fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

validate params sort

Browse Source
This commit is contained in:
Ronald Quenta
2017-08-08 13:41:30 -04:00
parent 496d590f42
commit af6d8389a4
1 changed files with 66 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

134
workflow/engine/methods/mails/emailsAjax.php
View File

@@ -2,12 +2,7 @@
use ProcessMaker\Exception\RBACException; use ProcessMaker\Exception\RBACException;
$req = (isset($_POST['request']))? $_POST['request']:((isset($_REQUEST['request']))? $_REQUEST['request'] : 'No hayyy tal'); $req = (isset($_REQUEST['request']) ? $_REQUEST['request'] : '');
require_once 'classes/model/Content.php';
require_once 'classes/model/AppMessage.php';
require_once 'classes/model/AppDelegation.php';
require_once 'classes/model/Application.php';
/** @var RBAC $RBAC */ /** @var RBAC $RBAC */
global $RBAC; global $RBAC;
@@ -21,18 +16,18 @@ switch ($RBAC->userCanAccess('PM_LOGIN')) {
} }
$RBAC->allows(basename(__FILE__), $req); $RBAC->allows(basename(__FILE__), $req);
switch($req){ switch ($req) {
case 'MessageList': case 'MessageList':
$start = (isset($_REQUEST['start']))? $_REQUEST['start'] : '0'; $start = (isset($_REQUEST['start'])) ? $_REQUEST['start'] : '0';
$limit = (isset($_REQUEST['limit']))? $_REQUEST['limit'] : '25'; $limit = (isset($_REQUEST['limit'])) ? $_REQUEST['limit'] : '25';
$proUid = (isset($_REQUEST['process']))? $_REQUEST['process'] : ''; $proUid = (isset($_REQUEST['process'])) ? $_REQUEST['process'] : '';
$eventype = (isset($_REQUEST['type']))? $_REQUEST['type'] : ''; $eventype = (isset($_REQUEST['type'])) ? $_REQUEST['type'] : '';
$emailStatus = (isset($_REQUEST['status']))? $_REQUEST['status'] : ''; $emailStatus = (isset($_REQUEST['status'])) ? $_REQUEST['status'] : '';
$sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : ''; $sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : '';
$dir = isset($_REQUEST['dir']) ? $_REQUEST['dir'] : 'ASC'; $dir = isset($_REQUEST['dir']) ? $_REQUEST['dir'] : 'ASC';
$dateFrom = isset( $_POST["dateFrom"] ) ? substr( $_POST["dateFrom"], 0, 10 ) : ""; $dateFrom = isset($_POST["dateFrom"]) ? substr($_POST["dateFrom"], 0, 10) : "";
$dateTo = isset( $_POST["dateTo"] ) ? substr( $_POST["dateTo"], 0, 10 ) : ""; $dateTo = isset($_POST["dateTo"]) ? substr($_POST["dateTo"], 0, 10) : "";
$filterBy = (isset($_REQUEST['filterBy']))? $_REQUEST['filterBy'] : 'ALL'; $filterBy = (isset($_REQUEST['filterBy'])) ? $_REQUEST['filterBy'] : 'ALL';
$response = new stdclass(); $response = new stdclass();
$response->status = 'OK'; $response->status = 'OK';
@@ -43,10 +38,10 @@ switch($req){
$criteria->addJoin(AppMessagePeer::APP_UID, ApplicationPeer::APP_UID, Criteria::LEFT_JOIN); $criteria->addJoin(AppMessagePeer::APP_UID, ApplicationPeer::APP_UID, Criteria::LEFT_JOIN);
if ($emailStatus != '') { if ($emailStatus != '') {
$criteria->add( AppMessagePeer::APP_MSG_STATUS, $emailStatus); $criteria->add(AppMessagePeer::APP_MSG_STATUS, $emailStatus);
} }
if ($proUid != '') { if ($proUid != '') {
$criteria->add( ApplicationPeer::PRO_UID, $proUid); $criteria->add(ApplicationPeer::PRO_UID, $proUid);
} }
$arrayType = []; $arrayType = [];
@@ -54,7 +49,7 @@ switch($req){
$pluginRegistry = PMPluginRegistry::getSingleton(); $pluginRegistry = PMPluginRegistry::getSingleton();
$statusEr = $pluginRegistry->getStatusPlugin('externalRegistration'); $statusEr = $pluginRegistry->getStatusPlugin('externalRegistration');
