fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/develop' into feature/PMCORE-3140

Browse Source
This commit is contained in:
Rodrigo Quelca
2021-12-01 13:00:27 +00:00
parent 9bf45defb0 d2f6c1ed78
commit c4f6602016
45 changed files with 1597 additions and 1015 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
workflow/engine/content/translations/english/processmaker.en.po
View File

@@ -24383,6 +24383,12 @@ msgstr "Screen Color Icon"
msgid "Script Task"
msgstr "Script Task"
# TRANSLATION
# LABEL/ID_SCRIPT_TASK_UNTITLED
#: LABEL/ID_SCRIPT_TASK_UNTITLED
msgid "Untitled - Script Task"
msgstr "Untitled - Script Task"
# TRANSLATION
# LABEL/ID_SCRIPT_TASK_ACTIVITY_ALREADY_REGISTERED
#: LABEL/ID_SCRIPT_TASK_ACTIVITY_ALREADY_REGISTERED
@@ -24965,6 +24971,18 @@ msgstr "Server reported"
msgid "Service"
msgstr "Service"
# TRANSLATION
# LABEL/ID_SERVICE_TASK
#: LABEL/ID_SERVICE_TASK
msgid "Service Task"
msgstr "Service Task"
# TRANSLATION
# LABEL/ID_SERVICE_TASK_UNTITLED
#: LABEL/ID_SERVICE_TASKUNTITLED
msgid "Untitled - Service Task"
msgstr "Untitled - Service Task"
# TRANSLATION
# LABEL/ID_SESSION
#: LABEL/ID_SESSION

3
workflow/engine/data/mysql/insert.sql
View File

@@ -60988,6 +60988,7 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE
( 'LABEL','ID_SCHEMA','en','Schema','2014-01-15') ,
( 'LABEL','ID_SCREEN_COLOR_ICON','en','Screen Color Icon','2021-08-10') ,
( 'LABEL','ID_SCRIPT_TASK','en','Script Task','2015-10-19') ,
( 'LABEL','ID_SCRIPT_TASK_UNTITLED','en','Untitled - Script Task','2021-11-23') ,
( 'LABEL','ID_SCRIPT_TASK_ACTIVITY_ALREADY_REGISTERED','en','The Script-Task with {0}: "{1}" already registered','2016-08-01') ,
( 'LABEL','ID_SEARCH','en','Search','2014-01-15') ,
( 'LABEL','ID_SEARCHING','en','Searching...','2019-05-03') ,
@@ -61090,6 +61091,8 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE
( 'LABEL','ID_SERVER_PROTOCOL','en','Server Protocol','2014-01-15') ,
( 'LABEL','ID_SERVER_REPORTED','en','Server reported','2014-01-15') ,
( 'LABEL','ID_SERVICE','en','Service','2014-01-15') ,
( 'LABEL','ID_SERVICE_TASK','en','Service','2021-11-23') ,
( 'LABEL','ID_SERVICE_TASK_UNTITLED','en','Service','2021-11-23') ,
( 'LABEL','ID_SESSION','en','Session','2014-01-15') ,
( 'LABEL','ID_SESSION_ACTIVE','en','Session active','2014-01-15') ,
( 'LABEL','ID_SESSION_DIRECTORY','en','Session directory','2015-11-05') ,

3
workflow/engine/methods/cases/cases_CatchSelfService.php
View File

@@ -78,8 +78,7 @@ if (
// Get the label of previous task
if (!empty($fieldsDelegation['TAS_ID'])) {
$taskInstance = new ModelTask();
$fieldsCase['PREVIOUS_TASK'] = $taskInstance->title($fieldsDelegation['TAS_ID']);
$fieldsCase['PREVIOUS_TASK'] = ModelTask::title($fieldsDelegation['TAS_ID'])['title'];
}
// To enable information (dynaforms, steps) before claim a case

7
workflow/engine/methods/login/authentication.php
View File

@@ -15,8 +15,9 @@ try {
$urlLogin = (substr(SYS_SKIN, 0, 2) !== 'ux')? 'login' : '../main/login';
}
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60)]);
if (!$RBAC->singleSignOn) {
setcookie("singleSignOn", '0', time() + (24 * 60 * 60), '/');
setcookie('singleSignOn', '0', $cookieOptions);
if (!isset($_POST['form']) ) {
G::SendTemporalMessage ('ID_USER_HAVENT_RIGHTS_SYSTEM', 'error');
G::header('Location: login');
@@ -181,7 +182,7 @@ try {
EnterpriseClass::enterpriseSystemUpdate($loginInfo);
initUserSession($uid, $usr);
} else {
setcookie("singleSignOn", '1', time() + (24 * 60 * 60), '/');
setcookie('singleSignOn', '1', $cookieOptions);
$uid = $RBAC->userObj->fields['USR_UID'];
$usr = $RBAC->userObj->fields['USR_USERNAME'];
initUserSession($uid, $usr);
@@ -416,7 +417,7 @@ try {
$configS = System::getSystemConfiguration('', '', config("system.workspace"));
$activeSession = isset($configS['session_block']) ? !(int)$configS['session_block']:true;
if ($activeSession){
setcookie("PM-TabPrimary", 101010010, time() + (24 * 60 * 60), '/');
setcookie('PM-TabPrimary', 101010010, $cookieOptions);
}
// Update the User's last login date

4
workflow/engine/methods/login/authenticationSso.php
View File

@@ -81,8 +81,8 @@ try {
}
}
/*----------------------------------********---------------------------------*/
setcookie('singleSignOn', '1', time() + (24 * 60 * 60), '/');
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60)]);
setcookie('singleSignOn', '1', $cookieOptions);
initUserSession(
$_SESSION['__USER_LOGGED_SSO__'],

41
workflow/engine/methods/login/login.php
View File

@@ -1,27 +1,4 @@
<?php
/**
* login.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*
*/
use ProcessMaker\Core\System;
use ProcessMaker\Plugins\PluginRegistry;
@@ -182,11 +159,11 @@ if (isset($_SESSION['USER_LOGGED'])) {
session_start();
session_regenerate_id();
if (PHP_VERSION < 5.2) {
setcookie("workspaceSkin", SYS_SKIN, time() + (24 * 60 * 60), "/sys" . config("system.workspace"), "; HttpOnly");
} else {
setcookie("workspaceSkin", SYS_SKIN, time() + (24 * 60 * 60), "/sys" . config("system.workspace"), null, false, true);
}
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60), 'httponly' => true]);
setcookie(session_name(), session_id(), $cookieOptions);
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60), 'path' => '/sys' . config('system.workspace'), 'httponly' => true]);
setcookie('workspaceSkin', SYS_SKIN, $cookieOptions);
if (strlen($msg) > 0) {
$_SESSION['G_MESSAGE'] = $msg;
@@ -323,14 +300,16 @@ $flagForgotPassword = isset($oConf->aConfig['login_enableForgotPassword'])
? $oConf->aConfig['login_enableForgotPassword']
: 'off';
setcookie('PM-Warning', trim(G::LoadTranslation('ID_BLOCKER_MSG'), '*'), time() + (24 * 60 * 60), SYS_URI);
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60), 'path' => SYS_URI]);
setcookie('PM-Warning', trim(G::LoadTranslation('ID_BLOCKER_MSG'), '*'), $cookieOptions);
$configS = System::getSystemConfiguration('', '', config("system.workspace"));
$activeSession = isset($configS['session_block']) ? !(int)$configS['session_block'] : true;
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60)]);
if ($activeSession) {
setcookie("PM-TabPrimary", 101010010, time() + (24 * 60 * 60), '/');
setcookie('PM-TabPrimary', 101010010, $cookieOptions);
} else {
setcookie("PM-TabPrimary", uniqid(), time() + (24 * 60 * 60), '/');
setcookie('PM-TabPrimary', uniqid(), $cookieOptions);
}
$oHeadPublisher->addScriptCode("var flagForgotPassword = '$flagForgotPassword';");

38
workflow/engine/methods/login/sysLogin.php
View File

@@ -1,28 +1,5 @@
<?php
/**
* sysLogin.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*
*/
/*----------------------------------********---------------------------------*/
//Browser Compatibility
$browserSupported = G::checkBrowserCompatibility();
if ($browserSupported==false) {
@@ -50,11 +27,14 @@ if (!empty($_SESSION['G_MESSAGE_TYPE'])) {
}
//Initialize session
@session_destroy();
session_start();
session_regenerate_id();
//Set options for PHP session cookie
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60), 'httponly' => true]);
setcookie(session_name(), session_id(), $cookieOptions);
//Restore session variables
$_SESSION = array_merge($_SESSION, $arraySession);
@@ -169,8 +149,12 @@ switch (WS_IN_LOGIN) {
$fileLogin = 'login/sysLogin';
break;
}
setcookie("PM-Warning", trim(G::LoadTranslation('ID_BLOCKER_MSG'), '*'), time() + (24 * 60 * 60), SYS_CURRENT_URI);
setcookie("PM-TabPrimary", uniqid(), time() + (24 * 60 * 60), '/');
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60), 'path' => SYS_CURRENT_URI]);
setcookie('PM-Warning', trim(G::LoadTranslation('ID_BLOCKER_MSG'), '*'), $cookieOptions);
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60)]);
setcookie('PM-TabPrimary', uniqid(), $cookieOptions);
$oHeadPublisher = headPublisher::getSingleton();
$oHeadPublisher->addScriptFile('/jscore/src/PM.js');
$oHeadPublisher->addScriptFile('/jscore/src/Sessions.js');

