(var i=0;i<operators.length;i++){var j=0;while(j<fma.length){nfma=fma.replace(operators[i]," ");nfma=nfma.replace(" "," ");fma=nfma;j++;}}
wos=nfma.replace(/^\s+/g,'');nfma=wos.replace(/\s+$/g,'');theelemts=nfma.split(" ");objectsWithFormula[objectsWithFormula.length]={ee:ee,fma:afma,mask:mask,theElements:theelemts};for(var i=0;i<theelemts.length;i++){leimnud.event.add(getField(theelemts[i]),'keyup',function(key){var eventElement=key.srcElement?key.srcElement:key.target;if(typeof(this.id)=='undefined'){myId=eventElement.id.replace("form[","").replace("]","");}
else{myId=this.id.replace("form[","").replace("]","");}

1
workflow/engine/classes/class.dynaformEditor.php
View File

@@ -228,6 +228,7 @@ class dynaformEditor extends WebResource
leimnud.event.add(window,"load",function(){ loadEditor(); });
');
$oHeadPublisher->addScriptCode(' var jsMeta;var usernameLogged = "' . (isset($_SESSION['USR_USERNAME']) ? $_SESSION['USR_USERNAME'] : '') . '";var SYS_LANG = "' . SYS_LANG . '";');
$oHeadPublisher->addScriptCode('var dynaformEditorParams = \'' . serialize($Parameters) . '\';');
G::RenderPage("publish", 'blank');
}

31
workflow/engine/js/dynaformEditor/core/dynaformEditor.js
View File

@@ -8,11 +8,13 @@ var h3OK = 1;
var promptPanel;
var lastActionPerformed = '';
var lastTypeSelected = '';
var sessionPersits = function() {
var rpc = new leimnud.module.rpc.xmlhttp({
url : '../services/sessionPersists',
async:false
url: '../services/sessionPersists',
args: 'dynaformEditorParams=' + dynaformEditorParams,
async: false
});
rpc.make();
var response = rpc.xmlhttp.responseText.parseJSON();
@@ -65,6 +67,21 @@ var verifyLogin = function() {
case 'changeToShowHide':
dynaformEditor.changeToShowHide();
break;
case 'refreshDynaformEditor':
refreshDynaformEditor();
break;
case 'fieldsSave':
fieldsSave(getField('PME_XMLNODE_NAME').form);
break;
case 'fieldsAdd':
fieldsAdd(lastTypeSelected);
break;
case '__ActionEdit':
document.getElementById('dynaframe').contentWindow.__ActionEdit(document.getElementById('dynaframe').contentWindow.lastUidFHSelected);
break;
case '__ActionDelete':
document.getElementById('dynaframe').contentWindow.__ActionDelete(document.getElementById('dynaframe').contentWindow.lastUidFHSelected, document.getElementById('dynaframe').contentWindow.lastFTypeFHSelected);
break;
}
lastActionPerformed = '';
} else {
@@ -836,6 +853,11 @@ function getElementByPMClass(__class){
function fieldsSave( form ) {
if (!sessionPersits()) {
showPrompt('fieldsSave');
return;
}
var str = document.getElementById('form[PME_XMLNODE_NAME]').value;
var dField = new input(getField('PME_XMLNODE_NAME'));
@@ -880,6 +902,11 @@ function getElementByPMClass(__class){
var typePopup = 0;
function fieldsAdd( type,label )
{
lastTypeSelected = type;
if (!sessionPersits()) {
showPrompt('fieldsAdd');
return;
}
switch (type){
case 'text' : label=TRANSLATIONS.ID_FIELD_DYNAFORM_TEXT; typePopup = 1; break;
case 'currency' : label=TRANSLATIONS.ID_FIELD_DYNAFORM_CURRENCY; typePopup = 1; break;

17
workflow/engine/methods/dynaforms/fields_Ajax.php
View File

@@ -22,6 +22,23 @@
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
if (!isset($_SESSION['USER_LOGGED'])) {
$aux1 = new stdclass();
$aux2 = new stdclass();
$aux2->type = 'hidden';
$aux2->options = array();
$aux1->name = 'PME_VALIDATE_NAME';
$aux1->content = $aux2;
$aux1->value = '__error_session__';
$result = array();
$result[] = array('name' => 'PME_VALIDATE_NAME',
'content' => array('type' => 'hidden',
'options' => array(array('key' => '__error_session__',
'value' => '__error_session__'))),
'value' => '__error_session__');
die(Bootstrap::json_encode($result));
}
if (($RBAC_Response = $RBAC->userCanAccess( "PM_FACTORY" )) != 1) {
return $RBAC_Response;
}

3
workflow/engine/methods/services/sessionPersists.php
View File

@@ -1,4 +1,7 @@
<?php
$response = new stdclass();
$response->status = isset($_SESSION['USER_LOGGED']);
if (isset($_REQUEST['dynaformEditorParams'])) {
$_SESSION['Current_Dynafom']['Parameters'] = unserialize(stripslashes($_REQUEST['dynaformEditorParams']));
}
die(G::json_encode($response));