$flagEr = (preg_match('/^enabled$/', $statusEr))? 1 : 0; $flagEr = (preg_match('/^enabled$/', $statusEr)) ? 1 : 0;
if ($flagEr == 0) { if ($flagEr == 0) {
$arrayType[] = 'EXTERNAL_REGISTRATION'; $arrayType[] = 'EXTERNAL_REGISTRATION';
@@ -88,14 +83,14 @@ switch($req){
$dateTo = $dateTo . " 23:59:59"; $dateTo = $dateTo . " 23:59:59";
} }
$criteria->add( $criteria->getNewCriterion( AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL )->addAnd( $criteria->getNewCriterion( AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL ) ) ); $criteria->add($criteria->getNewCriterion(AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL)->addAnd($criteria->getNewCriterion(AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL)));
} else { } else {
$dateFrom = $dateFrom . " 00:00:00"; $dateFrom = $dateFrom . " 00:00:00";
$criteria->add( AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL ); $criteria->add(AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL);
} }
} elseif ($dateTo != "") { } elseif ($dateTo != "") {
$dateTo = $dateTo . " 23:59:59"; $dateTo = $dateTo . " 23:59:59";
$criteria->add( AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL ); $criteria->add(AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL);
} }
//Number records total //Number records total
@@ -133,10 +128,10 @@ switch($req){
$criteria->addSelectColumn(ProcessPeer::PRO_TITLE); $criteria->addSelectColumn(ProcessPeer::PRO_TITLE);
if ($emailStatus != '') { if ($emailStatus != '') {
$criteria->add( AppMessagePeer::APP_MSG_STATUS, $emailStatus); $criteria->add(AppMessagePeer::APP_MSG_STATUS, $emailStatus);
} }
if ($proUid != '') { if ($proUid != '') {
$criteria->add( ApplicationPeer::PRO_UID, $proUid); $criteria->add(ApplicationPeer::PRO_UID, $proUid);
} }
switch ($filterBy) { switch ($filterBy) {
@@ -167,24 +162,27 @@ switch($req){
$dateTo = $dateTo . " 23:59:59"; $dateTo = $dateTo . " 23:59:59";
} }
$criteria->add( $criteria->getNewCriterion( AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL )->addAnd( $criteria->getNewCriterion( AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL ) ) ); $criteria->add($criteria->getNewCriterion(AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL)->addAnd($criteria->getNewCriterion(AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL)));
} else { } else {
$dateFrom = $dateFrom . " 00:00:00"; $dateFrom = $dateFrom . " 00:00:00";
$criteria->add( AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL ); $criteria->add(AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL);
} }
} elseif ($dateTo != "") { } elseif ($dateTo != "") {
$dateTo = $dateTo . " 23:59:59"; $dateTo = $dateTo . " 23:59:59";
$criteria->add( AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL ); $criteria->add(AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL);
} }
if ($sort != '') { if ($sort != '') {
if (!in_array($sort, AppMessagePeer::getFieldNames(BasePeer::TYPE_FIELDNAME))) {
throw new Exception(G::LoadTranslation('ID_INVALID_VALUE_FOR', array('$sort')));
}
if ($dir == 'ASC') { if ($dir == 'ASC') {
$criteria->addAscendingOrderByColumn($sort); $criteria->addAscendingOrderByColumn($sort);
} else { } else {
$criteria->addDescendingOrderByColumn($sort); $criteria->addDescendingOrderByColumn($sort);
} }
} else { } else {