3
workflow/engine/methods/services/ActionsByEmailDataForm.php
View File

@@ -34,6 +34,9 @@ if (isset($_GET['BROWSER_TIME_ZONE_OFFSET'])) {
$caseFields = $case->loadCase($applicationUid, $delIndex);
//this value is only important for Propel::getConnection()
$_SESSION['PROCESS'] = $caseFields['PRO_UID'];
// Updating case variables with system constants
$systemConstants = G::getSystemConstants();
$caseFields['APP_DATA']['USER_LOGGED'] = $systemConstants['USER_LOGGED'];

24
workflow/engine/src/ProcessMaker/BusinessModel/Cases/AbstractCases.php
View File

@@ -1552,16 +1552,16 @@ class AbstractCases implements CasesInterface
$list = end($listArray);
switch ($list) {
case 'Inbox':
$query->inbox($this->getUserId());
$query->inboxMetrics();
break;
case 'Draft':
$query->draft($this->getUserId());
$query->draftMetrics();
break;
case 'Paused':
$query->paused($this->getUserId());
$query->pausedMetrics();
break;
case 'Unassigned':
$query->selfService($this->getUserUid());
$query->selfServiceMetrics();
break;
}
$query->joinProcess();
@@ -1604,16 +1604,16 @@ class AbstractCases implements CasesInterface
$list = end($listArray);
switch ($list) {
case 'Inbox':
$query->inbox($this->getUserId());
$query->inboxMetrics();
break;
case 'Draft':
$query->draft($this->getUserId());
$query->draftMetrics();
break;
case 'Paused':
$query->paused($this->getUserId());
$query->pausedMetrics();
break;
case 'Unassigned':
$query->selfService($this->getUserUid());
$query->selfServiceMetrics();
break;
}
$query->joinProcess();
@@ -1657,16 +1657,16 @@ class AbstractCases implements CasesInterface
$list = end($listArray);
switch ($list) {
case 'Inbox':
$query->inbox($this->getUserId());
$query->inboxMetrics();
break;
case 'Draft':
$query->draft($this->getUserId());
$query->draftMetrics();
break;
case 'Paused':
$query->paused($this->getUserId());
$query->pausedMetrics();
break;
case 'Unassigned':
$query->selfService($this->getUserUid());
$query->selfServiceMetrics();
break;
}
$query->joinProcess();

30
workflow/engine/src/ProcessMaker/BusinessModel/Cases/Draft.php
View File

@@ -6,6 +6,7 @@ use G;
use ProcessMaker\Model\Application;
use ProcessMaker\Model\CaseList;
use ProcessMaker\Model\Delegation;
use ProcessMaker\Model\Task;
use ProcessMaker\Model\User;
class Draft extends AbstractCases
@@ -127,10 +128,25 @@ class Draft extends AbstractCases
$item['DEL_DELEGATE_DATE_LABEL'] = applyMaskDateEnvironment($item['DEL_DELEGATE_DATE']);
// Get the send by related to the previous index
$previousThread = Delegation::getThreadInfo($item['APP_NUMBER'], $item['DEL_PREVIOUS']);
$userInfo = !empty($previousThread) ? User::getInformation($previousThread['USR_ID']) : [];
$userInfo = [];
$dummyInfo = [];
if (!empty($previousThread)) {
// When the task has an user
$userInfo = ($previousThread['USR_ID'] !== 0) ? User::getInformation($previousThread['USR_ID']) : [];
// When the task does not have users refers to dummy task
$taskInfo = ($previousThread['USR_ID'] === 0) ? Task::title($previousThread['TAS_ID']) : [];
if (!empty($taskInfo)) {
$dummyInfo = [
'task_id' => $previousThread['TAS_ID'],
'name' => $taskInfo['title'],
'type' => $taskInfo['type']
];
}
}
$result = [];
$result['del_previous'] = $item['DEL_PREVIOUS'];
$result['user_tooltip'] = $userInfo;
$result['dummy_task'] = $dummyInfo;
$item['SEND_BY_INFO'] = $result;
return $item;
@@ -228,4 +244,16 @@ class Draft extends AbstractCases
'total' => $count
];
}
/**
* Count how many cases there are in DRAFT
*
* @return int
*/
public function getCounterMetrics()
{
$query = Delegation::query()->select();
$query->draftMetrics();
return $query->count(['APPLICATION.APP_NUMBER']);
}
}

37
workflow/engine/src/ProcessMaker/BusinessModel/Cases/Inbox.php
View File

@@ -6,6 +6,7 @@ use G;
use ProcessMaker\Model\Application;
use ProcessMaker\Model\CaseList;
use ProcessMaker\Model\Delegation;
use ProcessMaker\Model\Task;
use ProcessMaker\Model\User;
class Inbox extends AbstractCases
@@ -81,7 +82,6 @@ class Inbox extends AbstractCases
if (!empty($this->getCaseUid())) {
$query->appUid($this->getCaseUid());
}
// Specific delegate date from
if (!empty($this->getDelegateFrom())) {
$query->delegateDateFrom($this->getDelegateFrom());
@@ -90,8 +90,7 @@ class Inbox extends AbstractCases
if (!empty($this->getDelegateTo())) {
$query->delegateDateTo($this->getDelegateTo());
}
// Specific usrId represented by sendBy.
// Specific usrId represented by sendBy
if (!empty($this->getSendBy())) {
$query->sendBy($this->getSendBy());
}
@@ -113,7 +112,7 @@ class Inbox extends AbstractCases
// Join with users
$query->joinUser();
// Join with task
$query->JoinTask();
$query->joinTask();
// Join with application for add the initial scope for TO_DO cases
$query->inbox($this->getUserId());
/** Apply filters */
@@ -147,10 +146,26 @@ class Inbox extends AbstractCases
$item['DEL_DELEGATE_DATE_LABEL'] = applyMaskDateEnvironment($item['DEL_DELEGATE_DATE']);
// Get the send by related to the previous index
$previousThread = Delegation::getThreadInfo($item['APP_NUMBER'], $item['DEL_PREVIOUS']);
$userInfo = !empty($previousThread) ? User::getInformation($previousThread['USR_ID']) : [];
$userInfo = [];
$dummyInfo = [];
if (!empty($previousThread)) {
// When the task has an user
$userInfo = ($previousThread['USR_ID'] !== 0) ? User::getInformation($previousThread['USR_ID']) : [];
// When the task does not have users refers to dummy task
$taskInfo = ($previousThread['USR_ID'] === 0) ? Task::title($previousThread['TAS_ID']) : [];
if (!empty($taskInfo)) {
$dummyInfo = [
'task_id' => $previousThread['TAS_ID'],
'name' => $taskInfo['title'],
'type' => $taskInfo['type']
];
}
}
$result = [];
$result['del_previous'] = $item['DEL_PREVIOUS'];
$result['key_name'] = !empty($userInfo) ? 'user_tooltip' : 'dummy_task';
$result['user_tooltip'] = $userInfo;
$result['dummy_task'] = $dummyInfo;
$item['SEND_BY_INFO'] = $result;
return $item;
@@ -246,4 +261,16 @@ class Inbox extends AbstractCases
'total' => $count
];
}
/**
* Count how many cases there are in TO_DO
*
* @return int
*/
public function getCounterMetrics()
{
$query = Delegation::query()->select();
$query->inboxMetrics();
return $query->count(['APP_DELEGATION.APP_NUMBER']);
}
}

