fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HOR-2783

Browse Source
This commit is contained in:
Roly Rudy Gutierrez Pinto
2017-02-23 15:01:58 -04:00
parent 55bea03c6a
commit b4d1624716
2 changed files with 121 additions and 136 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
workflow/engine/methods/processes/processes_doUpload.php
View File

@@ -1,19 +1,20 @@
<?php
sleep( 1 );
global $RBAC;
if ( $RBAC->userCanAccess('PM_FACTORY') == 1) {
if (isset( $_SESSION['processes_upload'] )) {
$form = $_SESSION['processes_upload'];
G::LoadClass('processes');
$app = new Processes();
if (!$app->processExists($form['PRO_UID'])) {
$result = 0;
$msg = G::LoadTranslation('ID_PROCESS_UID_NOT_DEFINED');
echo "{'result': $result, 'msg':'$msg'}";
die;
}
sleep(1);
global $RBAC;
if ($RBAC->userCanAccess('PM_FACTORY') == 1) {
if (isset($_SESSION['processes_upload'])) {
$form = $_SESSION['processes_upload'];
G::LoadClass('processes');
$app = new Processes();
if (!$app->processExists($form['PRO_UID'])) {
$result = 0;
$msg = G::LoadTranslation('ID_PROCESS_UID_NOT_DEFINED');
echo "{'result': $result, 'msg':'$msg'}";
die;
}
switch ($form['MAIN_DIRECTORY']) {
case 'mailTemplates':
case 'mailTemplates':
$sDirectory = PATH_DATA_MAILTEMPLATES . $form['PRO_UID'] . PATH_SEP . ($form['CURRENT_DIRECTORY'] != '' ? $form['CURRENT_DIRECTORY'] . PATH_SEP : '');
break;
case 'public':
@@ -22,18 +23,29 @@ if ( $RBAC->userCanAccess('PM_FACTORY') == 1) {
default:
die();
break;
}
}
}
if ($_FILES['form']['error'] == "0") {
G::uploadFile( $_FILES['form']['tmp_name'], $sDirectory, $_FILES['form']['name'] );
$msg = "Uploaded (" . (round( (filesize( $sDirectory . $_FILES['form']['name'] ) / 1024) * 10 ) / 10) . " kb)";
$fileName = $_FILES['form']['name'];
$canUploadPhpFile = true;
$extension = pathinfo($fileName, PATHINFO_EXTENSION);
if (\Bootstrap::getDisablePhpUploadExecution() === 1 && $extension === 'php') {
$message = \G::LoadTranslation('THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED');
\Bootstrap::registerMonologPhpUploadExecution('phpUpload', 550, $message, $fileName);
$canUploadPhpFile = false;
}
if ($_FILES['form']['error'] == "0" && $canUploadPhpFile) {
G::uploadFile($_FILES['form']['tmp_name'], $sDirectory, $fileName);
$msg = "Uploaded (" . (round((filesize($sDirectory . $fileName) / 1024) * 10) / 10) . " kb)";
$result = 1;
//echo $sDirectory.$_FILES['form']['name'];
} else {
$msg = "Failed";
if ($canUploadPhpFile === false) {
$msg = $message;
}
$result = 0;
}
echo "{'result': $result, 'msg':'$msg'}";
echo "{'result': $result, 'msg':'$msg'}";
}