fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/feature/HOR-3559' into feature/HOR-3629

Browse Source
This commit is contained in:
Ronald Quenta
2017-08-09 08:13:09 -04:00
parent 14e81863d2 b839a247d9
commit c6142eafe5
9 changed files with 701 additions and 584 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
workflow/engine/methods/login/login.php
View File

@@ -36,10 +36,23 @@ if ($browserSupported==false){
/*----------------------------------********---------------------------------*/
$aFields = array();
if (!isset($_GET['u'])) {
$aFields['URL'] = '';
} else {
$aFields['URL'] = htmlspecialchars(addslashes(stripslashes(strip_tags(trim(urldecode($_GET['u']))))));
//Validated redirect url
$aFields['URL'] = '';
if (!empty($_GET['u'])) {
//clean url with protocols
$flagUrl = true;
//Most used protocols
$protocols = ['https://', 'http://', 'ftp://', 'sftp://','smb://', 'file:', 'mailto:'];
foreach ($protocols as $protocol) {
if (strpos($_GET['u'], $protocol) !== false) {
$_GET['u'] = '';
$flagUrl = false;
break;
}
}
if ($flagUrl) {
$aFields['URL'] = htmlspecialchars(addslashes(stripslashes(strip_tags(trim(urldecode($_GET['u']))))));
}
}
if (!isset($_SESSION['G_MESSAGE'])) {