37
workflow/engine/src/ProcessMaker/BusinessModel/Cases/Paused.php
View File

@@ -5,6 +5,7 @@ namespace ProcessMaker\BusinessModel\Cases;
use G;
use ProcessMaker\Model\CaseList;
use ProcessMaker\Model\Delegation;
use ProcessMaker\Model\Task;
use ProcessMaker\Model\User;
class Paused extends AbstractCases
@@ -80,7 +81,6 @@ class Paused extends AbstractCases
if (!empty($this->getCaseUid())) {
$query->appUid($this->getCaseUid());
}
// Specific delegate date from
if (!empty($this->getDelegateFrom())) {
$query->delegateDateFrom($this->getDelegateFrom());
@@ -89,8 +89,7 @@ class Paused extends AbstractCases
if (!empty($this->getDelegateTo())) {
$query->delegateDateTo($this->getDelegateTo());
}
// Specific usrId represented by sendBy.
// Specific usrId represented by sendBy
if (!empty($this->getSendBy())) {
$query->sendBy($this->getSendBy());
}
@@ -109,7 +108,7 @@ class Paused extends AbstractCases
// Join with process
$query->joinProcess();
// Join with task
$query->JoinTask();
$query->joinTask();
// Scope that set the paused cases
$query->paused($this->getUserId());
/** Apply filters */
@@ -141,10 +140,26 @@ class Paused extends AbstractCases
$item['DEL_DELEGATE_DATE_LABEL'] = applyMaskDateEnvironment($item['DEL_DELEGATE_DATE']);
// Get the send by related to the previous index
$previousThread = Delegation::getThreadInfo($item['APP_NUMBER'], $item['DEL_PREVIOUS']);
$userInfo = !empty($previousThread) ? User::getInformation($previousThread['USR_ID']) : [];
$userInfo = [];
$dummyInfo = [];
if (!empty($previousThread)) {
// When the task has an user
$userInfo = ($previousThread['USR_ID'] !== 0) ? User::getInformation($previousThread['USR_ID']) : [];
// When the task does not have users refers to dummy task
$taskInfo = ($previousThread['USR_ID'] === 0) ? Task::title($previousThread['TAS_ID']) : [];
if (!empty($taskInfo)) {
$dummyInfo = [
'task_id' => $previousThread['TAS_ID'],
'name' => $taskInfo['title'],
'type' => $taskInfo['type']
];
}
}
$result = [];
$result['del_previous'] = $item['DEL_PREVIOUS'];
$result['key_name'] = !empty($userInfo) ? 'user_tooltip' : 'dummy_task';
$result['user_tooltip'] = $userInfo;
$result['dummy_task'] = $dummyInfo;
$item['SEND_BY_INFO'] = $result;
return $item;
@@ -240,4 +255,16 @@ class Paused extends AbstractCases
'total' => $count
];
}
/**
* Count how many cases there are in PAUSED
*
* @return int
*/
public function getCounterMetrics()
{
$query = Delegation::query()->select();
$query->pausedMetrics();
return $query->count(['APP_DELEGATION.APP_NUMBER']);
}
}

34
workflow/engine/src/ProcessMaker/BusinessModel/Cases/Unassigned.php
View File

@@ -6,6 +6,7 @@ use G;
use ProcessMaker\Model\Application;
use ProcessMaker\Model\CaseList;
use ProcessMaker\Model\Delegation;
use ProcessMaker\Model\Task;
use ProcessMaker\Model\User;
class Unassigned extends AbstractCases
@@ -90,8 +91,7 @@ class Unassigned extends AbstractCases
if (!empty($this->getDelegateTo())) {
$query->delegateDateTo($this->getDelegateTo());
}
// Specific usrId represented by sendBy.
// Specific usrId represented by sendBy
if (!empty($this->getSendBy())) {
$query->sendBy($this->getSendBy());
}
@@ -149,10 +149,26 @@ class Unassigned extends AbstractCases
$item['DEL_DELEGATE_DATE_LABEL'] = applyMaskDateEnvironment($item['DEL_DELEGATE_DATE']);
// Get the send by related to the previous index
$previousThread = Delegation::getThreadInfo($item['APP_NUMBER'], $item['DEL_PREVIOUS']);
$userInfo = !empty($previousThread) ? User::getInformation($previousThread['USR_ID']) : [];
$userInfo = [];
$dummyInfo = [];
if (!empty($previousThread)) {
// When the task has an user
$userInfo = ($previousThread['USR_ID'] !== 0) ? User::getInformation($previousThread['USR_ID']) : [];
// When the task does not have users refers to dummy task
$taskInfo = ($previousThread['USR_ID'] === 0) ? Task::title($previousThread['TAS_ID']) : [];
if (!empty($taskInfo)) {
$dummyInfo = [
'task_id' => $previousThread['TAS_ID'],
'name' => $taskInfo['title'],
'type' => $taskInfo['type']
];
}
}
$result = [];
$result['del_previous'] = $item['DEL_PREVIOUS'];
$result['key_name'] = !empty($userInfo) ? 'user_tooltip' : 'dummy_task';
$result['user_tooltip'] = $userInfo;
$result['dummy_task'] = $dummyInfo;
$item['SEND_BY_INFO'] = $result;
return $item;
@@ -248,4 +264,16 @@ class Unassigned extends AbstractCases
'total' => $count
];
}
/**
* Count how many cases there are in SELF_SERVICE
*
* @return int
*/
public function getCounterMetrics()
{
$query = Delegation::query()->select();
$query->selfServiceMetrics();
return $query->count(['APP_DELEGATION.APP_NUMBER']);
}
}

4
workflow/engine/src/ProcessMaker/BusinessModel/Light.php
View File

@@ -874,8 +874,8 @@ class Light
session_start();
session_regenerate_id();
setcookie("workspaceSkin", SYS_SKIN, time() + (24 * 60 * 60), "/sys" . config("system.workspace"), null, false,
true);
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60), 'path' => '/sys' . config('system.workspace'), 'httponly' => true]);
setcookie('workspaceSkin', SYS_SKIN, $cookieOptions);
if (strlen($msg) > 0) {
$_SESSION['G_MESSAGE'] = $msg;

43
workflow/engine/src/ProcessMaker/ChangeLog/ChangeLogResult.php
View File

@@ -138,7 +138,7 @@ class ChangeLogResult
$totalCount = 0;
$values = [];
$this->getLogsFromDataBase($this->appUid, function($row) use(&$logs, &$totalCount, &$values) {
$this->getLogsFromDataBase($this->appUid, function ($row) use (&$logs, &$totalCount, &$values) {
$appData = $this->getAppData($row['DATA']);
$this->removeVariables($appData);
@@ -146,22 +146,52 @@ class ChangeLogResult
if ((int) $row['SOURCE_ID'] === ChangeLog::FromABE) {
$hasPermission = true;
}
if (in_array((int) $row['EXECUTED_AT'], [ChangeLog::BEFORE_ASSIGNMENT, ChangeLog::BEFORE_ROUTING, ChangeLog::AFTER_ROUTING])) {
$hasPermission = true;
}
$count = 0;
foreach ($appData as $key => $value) {
if ($hasPermission && (!isset($values[$key]) || $values[$key] !== $value)) {
// Apply mask
$dateLabel = applyMaskDateEnvironment($row['DATE'],'', false);
$dateLabel = applyMaskDateEnvironment($row['DATE'], '', false);
// Apply the timezone
$dateLabel = DateTime::convertUtcToTimeZone($dateLabel);
$previousValue = !isset($values[$key]) ? null : $values[$key];
//get 'title' label
$objectTitle = '';
if ((int) $row['OBJECT_TYPE'] === ChangeLog::DYNAFORM) {
$objectTitle = G::LoadTranslation('ID_DYNAFORM') . ': ' . $row['DYN_TITLE'];
}
if ((int) $row['OBJECT_TYPE'] === ChangeLog::TRIGGER) {
if ((int) $row['EXECUTED_AT'] === ChangeLog::BEFORE_ASSIGNMENT) {
$objectTitle = G::LoadTranslation('ID_BEFORE_ASSIGNMENT');
}
if ((int) $row['EXECUTED_AT'] === ChangeLog::BEFORE_ROUTING) {
$objectTitle = G::LoadTranslation('ID_BEFORE_DERIVATION');
}
if ((int) $row['EXECUTED_AT'] === ChangeLog::AFTER_ROUTING) {
$objectTitle = G::LoadTranslation('ID_AFTER_DERIVATION');
}
}
//get 'from' label
$from = ChangeLog::getChangeLog()->getApplicationNameById($row['SOURCE_ID']);
if ((int) $row['SOURCE_ID'] === ChangeLog::FromUnknow) {
if ((int) $row['EXECUTED_AT'] === ChangeLog::BEFORE_ROUTING ||
(int) $row['EXECUTED_AT'] === ChangeLog::AFTER_ROUTING) {
$from = ChangeLog::getChangeLog()->getApplicationNameById(ChangeLog::FromWeb);
}
}
$record = ''
. G::LoadTranslation('ID_TASK') . ': ' . $row['TAS_TITLE'] . ' / '
. G::LoadTranslation('ID_DYNAFORM') . ': ' . $row['DYN_TITLE'] . ' / '
. $objectTitle . ' / '
. G::LoadTranslation('ID_LAN_UPDATE_DATE') . ': ' . $dateLabel . ' / '
. G::LoadTranslation('ID_USER') . ': ' . $row['USR_USERNAME'] . ' / '
. G::LoadTranslation('ID_FROM') . ': ' . ChangeLog::getChangeLog()->getApplicationNameById($row['SOURCE_ID']);
. G::LoadTranslation('ID_FROM') . ': ' . $from;
$struct = new LogStruct();
$struct->setField($key)
@@ -210,6 +240,7 @@ class ChangeLogResult
. "A.USR_ID, "
. "A.OBJECT_ID, "
. "A.OBJECT_UID, "
. "A.OBJECT_TYPE, "
. "A.EXECUTED_AT, "
. "A.SOURCE_ID, "
. "A.DATA, "
@@ -220,8 +251,8 @@ class ChangeLogResult
. "LEFT JOIN PROCESS AS C ON (C.PRO_ID=A.PRO_ID) "
. "LEFT JOIN TASK AS D ON (D.TAS_ID=A.TAS_ID) "
. "LEFT JOIN USERS AS E ON (E.USR_ID=A.USR_ID) "
. "LEFT JOIN DYNAFORM AS F ON (F.DYN_ID=A.OBJECT_ID AND A.OBJECT_TYPE=" . ChangeLog::DYNAFORM . ") "
. "ORDER BY A.DATE ASC ";
. "LEFT JOIN DYNAFORM AS F ON (F.DYN_ID=A.OBJECT_ID AND A.OBJECT_TYPE IN (" . ChangeLog::DYNAFORM . ", " . ChangeLog::TRIGGER . ")) "
. "ORDER BY A.CHANGE_LOG_ID,A.DATE ASC ";
$stmt = $conn->prepareStatement($sql);
$stmt->set(1, $appUid);