$oCriteria->addDescendingOrderByColumn(AppMessagePeer::APP_MSG_SEND_DATE ); $oCriteria->addDescendingOrderByColumn(AppMessagePeer::APP_MSG_SEND_DATE);
} }
if ($limit != '') { if ($limit != '') {
$criteria->setLimit($limit); $criteria->setLimit($limit);
@@ -202,60 +200,60 @@ switch($req){
$index = 1; $index = 1;
$content = new Content(); $content = new Content();
$tasTitleDefault = G::LoadTranslation('ID_TASK_NOT_RELATED'); $tasTitleDefault = G::LoadTranslation('ID_TASK_NOT_RELATED');
while ( $result->next() ) { while ($result->next()) {
$row = $result->getRow(); $row = $result->getRow();
$row['APP_MSG_FROM'] =htmlentities($row['APP_MSG_FROM'], ENT_QUOTES, "UTF-8"); $row['APP_MSG_FROM'] = htmlentities($row['APP_MSG_FROM'], ENT_QUOTES, "UTF-8");
$row['APP_MSG_STATUS'] = ucfirst ( $row['APP_MSG_STATUS']); $row['APP_MSG_STATUS'] = ucfirst($row['APP_MSG_STATUS']);
switch ($filterBy) { switch ($filterBy) {
case 'CASES': case 'CASES':
if ($row['DEL_INDEX'] != 0) { if ($row['DEL_INDEX'] != 0) {
$index = $row['DEL_INDEX']; $index = $row['DEL_INDEX'];
} }
$criteria = new Criteria(); $criteria = new Criteria();
$criteria->addSelectColumn(AppCacheViewPeer::APP_TITLE); $criteria->addSelectColumn(AppCacheViewPeer::APP_TITLE);
$criteria->addSelectColumn(AppCacheViewPeer::APP_TAS_TITLE); $criteria->addSelectColumn(AppCacheViewPeer::APP_TAS_TITLE);
$criteria->add(AppCacheViewPeer::APP_UID, $row['APP_UID'], Criteria::EQUAL); $criteria->add(AppCacheViewPeer::APP_UID, $row['APP_UID'], Criteria::EQUAL);
$criteria->add(AppCacheViewPeer::DEL_INDEX, $index, Criteria::EQUAL); $criteria->add(AppCacheViewPeer::DEL_INDEX, $index, Criteria::EQUAL);
$resultCacheView = AppCacheViewPeer::doSelectRS($criteria); $resultCacheView = AppCacheViewPeer::doSelectRS($criteria);
$resultCacheView->setFetchmode(ResultSet::FETCHMODE_ASSOC); $resultCacheView->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$row['APP_TITLE'] = '-'; $row['APP_TITLE'] = '-';
while ($resultCacheView->next()) { while ($resultCacheView->next()) {
$rowCacheView = $resultCacheView->getRow(); $rowCacheView = $resultCacheView->getRow();
$row['APP_TITLE'] = $rowCacheView['APP_TITLE']; $row['APP_TITLE'] = $rowCacheView['APP_TITLE'];
$row['TAS_TITLE'] = $rowCacheView['APP_TAS_TITLE']; $row['TAS_TITLE'] = $rowCacheView['APP_TAS_TITLE'];
} }
if ($row['DEL_INDEX'] == 0) { if ($row['DEL_INDEX'] == 0) {
$row['TAS_TITLE'] = $tasTitleDefault; $row['TAS_TITLE'] = $tasTitleDefault;
} }
break; break;
case 'TEST': case 'TEST':
$row['PRO_UID'] = ''; $row['PRO_UID'] = '';
$row['APP_NUMBER'] = ''; $row['APP_NUMBER'] = '';
$row['PRO_TITLE'] = ''; $row['PRO_TITLE'] = '';
$row['APP_TITLE'] = ''; $row['APP_TITLE'] = '';
$row['TAS_TITLE'] = ''; $row['TAS_TITLE'] = '';
break; break;
case 'EXTERNAL-REGISTRATION': case 'EXTERNAL-REGISTRATION':
$row['PRO_UID'] = ''; $row['PRO_UID'] = '';
$row['APP_NUMBER'] = ''; $row['APP_NUMBER'] = '';
$row['PRO_TITLE'] = ''; $row['PRO_TITLE'] = '';
$row['APP_TITLE'] = ''; $row['APP_TITLE'] = '';
$row['TAS_TITLE'] = ''; $row['TAS_TITLE'] = '';
break; break;
} }
$data[] = $row; $data[] = $row;
} }
$response = array(); $response = array();
$response['totalCount'] = $totalCount; $response['totalCount'] = $totalCount;
$response['data'] = $data; $response['data'] = $data;
die(G::json_encode($response)); die(G::json_encode($response));
break; break;
case 'updateStatusMessage': case 'updateStatusMessage':