77
workflow/engine/templates/dynaforms/fieldsHandler.php
View File

@@ -1,8 +1,8 @@
<?php
/**
/**
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
@@ -12,28 +12,28 @@
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*
*
*/
/*
* @Author Erik Amaru Ortiz <erik@colosa.com>
* @Date Aug 26th, 2009
*/
* @Date Aug 26th, 2009
*/
if(!((isset( $_SESSION['USER_LOGGED'] ))&&(!(isset($_GET['sid']))))||!isset($_SESSION['Current_Dynafom'])) {
$oHeadPublisher =& headPublisher::getSingleton();
$oHeadPublisher->addScriptCode("
window.parent.location.href = '../processes/mainInit';
");
");
G::RenderPage('publish');
exit();
}
?>
<html>
<head>
@@ -44,10 +44,10 @@
<script type="text/javascript" src="/js/jquery/jquery-ui-1.7.2.custom.min.js"></script>
<script type="text/javascript" src="/jscore/dynaforms/dynaforms_fieldsHandler.js"></script>
</head>
<?php
<?php
$content = file_get_contents(PATH_DYNAFORM.$_SESSION['Current_Dynafom']['Parameters']['FILE'].".xml");
$oXxml = G::xmlParser($content);
if( !isset($oXxml->result['dynaForm']['__CONTENT__']) ){
?>
<br/>
@@ -60,13 +60,13 @@
</script>
<?php
die();
}
}
$elements = $oXxml->result['dynaForm']['__CONTENT__'];
$dynaformAttributes = $oXxml->result['dynaForm']['__ATTRIBUTES__'];
$dynaformType = $dynaformAttributes['type'];
foreach($elements as $node_name=>$node){
if( $node_name == "___pm_boot_strap___"){
$boot_strap = $elements[$node_name];
@@ -81,10 +81,10 @@
</script>
<?php
}
}
}
?>
<body>
<table border="0" width="100%" cellpadding="0" cellspacing="0" class="fieldshandler_item">
<table border="0" width="100%" cellpadding="0" cellspacing="0" class="fieldshandler_item">
<tr>
<td width="15%" valign="top" align="left">
<a href='#' onmouseout="parent.hideTooltip()" onmouseover="parent.showTooltip(event,document.getElementById('help').innerHTML);return false;">
@@ -92,7 +92,7 @@
</a>
</td>
<td valign="top" width="990px"><center>
<div style="width:100%">
<div class="ui-widget-header ui-corner-all" style="height:17px">
<table border="0" width="100%" cellpadding="0" cellspacing="0">
@@ -103,8 +103,8 @@
</table>
</div>
</div>
<div id="dynafields">
<div id="dynafields">
<ul id="sortable" style="margin:0; padding:0;">
<?php foreach($elements as $node_name=>$node){
if( isset($hidden_fields_list) ){
@@ -139,10 +139,10 @@
<?php }?>
<span style="font-size:10px;">&nbsp;<?php echo "({$node['__ATTRIBUTES__']['type']})";?></span>
</td>
<td width="28%" style="font-size:12px;">
<td width="28%" style="font-size:12px;">
&nbsp;<?php echo "$node_name";?>
</td>
</td>
<td><p style="font-size:12px; color:#1C3166; font-weight:bold">
<?php if( isset($node['__CONTENT__'][SYS_LANG]['__VALUE__']) ){
if( strlen($node['__CONTENT__'][SYS_LANG]['__VALUE__']) > 30 ){
@@ -152,7 +152,7 @@
}
print($label);
} else {
print("&nbsp;");
print("&nbsp;");
}
?></p>
</td>
@@ -171,7 +171,7 @@
<?php }?>
</td>
</tr>
</table>
</table>
</li>
<?php }?>
</ul>
@@ -184,23 +184,36 @@
<h3 class="ui-widget-header ui-corner-all">Processmaker - DynaFields Handler</h3>
<b><?php echo G::LoadTranslation('ID_FIELD_HANDLER_HELP1');?></b><br/><br/>
<li> <?php echo G::LoadTranslation('ID_FIELD_HANDLER_HELP2');?><br/>
<li> <?php echo G::LoadTranslation('ID_FIELD_HANDLER_HELP3');?>
<li> <?php echo G::LoadTranslation('ID_FIELD_HANDLER_HELP3');?>
</div>
</td>
</tr>
</table>
</body>
<script language="javascript">
var lastUidFHSelected;
var lastFTypeFHSelected;
function __ActionEdit(uid){
var client_window = parent.getClientWindowSize();
lastUidFHSelected = uid;
if (!parent.sessionPersits()) {
parent.showPrompt('__ActionEdit');
return;
}
var client_window = parent.getClientWindowSize();
h = client_window.height;
h1 = (h / 100) * 92;
window.parent.popupWindow('', "fields_Edit?A=<?php echo $_SESSION['Current_Dynafom']['Parameters']['URL']?>&XMLNODE_NAME="+ uid , 600, h1);
}
function __ActionDelete(uid, ftype){
new window.parent.leimnud.module.app.confirm().make({
lastUidFHSelected = uid;
lastFTypeFHSelected = ftype;
if (!parent.sessionPersits()) {
parent.showPrompt('__ActionDelete');
return;
}
new window.parent.leimnud.module.app.confirm().make({
label: '<?php echo G::LoadTranslation('ID_FIELD_HANDLER_ACTION_DELETE');?>' + ' ' + ftype + "?",
action:function(){
$.ajax({
@@ -214,7 +227,7 @@
}
});
}
window.onload = function() {
parent_divs = parent.document.getElementsByTagName('div');
for(i=0; i<parent_divs.length; i++){

1
workflow/public_html/sysGeneric.php
View File

@@ -771,6 +771,7 @@ if (! defined( 'EXECUTE_BY_CRON' )) {
$noLoginFiles[] = 'retrivePassword';
$noLoginFiles[] = 'defaultAjaxDynaform';
$noLoginFiles[] = 'dynaforms_checkDependentFields';
$noLoginFiles[] = 'fields_Ajax';
$noLoginFolders[] = 'services';
$noLoginFolders[] = 'tracker';