47
workflow/engine/src/ProcessMaker/Core/System.php
View File

@@ -86,6 +86,21 @@ class System
'disable_task_manager_routing_async' => '0',
'on_one_server_enable' => 0,
'at_risk_delegation_max_time' => '0.2',
'samesite_cookie_setting' => ''
];
public static $cookieDefaultOptions = [
'expires' => 0,
'path' => '/',
'domain' => '',
'secure' => false,
'httponly' => false,
'samesite' => ''
];
public static $cookieSameSiteValues = [
'Lax',
'Strict'
];
/**
@@ -1252,6 +1267,13 @@ class System
$config['at_risk_delegation_max_time'] = self::$defaultConfig['at_risk_delegation_max_time'];
}
$value = ucfirst(strtolower($config['samesite_cookie_setting']));
if (in_array($value, self::$cookieSameSiteValues)) {
$config['samesite_cookie_setting'] = $value;
} else {
$config['samesite_cookie_setting'] = '';
}
return $config;
}
@@ -1778,4 +1800,29 @@ class System
$parseDsn["pass"] = urldecode($parseDsn["pass"]);
return $parseDsn;
}
/**
* Build the options for a cookie, according to the system configuration and values optionally sent to this method
*
* @param array $options
* @return array
*/
public static function buildCookieOptions(array $options = [])
{
// Get system values
$cookieOptions = self::$cookieDefaultOptions;
$systemConfiguration = self::getSystemConfiguration();
// Always set "secure" option according to the server protocol
$cookieOptions['secure'] = G::is_https();
// Set the "samesite" option according to the system configuration
$cookieOptions['samesite'] = $systemConfiguration['samesite_cookie_setting'];
// Overrides the cookie options with the values sent to the method
$cookieOptions = array_merge($cookieOptions, $options);
// Return the cookie options
return $cookieOptions;
}
}

58
workflow/engine/src/ProcessMaker/Model/Delegation.php
View File

@@ -1069,6 +1069,64 @@ class Delegation extends Model
return $query;
}
/**
* Scope the Inbox cases no matter the user
*
* @param \Illuminate\Database\Eloquent\Builder $query
*
* @return \Illuminate\Database\Eloquent\Builder
*/
public function scopeInboxMetrics($query)
{
$query->joinApplication();
$query->status(Application::STATUS_TODO);
$query->threadOpen();
return $query;
}
/**
* Scope a draft cases no matter the user
*
* @param \Illuminate\Database\Eloquent\Builder $query
*
* @return \Illuminate\Database\Eloquent\Builder
*/
public function scopeDraftMetrics($query)
{
$query->joinApplication();
$query->status(Application::STATUS_DRAFT);
$query->threadOpen();
return $query;
}
/**
* Scope paused cases list no matter the user
*
* @param \Illuminate\Database\Eloquent\Builder $query
*
* @return \Illuminate\Database\Eloquent\Builder
*/
public function scopePausedMetrics($query)
{
$query->joinAppDelay('PAUSE');
$query->joinApplication();
return $query;
}
/**
* Scope a self service cases no matter the user
*
* @param \Illuminate\Database\Eloquent\Builder $query
*
* @return \Illuminate\Database\Eloquent\Builder
*/
public function scopeSelfServiceMetrics($query)
{
$query->taskAssignType('SELF_SERVICE');
$query->threadOpen()->withoutUserId();
return $query;
}
/**
* Get specific cases unassigned that the user can view
*

43
workflow/engine/src/ProcessMaker/Model/Task.php
View File

@@ -120,16 +120,18 @@ class Task extends Model
*
* @param integer $tasId
*
* @return string
* @return array
*/
public function title($tasId)
public static function title($tasId)
{
$query = Task::query()->select('TAS_TITLE');
$query = Task::query()->select('TAS_TITLE', 'TAS_TYPE');
$query->where('TAS_ID', $tasId);
$results = $query->get();
$title = '';
$results->each(function ($item, $key) use (&$title) {
$type = '';
$results->each(function ($item, $key) use (&$title, &$type) {
$title = $item->TAS_TITLE;
$type = $item->TAS_TYPE;
switch ($title) {
case "INTERMEDIATE-THROW-EMAIL-EVENT":
$title = G::LoadTranslation('ID_INTERMEDIATE_THROW_EMAIL_EVENT');
@@ -143,10 +145,41 @@ class Task extends Model
case "INTERMEDIATE-CATCH-TIMER-EVENT":
$title = G::LoadTranslation('ID_INTERMEDIATE_CATCH_TIMER_EVENT');
break;
case "SCRIPT-TASK":
$title = G::LoadTranslation('ID_SCRIPT_TASK_UNTITLED');
break;
case "SERVICE-TASK":
$title = G::LoadTranslation('ID_SERVICE_TASK_UNTITLED');
break;
default:
$title = G::LoadTranslation('ID_ANONYMOUS');
}
switch ($type) {
case "INTERMEDIATE-THROW-EMAIL-EVENT":
$type = G::LoadTranslation('ID_EMAIL_EVENT');
break;
case "INTERMEDIATE-THROW-MESSAGE-EVENT":
case "INTERMEDIATE-CATCH-MESSAGE-EVENT":
$type = G::LoadTranslation('ID_MESSAGE_EVENT');
break;
case "INTERMEDIATE-CATCH-TIMER-EVENT":
$type = G::LoadTranslation('ID_TIMER_EVENT');
break;
case "SCRIPT-TASK":
$type = G::LoadTranslation('ID_SCRIPT_TASK');
break;
case "SERVICE-TASK":
$type = G::LoadTranslation('ID_SERVICE_TASK');
break;
default:
$type = G::LoadTranslation('ID_NONE');
}
});
return $title;
return [
'title' => $title,
'type' => $type,
];
}
/**

38
workflow/engine/src/ProcessMaker/Services/Api/Metrics.php
View File

@@ -3,11 +3,11 @@
namespace ProcessMaker\Services\Api;
use Exception;
use Luracast\Restler\RestException;
use ProcessMaker\BusinessModel\Cases\Draft;
use ProcessMaker\BusinessModel\Cases\Inbox;
use ProcessMaker\BusinessModel\Cases\Paused;
use ProcessMaker\BusinessModel\Cases\Unassigned;
use ProcessMaker\Model\User;
use ProcessMaker\Services\Api;
use RBAC;
@@ -46,8 +46,6 @@ class Metrics extends Api
*/
public function getProcessTotalCases($caseList, $category = null, $topTen = false, $processes = [])
{
$usrUid = $this->getUserId();
$usrId = !empty($usrUid) ? User::getId($usrUid) : 0;
try {
switch ($caseList) {
case 'inbox':
@@ -61,10 +59,8 @@ class Metrics extends Api
break;
case 'unassigned':
$list = new Unassigned();
$list->setUserUid($usrUid);
break;
}
$list->setUserId($usrId);
$result = $list->getCountersByProcesses($category, $topTen, $processes);
return $result;
} catch (Exception $e) {
@@ -91,8 +87,6 @@ class Metrics extends Api
*/
public function getTotalCasesByRange($caseList, $processId = null, $dateFrom = null, $dateTo = null, $groupBy = 'day')
{
$usrUid = $this->getUserId();
$usrId = !empty($usrUid) ? User::getId($usrUid) : 0;
try {
switch ($caseList) {
case 'inbox':
@@ -106,10 +100,8 @@ class Metrics extends Api
break;
case 'unassigned':
$list = new Unassigned();
$list->setUserUid($usrUid);
break;
}
$list->setUserId($usrId);
$result = $list->getCountersByRange($processId, $dateFrom, $dateTo, $groupBy);
return $result;
} catch (Exception $e) {
@@ -125,31 +117,21 @@ class Metrics extends Api
* @return array
*
* @throws RestException
*
* @class AccessControl {@permission TASK_METRICS_VIEW}
*/
public function getCountersList()
{
try {
$usrUid = $this->getUserId();
$properties['user'] = !empty($usrUid) ? User::getId($usrUid) : 0;
$listInbox = new Inbox();
$listInbox->setProperties($properties);
$listDraft = new Draft();
$listDraft->setUserUid($usrUid);
$listDraft->setProperties($properties);
$listPaused = new Paused();
$listPaused->setProperties($properties);
$listUnassigned = new Unassigned();
$listUnassigned->setUserUid($usrUid);
$listUnassigned->setProperties($properties);
$casesInbox = $listInbox->getCounter();
$casesDraft = $listDraft->getCounter();
$casesPaused = $listPaused->getCounter();
$casesUnassigned = $listUnassigned->getCounter();
$casesInbox = $listInbox->getCounterMetrics();
$casesDraft = $listDraft->getCounterMetrics();
$casesPaused = $listPaused->getCounterMetrics();
$casesUnassigned = $listUnassigned->getCounterMetrics();
$result = [
['List Name' => 'Inbox', 'Total' => $casesInbox, 'Color' => 'green'],
@@ -179,12 +161,12 @@ class Metrics extends Api
* @return array
*
* @throws RestException
*
* @class AccessControl {@permission TASK_METRICS_VIEW}
*/
public function getCasesRiskByProcess($caseList = 'inbox', $process, $dateFrom = null, $dateTo = null, $riskStatus = 'ON_TIME', $topCases = null)
{
try {
$usrUid = $this->getUserId();
$usrId = !empty($usrUid) ? User::getId($usrUid) : 0;
switch ($caseList) {
case 'inbox':
$list = new Inbox();
@@ -197,10 +179,8 @@ class Metrics extends Api
break;
case 'unassigned':
$list = new Unassigned();
$list->setUserUid($usrUid);
break;
}
$list->setUserId($usrId);
$result = $list->getCasesRisk($process, $dateFrom, $dateTo, $riskStatus, $topCases);
return $result;
} catch (Exception $e) {

