fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PMCORE-631

Browse Source
This commit is contained in:
Paula Quispe
2020-04-09 17:45:04 -04:00
parent 795a52afd3
commit a3d4b65bf4
6 changed files with 76 additions and 157 deletions
Download Patch File Download Diff File Expand all files Collapse all files

142
workflow/engine/methods/setup/appCacheViewAjax.php
View File

@@ -1,107 +1,12 @@
<?php
use Processmaker\Core\System;
$filter = new InputFilter();
$_POST = $filter->xssFilterHard($_POST);
$_GET = $filter->xssFilterHard($_GET);
$request = isset($_POST['request']) ? $_POST['request'] : (isset($_GET['request']) ? $_GET['request'] : null);
function testConnection($type, $server, $user, $passwd, $port = 'none', $dbName = "")
{
if (($port == 'none') || ($port == '') || ($port == 0)) {
//setting defaults ports
switch ($type) {
case 'mysql':
$port = 3306;
break;
case 'pgsql':
$port = 5432;
break;
case 'mssql':
$port = 1433;
break;
case 'oracle':
$port = 1521;
break;
}
}
$Server = new Net($server);
$filter = new InputFilter();
if ($Server->getErrno() == 0) {
$Server->scannPort($port);
if ($Server->getErrno() == 0) {
$Server->loginDbServer($user, $passwd);
$Server->setDataBase($dbName, $port);
if ($Server->errno == 0) {
$response = $Server->tryConnectServer($type);
if ($response->status == 'SUCCESS') {
if ($Server->errno == 0) {
$message = "";
$response = $Server->tryConnectServer($type);
$server = $filter->validateInput($server);
$user = $filter->validateInput($user);
$passwd = $filter->validateInput($passwd);
$connDatabase = mysqli_connect($server, $user, $passwd);
$dbNameTest = "PROCESSMAKERTESTDC";
$dbNameTest = $filter->validateInput($dbNameTest, 'nosql');
$query = "CREATE DATABASE %s";
$query = $filter->preventSqlInjection($query, array($dbNameTest), $connDatabase);
$db = mysqli_query($connDatabase, $query);
$success = false;
if (!$db) {
$message = mysqli_error($connDatabase);
} else {
$usrTest = "wfrbtest";
$chkG = "GRANT ALL PRIVILEGES ON `%s`.* TO %s@'%%' IDENTIFIED BY 'sample' WITH GRANT OPTION";
$chkG = $filter->preventSqlInjection($chkG, array($dbNameTest, $usrTest), $connDatabase);
$ch = mysqli_query($connDatabase, $chkG);
if (!$ch) {
$message = mysqli_error($connDatabase);
} else {
$sqlCreateUser = "CREATE USER '%s'@'%%' IDENTIFIED BY '%s'";
$user = $filter->validateInput($user, 'nosql');
$sqlCreateUser = $filter->preventSqlInjection($sqlCreateUser, array($user . "_usertest", "sample"), $connDatabase);
$result = mysqli_query($connDatabase, $sqlCreateUser);
if (!$result) {
$message = mysqli_error($connDatabase);
} else {
$success = true;
$message = G::LoadTranslation('ID_SUCCESSFUL_CONNECTION');
}
$sqlDropUser = "DROP USER '%s'@'%%'";
$user = $filter->validateInput($user, 'nosql');
$sqlDropUser = $filter->preventSqlInjection($sqlDropUser, array($user . "_usertest"), $connDatabase);
mysqli_query($connDatabase, $sqlDropUser);
$sqlDropUser = "DROP USER %s@'%%'";
$usrTest = $filter->validateInput($usrTest, 'nosql');
$sqlDropUser = $filter->preventSqlInjection($sqlDropUser, array($usrTest), $connDatabase);
mysqli_query($connDatabase, $sqlDropUser);
}
$sqlDropDb = "DROP DATABASE %s";
$dbNameTest = $filter->validateInput($dbNameTest, 'nosql');
$sqlDropDb = $filter->preventSqlInjection($sqlDropDb, array($dbNameTest), $connDatabase);
mysqli_query($connDatabase, $sqlDropDb);
}
return array($success, ($message != "") ? $message : $Server->error);
} else {
return array(false, $Server->error);
}
} else {
return array(false, $Server->error);
}
} else {
return array(false, $Server->error);
}
} else {
return array(false, $Server->error);
}
} else {
return array(false, $Server->error);
}
}
switch ($request) {
//check if the APP_CACHE VIEW table and their triggers are installed
case 'info':
@@ -271,46 +176,25 @@ switch ($request) {
break;
case 'recreate-root':
$user = $_POST['user'];
$passwd = $_POST['password'];
$pass = $_POST['password'];
$server = $_POST['host'];
$code = $_POST['codeCaptcha'];
$aServer = explode(':', $server);
$serverName = $aServer[0];
$port = (count($aServer) > 1) ? $aServer[1] : "none";
$server = explode(':', $server);
$serverName = $server[0];
$port = (count($server) > 1) ? $server[1] : '';
if ($code !== $_SESSION['securimage_code_disp']['default']) {
echo G::loadTranslation('ID_CAPTCHA_CODE_INCORRECT');
break;
}
list($sucess, $msgErr) = testConnection(DB_ADAPTER, $serverName, $user, $passwd, $port);
if ($sucess) {
$sh = G::encryptOld(filemtime(PATH_GULLIVER . "/class.g.php"));
$h = G::encrypt($_POST['host'] . $sh . $_POST['user'] . $sh . $_POST['password'] . $sh . (1), $sh);
$insertStatements = "define ( 'HASH_INSTALLATION','{$h}' ); \ndefine ( 'SYSTEM_HASH', '{$sh}' ); \n";
$lines = [];
$content = '';
$filename = PATH_HOME . 'engine' . PATH_SEP . 'config' . PATH_SEP . 'paths_installed.php';
$lines = file($filename);
$count = 1;
foreach ($lines as $line_num => $line) {
$pos = strpos($line, "define");
if ($pos !== false && $count < 3) {
$content = $content . $line;
$count++;
}
list($success, $message) = System::checkPermissionsDbUser(DB_ADAPTER, $serverName, $port, $user, $pass);
if ($success) {
$id = 'ID_MESSAGE_ROOT_CHANGE_FAILURE';
if (System::regenerateCredentiaslPathInstalled($server, $user, $pass)) {
$id = 'ID_MESSAGE_ROOT_CHANGE_SUCESS';
}
$content = "<?php \n" . $content . "\n" . $insertStatements . "\n";
if (file_put_contents($filename, $content) != false) {
echo G::loadTranslation('ID_MESSAGE_ROOT_CHANGE_SUCESS');
} else {
echo G::loadTranslation('ID_MESSAGE_ROOT_CHANGE_FAILURE');
}
} else {
echo $msgErr;
$message = G::loadTranslation($id);
}
echo $message;
break;
case 'captcha':
require_once PATH_TRUNK . 'vendor/dapphp/securimage/securimage.php';