4
workflow/engine/src/ProcessMaker/Services/OAuth2/Server.php
View File

@@ -1,6 +1,7 @@
<?php
namespace ProcessMaker\Services\OAuth2;
use Bootstrap;
use Luracast\Restler\iAuthenticate;
use Luracast\Restler\RestException;
use OAuth2\Request;
@@ -367,7 +368,8 @@ class Server implements iAuthenticate
$lifetime = 1440;
}
setcookie($session->getSessionName(), $_COOKIE[$session->getSessionName()], time() + $lifetime, "/", null, false, true);
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + $lifetime, 'secure' => false, 'httponly' => true]);
setcookie($session->getSessionName(), $_COOKIE[$session->getSessionName()], $cookieOptions);
}
}

2
workflow/engine/templates/designer/index.html
View File

@@ -39,7 +39,7 @@
<script type="text/javascript" src="/lib-dev/js/wz_jsgraphics.js"></script>
<script type="text/javascript" src="/lib-dev/js/jquery-1.10.2.min.js"></script>
<script type="text/javascript" src="/lib-dev/js/underscore-min.js"></script>
<script type="text/javascript" src="/lib-dev/js/jquery-ui-1.10.3.custom.min.js"></script>
<script type="text/javascript" src="/lib-dev/js/jquery-ui.min.js"></script>
<script type="text/javascript" src="/lib-dev/js/jquery.layout.min.js"></script>
<script type="text/javascript" src="/lib-dev/js/restclient.min.js"></script>
<script type="text/javascript" src="/lib-dev/js/modernizr.js"></script>

736
workflow/public_html/bootstrap.php
View File

@@ -1,736 +0,0 @@
<?php
use ProcessMaker\Plugins\PluginRegistry;
/**
* sysGeneric - ProcessMaker Bootstrap
* this file is used initialize main variables, redirect and dispatch all requests
*/
// Defining the PATH_SEP constant, he we are defining if the the path separator symbol will be '\\' or '/'
define('PATH_SEP', '/');
// Defining the Home Directory
$realdocuroot = str_replace('\\', '/', $_SERVER['DOCUMENT_ROOT']);
$docuroot = explode(PATH_SEP, $realdocuroot);
array_pop($docuroot);
$pathhome = implode(PATH_SEP, $docuroot) . PATH_SEP;
// try to find automatically the trunk directory where are placed the RBAC and Gulliver directories
// in a normal installation you don't need to change it.
array_pop($docuroot);
$pathTrunk = implode(PATH_SEP, $docuroot) . PATH_SEP;
array_pop($docuroot);
$pathOutTrunk = implode(PATH_SEP, $docuroot) . PATH_SEP;
define('PATH_HOME', $pathhome);
define('PATH_TRUNK', $pathTrunk);
define('PATH_OUTTRUNK', $pathOutTrunk);
// Including these files we get the PM paths and definitions (that should be just one file.
require_once $pathhome . PATH_SEP . 'engine' . PATH_SEP . 'config' . PATH_SEP . 'paths.php';
require_once PATH_CORE . 'classes' . PATH_SEP . 'class.system.php';
// starting session
$timelife = ini_get('session.gc_maxlifetime');
if (is_null($timelife)) {
$timelife = 1440;
}
ini_set('session.gc_maxlifetime', $timelife);
ini_set('session.cookie_lifetime', $timelife);
session_start();
$config = PmSystem::getSystemConfiguration();
//$e_all = defined('E_DEPRECATED') ? E_ALL & ~E_DEPRECATED : E_ALL;
//$e_all = defined('E_STRICT') ? $e_all & ~E_STRICT : $e_all;
//$e_all = $config['debug'] ? $e_all : $e_all & ~E_NOTICE;
//$e_all = E_ALL & ~ E_DEPRECATED & ~ E_STRICT & ~ E_NOTICE & ~E_WARNING;
$filter = new InputFilter();
$config['display_errors'] = $filter->validateInput($config['display_errors']);
$config['error_reporting'] = $filter->validateInput($config['error_reporting']);
$config['wsdl_cache'] = $filter->validateInput($config['wsdl_cache'], 'int');
$config['time_zone'] = $filter->validateInput($config['time_zone']);
// Do not change any of these settings directly, use env.ini instead
ini_set('display_errors', $filter->validateInput($config['display_errors']));
ini_set('error_reporting', $filter->validateInput($config['error_reporting']));
ini_set('short_open_tag', 'On');
ini_set('default_charset', "UTF-8");
ini_set('soap.wsdl_cache_enabled', $config['wsdl_cache']);
ini_set('date.timezone',
(isset($_SESSION['__SYSTEM_UTC_TIME_ZONE__']) && $_SESSION['__SYSTEM_UTC_TIME_ZONE__']) ? 'UTC' : $config['time_zone']); //Set Time Zone
define('DEBUG_SQL_LOG', $config['debug_sql']);
define('DEBUG_TIME_LOG', $config['debug_time']);
define('DEBUG_CALENDAR_LOG', $config['debug_calendar']);
define('MEMCACHED_ENABLED', $config['memcached']);
define('MEMCACHED_SERVER', $config['memcached_server']);
define('TIME_ZONE', ini_get('date.timezone'));
// IIS Compatibility, SERVER_ADDR doesn't exist on that env, so we need to define it.
$_SERVER['SERVER_ADDR'] = isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : $_SERVER['SERVER_NAME'];
//to do: make different environments. sys
define('ERROR_SHOW_SOURCE_CODE',
true); // enable ERROR_SHOW_SOURCE_CODE to display the source code for any WARNING OR NOTICE
//define ( 'ERROR_LOG_NOTICE_ERROR', true ); //enable ERROR_LOG_NOTICE_ERROR to log Notices messages in default apache log
//check if it is a installation instance
if (!defined('PATH_C')) {
// is a intallation instance, so we need to define PATH_C and PATH_LANGUAGECONT constants temporarily
define('PATH_C', (rtrim(G::sys_get_temp_dir(), PATH_SEP) . PATH_SEP));
define('PATH_LANGUAGECONT', PATH_HOME . 'engine/content/languages/');
}
// defining Virtual URLs
$virtualURITable = [];
$virtualURITable['/plugin/(*)'] = 'plugin';
$virtualURITable['/(sys*)/(*.js)'] = 'jsMethod';
$virtualURITable['/js/(*)'] = PATH_GULLIVER_HOME . 'js/';
$virtualURITable['/jscore/(*)'] = PATH_CORE . 'js/';
if (defined('PATH_C')) {
$virtualURITable['/jsform/(*.js)'] = PATH_C . 'xmlform/';
$virtualURITable['/extjs/(*)'] = PATH_C . 'ExtJs/';
}
$virtualURITable['/htmlarea/(*)'] = PATH_THIRDPARTY . 'htmlarea/';
$virtualURITable['/sys[a-zA-Z][a-zA-Z0-9]{0,}()/'] = 'sysNamed';
$virtualURITable['/(sys*)'] = false;
$virtualURITable['/errors/(*)'] = PATH_GULLIVER_HOME . 'methods/errors/';
$virtualURITable['/gulliver/(*)'] = PATH_GULLIVER_HOME . 'methods/';
$virtualURITable['/controls/(*)'] = PATH_GULLIVER_HOME . 'methods/controls/';
$virtualURITable['/html2ps_pdf/(*)'] = PATH_THIRDPARTY . 'html2ps_pdf/';
$virtualURITable['/images/'] = 'errorFile';
$virtualURITable['/skins/'] = 'errorFile';
$virtualURITable['/files/'] = 'errorFile';
$virtualURITable['/[a-zA-Z][a-zA-Z0-9]{0,}()'] = 'sysUnnamed';
$virtualURITable['/rest/(*)'] = 'rest-service';
$virtualURITable['/update/(*)'] = PATH_GULLIVER_HOME . 'methods/update/';
$virtualURITable['/(*)'] = PATH_HTML;
$isRestRequest = false;
// Verify if we need to redirect or stream the file, if G:VirtualURI returns true means we are going to redirect the page
if (G::virtualURI($_SERVER['REQUEST_URI'], $virtualURITable, $realPath)) {
// review if the file requested belongs to public_html plugin
if (substr($realPath, 0, 6) == 'plugin') {
// Another way to get the path of Plugin public_html and stream the correspondent file, By JHL Jul 14, 08
// TODO: $pathsQuery will be used?
$pathsQuery = '';
// Get the query side
// Did we use this variable $pathsQuery for something??
$forQuery = explode("?", $realPath);
if (isset($forQuery[1])) {
$pathsQuery = $forQuery[1];
}
//Get that path in array
$paths = explode(PATH_SEP, $forQuery[0]);
//remove the "plugin" word from
$paths[0] = substr($paths[0], 6);
//Get the Plugin Folder, always the first element
$pluginFolder = array_shift($paths);
//The other parts are the realpath into public_html (no matter how many elements)
$filePath = implode(PATH_SEP, $paths);
$pluginFilename = PATH_PLUGINS . $pluginFolder . PATH_SEP . 'public_html' . PATH_SEP . $filePath;
if (file_exists($pluginFilename)) {
G::streamFile($pluginFilename);
}
die;
}
$requestUriArray = explode("/", $_SERVER['REQUEST_URI']);
if ((isset($requestUriArray[1])) && ($requestUriArray[1] == 'skin')) {
// This will allow to public images of Custom Skins, By JHL Feb 28, 11
$pathsQuery = "";
// Get the query side
// This way we remove garbage
$forQuery = explode("?", $realPath);
if (isset($forQuery[1])) {
$pathsQuery = $forQuery[1];
}
//Get that path in array
$paths = explode(PATH_SEP, $forQuery[0]);
$fileToBeStreamed = str_replace("/skin/", PATH_CUSTOM_SKINS, $_SERVER['REQUEST_URI']);
if (file_exists($fileToBeStreamed)) {
G::streamFile($fileToBeStreamed);
}
die;
}
switch ($realPath) {
case 'sysUnnamed' :
require_once('sysUnnamed.php');
die;
break;
case 'sysNamed' :
header('location : ' . $_SERVER['REQUEST_URI'] . '/' . SYS_LANG . '/classic/login/login');
die;
break;
case 'jsMethod' :
G::parseURI(getenv("REQUEST_URI"));
$filename = PATH_METHODS . SYS_COLLECTION . '/' . SYS_TARGET . '.js';
G::streamFile($filename);
die;
break;
case 'errorFile':
header("location: /errors/error404.php?url=" . urlencode($_SERVER['REQUEST_URI']));
if (DEBUG_TIME_LOG) {
G::logTimeByPage();
} //log this page
die;
break;
default :
if (substr($realPath, 0, 12) == 'rest-service') {
$isRestRequest = true;
} else {
$realPath = explode('?', $realPath);
$realPath[0] .= strpos(basename($realPath[0]), '.') === false ? '.php' : '';
G::streamFile($realPath[0]);
die;
}
}
}//virtual URI parser
// the request correspond to valid php page, now parse the URI
G::parseURI(getenv("REQUEST_URI"), $isRestRequest);
$arrayUpdating = G::isPMUnderUpdating();
if ($arrayUpdating['action']) {
if ($arrayUpdating['workspace'] == "true" || $arrayUpdating['workspace'] == SYS_TEMP) {
header("location: /update/updating.php");
if (DEBUG_TIME_LOG) {
G::logTimeByPage();
}
die;
}
}
// verify if index.html exists
if (!file_exists(PATH_HTML . 'index.html')) { // if not, create it from template
file_put_contents(
PATH_HTML . 'index.html',
G::parseTemplate(PATH_TPL . "index.html",
array("lang" => ((defined("SYS_LANG") && SYS_LANG != "") ? SYS_LANG : "en"), "skin" => SYS_SKIN))
);
}
define('SYS_URI', '/sys' . SYS_TEMP . '/' . SYS_LANG . '/' . SYS_SKIN . '/');
// defining the serverConf singleton
if (defined('PATH_DATA') && file_exists(PATH_DATA)) {
//Instance Server Configuration Singleton
$oServerConf = ServerConf::getSingleton();
}
// Call Gulliver Classes
// Create headPublisher singleton
$oHeadPublisher = headPublisher::getSingleton();
//Load filter class
$filter = new InputFilter();
// Installer, redirect to install if we don't have a valid shared data folder
if (!defined('PATH_DATA') || !file_exists(PATH_DATA)) {
// new installer, extjs based
define('PATH_DATA', PATH_C);
require_once ( PATH_CONTROLLERS . 'InstallerModule.php' );
$controller = InstallerModule::class;
// if the method name is empty set default to index method
if (strpos(SYS_TARGET, '/') !== false) {
list($controller, $controllerAction) = explode('/', SYS_TARGET);
} else {
$controllerAction = SYS_TARGET;
}
$controllerAction = ($controllerAction != '' && $controllerAction != 'login') ? $controllerAction : 'index';
// create the installer controller and call its method
if (is_callable([InstallerModule::class, $controllerAction])) {
$installer = new $controller();
$installer->setHttpRequestData($_REQUEST);
$installer->call($controllerAction);
}
else {
$_SESSION['phpFileNotFound'] = $_SERVER['REQUEST_URI'];
header ("location: /errors/error404.php?url=" . urlencode($_SERVER['REQUEST_URI']));
}
die;
}
// Load Language Translation
G::LoadTranslationObject(defined('SYS_LANG') ? SYS_LANG : "en");
// look for a disabled workspace
if ($oServerConf->isWSDisabled(SYS_TEMP)) {
$aMessage['MESSAGE'] = G::LoadTranslation('ID_DISB_WORKSPACE');
$G_PUBLISH = new Publisher;
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/showMessage', '', $aMessage);
G::RenderPage('publish');
die;
}
// database and workspace definition
// if SYS_TEMP exists, the URL has a workspace, now we need to verify if exists their db.php file
if (defined('SYS_TEMP') && SYS_TEMP != '') {
//this is the default, the workspace db.php file is in /shared/workflow/sites/SYS_SYS
if (file_exists(PATH_DB . SYS_TEMP . '/db.php')) {
$pathFile = $filter->validateInput(PATH_DB . SYS_TEMP . '/db.php', 'path');
require_once($pathFile);
define('SYS_SYS', SYS_TEMP);
// defining constant for workspace shared directory
define('PATH_WORKSPACE', PATH_DB . config("system.workspace") . PATH_SEP);
// including workspace shared classes -> particularlly for pmTables
set_include_path(get_include_path() . PATH_SEPARATOR . PATH_WORKSPACE);
} else {
G::SendTemporalMessage('ID_NOT_WORKSPACE', "error");
G::header('location: /sys/' . SYS_LANG . '/' . SYS_SKIN . '/main/sysLogin?errno=2');
die;
}
} else { //when we are in global pages, outside any valid workspace
if (SYS_TARGET === 'newSite') {
$phpFile = G::ExpandPath('methods') . SYS_COLLECTION . "/" . SYS_TARGET . '.php';
$phpFile = $filter->validateInput($phpFile, 'path');
require_once($phpFile);
die();
} else {
if (SYS_TARGET == "dbInfo") { //Show dbInfo when no SYS_SYS
$pathFile = PATH_METHODS . 'login/dbInfo.php';
$pathFile = $filter->validateInput($pathFile, 'path');
require_once($pathFile);
} else {
if (substr(SYS_SKIN, 0,
2) === 'ux' && SYS_TARGET != 'sysLoginVerify') { // new ux sysLogin - extjs based form
$pathFile = $filter->validateInput(PATH_CONTROLLERS . 'main.php', 'path');
require_once $pathFile;
$controllerClass = 'Main';
$controllerAction = SYS_TARGET == 'sysLoginVerify' ? SYS_TARGET : 'sysLogin';
//if the method exists
if (is_callable(Array($controllerClass, $controllerAction))) {
$controller = new $controllerClass();
$controller->setHttpRequestData($_REQUEST);
$controller->call($controllerAction);
}
} else { // classic sysLogin interface
$pathFile = PATH_METHODS . 'login/sysLogin.php';
$pathFile = $filter->validateInput($pathFile, 'path');
require_once($pathFile);
die();
}
}
if (DEBUG_TIME_LOG) {
G::logTimeByPage();
} //log this page
die();
}
}
// PM Paths DATA
define('PATH_DATA_SITE', PATH_DATA . 'sites/' . config("system.workspace") . '/');
define('PATH_DOCUMENT', PATH_DATA_SITE . 'files/');
define('PATH_DATA_MAILTEMPLATES', PATH_DATA_SITE . 'mailTemplates/');
define('PATH_DATA_PUBLIC', PATH_DATA_SITE . 'public/');
define('PATH_DATA_REPORTS', PATH_DATA_SITE . 'reports/');
define('PATH_DYNAFORM', PATH_DATA_SITE . 'xmlForms/');
define('PATH_IMAGES_ENVIRONMENT_FILES', PATH_DATA_SITE . 'usersFiles' . PATH_SEP);
define('PATH_IMAGES_ENVIRONMENT_USERS', PATH_DATA_SITE . 'usersPhotographies' . PATH_SEP);
define('SERVER_NAME', $_SERVER ['SERVER_NAME']);
define('SERVER_PORT', $_SERVER ['SERVER_PORT']);
// create memcached singleton