56
workflow/engine/methods/setup/appCacheViewConf.php
View File

@@ -1,37 +1,37 @@
<?php
/**
* Rebuilding the cases list cache and changing the MySQL credentials
*
* @see processWorkspace()
*
* @link https://wiki.processmaker.com/3.2/Clearing_the_Case_List_Cache
*/
use ProcessMaker\Core\Installer;
global $RBAC;
$RBAC->requirePermissions('PM_SETUP');
// header('Pragma: no-cache');
// header('Cache-Control: no-store, no-cache, must-revalidate');
// Define the content of the case list cache builder
$headPublisher = headPublisher::getSingleton();
$headPublisher->addExtJsScript('setup/appCacheViewConf', false); //adding a javascript file .js
$headPublisher->addContent('setup/appCacheViewConf'); //adding a html file .html.
// Get some configurations
$conf = new Configurations();
$conf->loadConfig($x, 'APP_CACHE_VIEW_ENGINE', '', '', '', '');
$lang = isset($conf->aConfig['LANG']) ? $conf->aConfig['LANG'] : 'en';
$oHeadPublisher = headPublisher::getSingleton();
//$oHeadPublisher->setExtSkin( 'xtheme-blue');
// Assign the language configured
$headPublisher->assign('currentLang', $lang);
$oHeadPublisher->addExtJsScript('setup/appCacheViewConf', false); //adding a javascript file .js
$oHeadPublisher->addContent('setup/appCacheViewConf'); //adding a html file .html.
$oConf = new Configurations();
$oConf->loadConfig($x, 'APP_CACHE_VIEW_ENGINE', '', '', '', '');
//first check about APP_CACHE_VIEW is enabled or not,
if (isset($oConf->aConfig['LANG']) && isset($oConf->aConfig['STATUS']) && $oConf->aConfig['STATUS'] == 'active') {
$appCacheViewEnabled = true;
// Get the mysql version
$mysqlVersion = getMysqlVersion();
$maxMysqlVersion = InstallerModule::MYSQL_VERSION_MAXIMUM_SUPPORTED;
if (version_compare($mysqlVersion, $maxMysqlVersion, '<')) {
$userNameMaxLength = 16;
} else {
$appCacheViewEnabled = false;
$userNameMaxLength = 32;
}
$lang = isset($oConf->aConfig['LANG']) ? $oConf->aConfig['LANG'] : 'en';
$headPublisher->assign('userNameMaxLength', $userNameMaxLength);
//$oHeadPublisher->assign('appCacheViewEnabled', $appCacheViewEnabled);
$labels = G::getTranslations(array('ID_PROCESSING','ID_CACHE_LANGUAGE','ID_CACHE_HOST','ID_CACHE_USER','ID_CACHE_PASSWORD','ID_CACHE_TITLE_INFO','ID_CACHE_SUBTITLE_REBUILD','ID_CACHE_BTN_BUILD','ID_CACHE_BUILDING','ID_CACHE_SUBTITLE_SETUP_DB','ID_CACHE_BTN_SETUP_PASSWRD','ID_CACHE_SUBTITLE_SETUP_SESSION','ID_CACHE_BTN_SETUP_SESSION'
));
// $oHeadPublisher->assign('TRANSLATIONS', $labels);
// $TRANSLATIONS->ID_PROCESSING = G::LoadTranslation('ID_PROCESSING');
// $oHeadPublisher->assign( 'TRANSLATIONS', $TRANSLATIONS); //translations
$oHeadPublisher->assign('currentLang', $lang); //current language
G::RenderPage('publish', 'extJs');
G::RenderPage('publish', 'extJs');