$memcache = PMmemcached::getSingleton(config("system.workspace"));
// verify configuration for rest service
if ($isRestRequest) {
// disable until confirm that rest is enabled & configured on rest-config.ini file
$isRestRequest = false;
$confFile = '';
$restApiClassPath = '';
// try load and getting rest configuration
if (file_exists(PATH_DATA_SITE . 'rest-config.ini')) {
$confFile = PATH_DATA_SITE . 'rest-config.ini';
$restApiClassPath = PATH_DATA_SITE;
} elseif (file_exists(PATH_CONFIG . 'rest-config.ini')) {
$confFile = PATH_CONFIG . 'rest-config.ini';
}
if (!empty($confFile) && $restConfig = @parse_ini_file($confFile, true)) {
if (array_key_exists('enable_service', $restConfig)) {
if ($restConfig['enable_service'] == 'true' || $restConfig['enable_service'] == '1') {
$isRestRequest = true; // rest service enabled
}
}
}
}
//here we are loading all plugins registered
//the singleton has a list of enabled plugins
$oPluginRegistry = PluginRegistry::loadSingleton();
// setup propel definitions and logging
require_once("propel/Propel.php");
require_once("creole/Creole.php");
if (defined('DEBUG_SQL_LOG') && DEBUG_SQL_LOG) {
define('PM_PID', mt_rand(1, 999999));
require_once 'Log.php';
// register debug connection decorator driver
Creole::registerDriver('*', 'creole.contrib.DebugConnection');
// initialize Propel with converted config file
Propel::init(PATH_CORE . "config/databases.php");
// unified log file for all databases
$logFile = PATH_DATA . 'log' . PATH_SEP . 'propel.log';
$logger = Log::singleton('file', $logFile, 'wf ' . config("system.workspace"), null, PEAR_LOG_INFO);
Propel::setLogger($logger);
// log file for workflow database
$con = Propel::getConnection('workflow');
if ($con instanceof DebugConnection) {
$con->setLogger($logger);
}
// log file for rbac database
$con = Propel::getConnection('rbac');
if ($con instanceof DebugConnection) {
$con->setLogger($logger);
}
// log file for report database
$con = Propel::getConnection('rp');
if ($con instanceof DebugConnection) {
$con->setLogger($logger);
}
} else {
Propel::init(PATH_CORE . "config/databases.php");
}
Creole::registerDriver('dbarray', 'creole.contrib.DBArrayConnection');
// Session Initializations
ini_set('session.auto_start', '1');
// The register_globals feature has been DEPRECATED as of PHP 5.3.0. default value Off.
// ini_set( 'register_globals', 'Off' );
//session_start();
ob_start();
// Rebuild the base Workflow translations if not exists
if (!is_file(PATH_LANGUAGECONT . 'translation.en')) {
require_once("classes/model/Translation.php");
$fields = Translation::generateFileTranslation('en');
}
// TODO: Verify if the language set into url is defined in translations env.
if (SYS_LANG != 'en' && !is_file(PATH_LANGUAGECONT . 'translation.' . SYS_LANG)) {
require_once("classes/model/Translation.php");
$fields = Translation::generateFileTranslation(SYS_LANG);
}
// Setup plugins
$oPluginRegistry->setupPlugins(); //get and setup enabled plugins
$avoidChangedWorkspaceValidation = false;
// Load custom Classes and Model from Plugins.
G::LoadAllPluginModelClasses();
// jump to php file in methods directory
$collectionPlugin = '';
if ($oPluginRegistry->isRegisteredFolder(SYS_COLLECTION)) {
$phpFile = PATH_PLUGINS . SYS_COLLECTION . PATH_SEP . SYS_TARGET . '.php';
$targetPlugin = explode('/', SYS_TARGET);
$collectionPlugin = $targetPlugin[0];
$avoidChangedWorkspaceValidation = true;
} else {
$phpFile = G::ExpandPath('methods') . SYS_COLLECTION . PATH_SEP . SYS_TARGET . '.php';
}
// services is a special folder,
if (SYS_COLLECTION == 'services') {
$avoidChangedWorkspaceValidation = true;
$targetPlugin = explode('/', SYS_TARGET);
if ($targetPlugin[0] == 'webdav') {
$phpFile = G::ExpandPath('methods') . SYS_COLLECTION . PATH_SEP . 'webdav.php';
}
}
if (SYS_COLLECTION == 'login' && SYS_TARGET == 'login') {
$avoidChangedWorkspaceValidation = true;
}
//the index.php file, this new feature will allow automatically redirects to valid php file inside any methods folder
/* DEPRECATED
if ( SYS_TARGET == '' ) {
$phpFile = str_replace ( '.php', 'index.php', $phpFile );
$phpFile = include ( $phpFile );
}*/
$bWE = false;
$isControllerCall = false;
if (substr(SYS_COLLECTION, 0, 8) === 'gulliver') {
$phpFile = PATH_GULLIVER_HOME . 'methods/' . substr(SYS_COLLECTION, 8) . SYS_TARGET . '.php';
} else {
//when the file is part of the public directory of any PROCESS, this a ProcessMaker feature
if (preg_match('/^[0-9][[:alnum:]]+$/', SYS_COLLECTION) == 1) { //the pattern is /sysSYS/LANG/SKIN/PRO_UID/file
$auxPart = explode('/', $_SERVER['REQUEST_URI']);
$aAux = explode('?', $auxPart[count($auxPart) - 1]);
//$extPart = explode ( '.' , $auxPart[ count($auxPart)-1] );
$extPart = explode('.', $aAux[0]);
$queryPart = isset($aAux[1]) ? $aAux[1] : "";
$extension = $extPart[count($extPart) - 1];
$phpFile = PATH_DATA_SITE . 'public' . PATH_SEP . SYS_COLLECTION . PATH_SEP . urldecode($auxPart[count($auxPart) - 1]);
$aAux = explode('?', $phpFile);
$phpFile = $aAux[0];
if ($extension != 'php') {
G::streamFile($phpFile);
die;
}
$avoidChangedWorkspaceValidation = true;
$bWE = true;
//$phpFile = PATH_DATA_SITE . 'public' . PATH_SEP . SYS_COLLECTION . PATH_SEP . $auxPart[ count($auxPart)-1];
}
//erik: verify if it is a Controller Class or httpProxyController Class
if (is_file(PATH_CONTROLLERS . SYS_COLLECTION . '.php')) {
$pathFile = $filter->validateInput(PATH_CONTROLLERS . SYS_COLLECTION . '.php', 'path');
require_once $pathFile;
$controllerClass = SYS_COLLECTION;
//if the method name is empty set default to index method
$controllerAction = SYS_TARGET != '' ? SYS_TARGET : 'index';
//if the method exists
if (is_callable(Array($controllerClass, $controllerAction))) {
$isControllerCall = true;
}
}
if (!$isControllerCall && !file_exists($phpFile) && !$isRestRequest) {
$_SESSION['phpFileNotFound'] = $_SERVER['REQUEST_URI'];
header("location: /errors/error404.php?url=" . urlencode($_SERVER['REQUEST_URI']));
die;
}
}
//redirect to login, if user changed the workspace in the URL
if (!$avoidChangedWorkspaceValidation && isset($_SESSION['WORKSPACE']) && $_SESSION['WORKSPACE'] != config("system.workspace")) {
$_SESSION['WORKSPACE'] = config("system.workspace");
G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_SYSTEM', "error");
// verify if the current skin is a 'ux' variant
$urlPart = substr(SYS_SKIN, 0, 2) == 'ux' && SYS_SKIN != 'uxs' ? '/main/login' : '/login/login';
header('Location: /sys' . config("system.workspace") . '/' . SYS_LANG . '/' . SYS_SKIN . $urlPart);
die;
}
// enable rbac
$RBAC = RBAC::getSingleton(PATH_DATA, session_id());
$RBAC->sSystem = 'PROCESSMAKER';
// define and send Headers for all pages
if (!defined('EXECUTE_BY_CRON')) {
header("Expires: " . gmdate("D, d M Y H:i:s", mktime(0, 0, 0, date('m'), date('d') - 1, date('Y'))) . " GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
// get the language direction from ServerConf
define('SYS_LANG_DIRECTION', $oServerConf->getLanDirection());
if ((isset($_SESSION['USER_LOGGED'])) && (!(isset($_GET['sid'])))) {
if (PHP_VERSION < 5.2) {
setcookie(session_name(), session_id(), time() + $timelife, '/', '; HttpOnly');
} else {
setcookie(session_name(), session_id(), time() + $timelife, '/', null, false, true);
}
$RBAC->initRBAC();
//using optimization with memcache, the user data will be in memcache 8 hours, or until session id goes invalid
$memKey = 'rbacSession' . session_id();
if (($RBAC->aUserInfo = $memcache->get($memKey)) === false) {
$RBAC->loadUserRolePermission($RBAC->sSystem, $_SESSION['USER_LOGGED']);
$memcache->set($memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS);
}
} else {
// this is the blank list to allow execute scripts with no login (without session started)
$noLoginFiles = $noLoginFolders = [];
$noLoginFiles[] = 'login';
$noLoginFiles[] = 'authentication';
$noLoginFiles[] = 'login_Ajax';
$noLoginFiles[] = 'dbInfo';
$noLoginFiles[] = 'sysLoginVerify';
$noLoginFiles[] = 'processes_Ajax';
$noLoginFiles[] = 'showLogoFile';
$noLoginFiles[] = 'forgotPassword';
$noLoginFiles[] = 'retrivePassword';
$noLoginFiles[] = 'genericAjax';
$noLoginFolders[] = 'services';
$noLoginFolders[] = 'tracker';
$noLoginFolders[] = 'installer';
// This sentence is used when you lost the Session
if (!in_array(SYS_TARGET, $noLoginFiles)
&& !in_array(SYS_COLLECTION, $noLoginFolders)
&& $bWE != true && $collectionPlugin != 'services'
&& !$isRestRequest
) {
$bRedirect = true;
if (isset($_GET['sid'])) {
$oSessions = new Sessions();
if ($aSession = $oSessions->verifySession($_GET['sid'])) {
require_once 'classes/model/Users.php';
$oUser = new Users();
$aUser = $oUser->load($aSession['USR_UID']);
initUserSession($aUser['USR_UID'], $aUser['USR_USERNAME']);
$bRedirect = false;
if (PHP_VERSION < 5.2) {
setcookie(session_name(), session_id(), time() + $timelife, '/', '; HttpOnly');
} else {
setcookie(session_name(), session_id(), time() + $timelife, '/', null, false, true);
}
$RBAC->initRBAC();
$RBAC->loadUserRolePermission($RBAC->sSystem, $_SESSION['USER_LOGGED']);
$memKey = 'rbacSession' . session_id();
$memcache->set($memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS);
}
}
if ((isset($_SESSION['USER_LOGGED'])) && (!(isset($_GET['sid'])))) {
if (PHP_VERSION < 5.2) {
setcookie(session_name(), session_id(), time() + $timelife, '/', '; HttpOnly');
} else {
setcookie(session_name(), session_id(), time() + $timelife, '/', null, false, true);
}
$RBAC->initRBAC();
//using optimization with memcache, the user data will be in memcache 8 hours, or until session id goes invalid
$memKey = 'rbacSession' . session_id();
if (($RBAC->aUserInfo = $memcache->get($memKey)) === false) {
$RBAC->loadUserRolePermission($RBAC->sSystem, $_SESSION['USER_LOGGED']);
$memcache->set($memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS);
}
} else {
// this is the blank list to allow execute scripts with no login (without session started)
$noLoginFiles = $noLoginFolders = [];
$noLoginFiles[] = 'login';
$noLoginFiles[] = 'authentication';
$noLoginFiles[] = 'login_Ajax';
$noLoginFiles[] = 'dbInfo';
$noLoginFiles[] = 'sysLoginVerify';
$noLoginFiles[] = 'processes_Ajax';
$noLoginFiles[] = 'showLogoFile';
$noLoginFiles[] = 'forgotPassword';
$noLoginFiles[] = 'retrivePassword';
$noLoginFiles[] = 'genericAjax';
$noLoginFolders[] = 'services';
$noLoginFolders[] = 'tracker';
$noLoginFolders[] = 'installer';
// This sentence is used when you lost the Session
if (!in_array(SYS_TARGET, $noLoginFiles)
&& !in_array(SYS_COLLECTION, $noLoginFolders)
&& $bWE != true && $collectionPlugin != 'services'
&& !$isRestRequest
) {
$bRedirect = true;
if (isset($_GET['sid'])) {
$oSessions = new Sessions();
if ($aSession = $oSessions->verifySession($_GET['sid'])) {
require_once 'classes/model/Users.php';
$oUser = new Users();
$aUser = $oUser->load($aSession['USR_UID']);
$_SESSION['USER_LOGGED'] = $aUser['USR_UID'];
$_SESSION['USR_USERNAME'] = $aUser['USR_USERNAME'];
$bRedirect = false;
if (PHP_VERSION < 5.2) {
setcookie(session_name(), session_id(), time() + $timelife, '/', '; HttpOnly');
} else {
setcookie(session_name(), session_id(), time() + $timelife, '/', null, false, true);
}
$RBAC->initRBAC();
$RBAC->loadUserRolePermission($RBAC->sSystem, $_SESSION['USER_LOGGED']);
$memKey = 'rbacSession' . session_id();
$memcache->set($memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS);
}
}
if ($bRedirect) {
if (substr(SYS_SKIN, 0,
2) == 'ux' && SYS_SKIN != 'uxs'
) { // verify if the current skin is a 'ux' variant
$loginUrl = 'main/login';
} else {
if (strpos($_SERVER['REQUEST_URI'],
'/home') !== false
) { //verify is it is using the uxs skin for simplified interface
$loginUrl = 'home/login';
} else {
$loginUrl = 'login/login'; // just set up the classic login
}
}
if (empty($_POST)) {
header('location: ' . SYS_URI . $loginUrl . '?u=' . urlencode($_SERVER['REQUEST_URI']));
} else {
if ($isControllerCall) {
header("HTTP/1.0 302 session lost in controller");
} else {
header('location: ' . SYS_URI . $loginUrl);
}
}
die();
}
}
}
$_SESSION['phpLastFileFound'] = $_SERVER['REQUEST_URI'];
/**
* New feature for Gulliver framework to support Controllers & HttpProxyController classes handling
*
* @author Erik Amaru Ortiz <erik@colosa.com, aortiz.erik@gmail.com>
*/
if ($isControllerCall) { //Instance the Controller object and call the request method
$controller = new $controllerClass();
$controller->setHttpRequestData($_REQUEST);
$controller->call($controllerAction);
} elseif ($isRestRequest) {
G::dispatchRestService(SYS_TARGET, $restConfig, $restApiClassPath);
} else {
require_once $filter->validateInput($phpFile, 'path');
}
if (defined('SKIP_HEADERS')) {
header("Expires: " . gmdate("D, d M Y H:i:s",
mktime(0, 0, 0, date('m'), date('d'), date('Y') + 1)) . " GMT");
header('Cache-Control: public');
header('Pragma: ');
}
ob_end_flush();
if (DEBUG_TIME_LOG) {
G::logTimeByPage(); //log this page
}
}
}
}

7
workflow/public_html/pmGmail/sso.php
View File

@@ -98,11 +98,8 @@ if (!isset($_SESSION['USER_LOGGED']) || $_SESSION['USER_LOGGED'] != $decodedResp
session_start();
session_regenerate_id();
if (PHP_VERSION < 5.2) {
setcookie("workspaceSkin", $enviroment, time() + (24 * 60 * 60), "/sys" . $enviroment, "; HttpOnly");
} else {
setcookie("workspaceSkin", $enviroment, time() + (24 * 60 * 60), "/sys" . $enviroment, null, false, true);
}
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60), 'path' => '/sys' . $enviroment, 'httponly' => true]);
setcookie('workspaceSkin', $enviroment, $cookieOptions);
$_SESSION = array();
$_SESSION['__EE_INSTALLATION__'] = 2;

14
workflow/public_html/sysGeneric.php
View File

@@ -944,11 +944,8 @@ if (!defined('EXECUTE_BY_CRON')) {
(!(preg_match("/safari/i", $_SERVER ['HTTP_USER_AGENT']) == 1 && preg_match("/chrome/i",
$_SERVER ['HTTP_USER_AGENT']) == 0) ||
$config['safari_cookie_lifetime'] == 1)) {
if (PHP_VERSION < 5.2) {
setcookie(session_name(), session_id(), time() + $timelife, '/', '; HttpOnly');
} else {
setcookie(session_name(), session_id(), time() + $timelife, '/', null, G::is_https(), true);
}
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + $timelife, 'httponly' => true]);
setcookie(session_name(), session_id(), $cookieOptions);
}
$RBAC->initRBAC();
//using optimization with memcache, the user data will be in memcache 8 hours, or until session id goes invalid
@@ -1024,11 +1021,8 @@ if (!defined('EXECUTE_BY_CRON')) {
(!(preg_match("/safari/i", $_SERVER ['HTTP_USER_AGENT']) == 1 && preg_match("/chrome/i",
$_SERVER ['HTTP_USER_AGENT']) == 0) ||
$config['safari_cookie_lifetime'] == 1)) {
if (PHP_VERSION < 5.2) {
setcookie(session_name(), session_id(), time() + $timelife, '/', '; HttpOnly');
} else {
setcookie(session_name(), session_id(), time() + $timelife, '/', null, G::is_https(), true);
}
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + $timelife, 'httponly' => true]);
setcookie(session_name(), session_id(), $cookieOptions);
}
$RBAC->initRBAC();
$RBAC->loadUserRolePermission($RBAC->sSystem, $_SESSION['USER_LOGGED']);