143
workflow/engine/methods/mails/emailsAjax.php
View File

@@ -1,26 +1,34 @@
<?php
use ProcessMaker\Plugins\PluginRegistry;
use ProcessMaker\Exception\RBACException;
$req = (isset($_POST['request']))? $_POST['request']:((isset($_REQUEST['request']))? $_REQUEST['request'] : 'No hayyy tal');
$req = (isset($_REQUEST['request']) ? $_REQUEST['request'] : '');
require_once 'classes/model/Content.php';
require_once 'classes/model/AppMessage.php';
require_once 'classes/model/AppDelegation.php';
require_once 'classes/model/Application.php';
/** @var RBAC $RBAC */
global $RBAC;
switch ($RBAC->userCanAccess('PM_LOGIN')) {
case -2:
throw new RBACException('ID_USER_HAVENT_RIGHTS_SYSTEM', -2);
break;
case -1:
throw new RBACException('ID_USER_HAVENT_RIGHTS_PAGE', -1);
break;
}
$RBAC->allows(basename(__FILE__), $req);
switch($req){
switch ($req) {
case 'MessageList':
$start = (isset($_REQUEST['start']))? $_REQUEST['start'] : '0';
$limit = (isset($_REQUEST['limit']))? $_REQUEST['limit'] : '25';
$proUid = (isset($_REQUEST['process']))? $_REQUEST['process'] : '';
$eventype = (isset($_REQUEST['type']))? $_REQUEST['type'] : '';
$emailStatus = (isset($_REQUEST['status']))? $_REQUEST['status'] : '';
$sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : '';
$dir = isset($_REQUEST['dir']) ? $_REQUEST['dir'] : 'ASC';
$dateFrom = isset( $_POST["dateFrom"] ) ? substr( $_POST["dateFrom"], 0, 10 ) : "";
$dateTo = isset( $_POST["dateTo"] ) ? substr( $_POST["dateTo"], 0, 10 ) : "";
$filterBy = (isset($_REQUEST['filterBy']))? $_REQUEST['filterBy'] : 'ALL';
$start = (isset($_REQUEST['start'])) ? $_REQUEST['start'] : '0';
$limit = (isset($_REQUEST['limit'])) ? $_REQUEST['limit'] : '25';
$proUid = (isset($_REQUEST['process'])) ? $_REQUEST['process'] : '';
$eventype = (isset($_REQUEST['type'])) ? $_REQUEST['type'] : '';
$emailStatus = (isset($_REQUEST['status'])) ? $_REQUEST['status'] : '';
$sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : '';
$dir = isset($_REQUEST['dir']) ? $_REQUEST['dir'] : 'ASC';
$dateFrom = isset($_POST["dateFrom"]) ? substr($_POST["dateFrom"], 0, 10) : "";
$dateTo = isset($_POST["dateTo"]) ? substr($_POST["dateTo"], 0, 10) : "";
$filterBy = (isset($_REQUEST['filterBy'])) ? $_REQUEST['filterBy'] : 'ALL';
$response = new stdclass();
$response->status = 'OK';
@@ -31,10 +39,10 @@ switch($req){
$criteria->addJoin(AppMessagePeer::APP_UID, ApplicationPeer::APP_UID, Criteria::LEFT_JOIN);
if ($emailStatus != '') {
$criteria->add( AppMessagePeer::APP_MSG_STATUS, $emailStatus);
$criteria->add(AppMessagePeer::APP_MSG_STATUS, $emailStatus);
}
if ($proUid != '') {
$criteria->add( ApplicationPeer::PRO_UID, $proUid);
$criteria->add(ApplicationPeer::PRO_UID, $proUid);
}
$arrayType = [];
@@ -74,14 +82,14 @@ switch($req){
$dateTo = $dateTo . " 23:59:59";
}
$criteria->add( $criteria->getNewCriterion( AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL )->addAnd( $criteria->getNewCriterion( AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL ) ) );
$criteria->add($criteria->getNewCriterion(AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL)->addAnd($criteria->getNewCriterion(AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL)));
} else {
$dateFrom = $dateFrom . " 00:00:00";
$criteria->add( AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL );
$criteria->add(AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL);
}
} elseif ($dateTo != "") {
$dateTo = $dateTo . " 23:59:59";
$criteria->add( AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL );
$criteria->add(AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL);
}
//Number records total
@@ -119,10 +127,10 @@ switch($req){
$criteria->addSelectColumn(ProcessPeer::PRO_TITLE);
if ($emailStatus != '') {
$criteria->add( AppMessagePeer::APP_MSG_STATUS, $emailStatus);
$criteria->add(AppMessagePeer::APP_MSG_STATUS, $emailStatus);
}
if ($proUid != '') {
$criteria->add( ApplicationPeer::PRO_UID, $proUid);
$criteria->add(ApplicationPeer::PRO_UID, $proUid);
}
switch ($filterBy) {
@@ -153,24 +161,27 @@ switch($req){
$dateTo = $dateTo . " 23:59:59";
}
$criteria->add( $criteria->getNewCriterion( AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL )->addAnd( $criteria->getNewCriterion( AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL ) ) );
$criteria->add($criteria->getNewCriterion(AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL)->addAnd($criteria->getNewCriterion(AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL)));
} else {
$dateFrom = $dateFrom . " 00:00:00";
$criteria->add( AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL );
$criteria->add(AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL);
}
} elseif ($dateTo != "") {
$dateTo = $dateTo . " 23:59:59";
$criteria->add( AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL );
$criteria->add(AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL);
}
if ($sort != '') {
if (!in_array($sort, AppMessagePeer::getFieldNames(BasePeer::TYPE_FIELDNAME))) {
throw new Exception(G::LoadTranslation('ID_INVALID_VALUE_FOR', array('$sort')));
}
if ($dir == 'ASC') {
$criteria->addAscendingOrderByColumn($sort);
} else {
$criteria->addDescendingOrderByColumn($sort);
}
} else {
$oCriteria->addDescendingOrderByColumn(AppMessagePeer::APP_MSG_SEND_DATE );
$oCriteria->addDescendingOrderByColumn(AppMessagePeer::APP_MSG_SEND_DATE);
}
if ($limit != '') {
$criteria->setLimit($limit);
@@ -188,60 +199,60 @@ switch($req){
$index = 1;
$content = new Content();
$tasTitleDefault = G::LoadTranslation('ID_TASK_NOT_RELATED');
while ( $result->next() ) {
while ($result->next()) {
$row = $result->getRow();
$row['APP_MSG_FROM'] =htmlentities($row['APP_MSG_FROM'], ENT_QUOTES, "UTF-8");
$row['APP_MSG_STATUS'] = ucfirst ( $row['APP_MSG_STATUS']);
$row['APP_MSG_FROM'] = htmlentities($row['APP_MSG_FROM'], ENT_QUOTES, "UTF-8");
$row['APP_MSG_STATUS'] = ucfirst($row['APP_MSG_STATUS']);
switch ($filterBy) {
case 'CASES':
if ($row['DEL_INDEX'] != 0) {
$index = $row['DEL_INDEX'];
}
case 'CASES':
if ($row['DEL_INDEX'] != 0) {
$index = $row['DEL_INDEX'];
}
$criteria = new Criteria();
$criteria = new Criteria();
$criteria->addSelectColumn(AppCacheViewPeer::APP_TITLE);
$criteria->addSelectColumn(AppCacheViewPeer::APP_TAS_TITLE);
$criteria->add(AppCacheViewPeer::APP_UID, $row['APP_UID'], Criteria::EQUAL);
$criteria->add(AppCacheViewPeer::DEL_INDEX, $index, Criteria::EQUAL);
$criteria->addSelectColumn(AppCacheViewPeer::APP_TITLE);
$criteria->addSelectColumn(AppCacheViewPeer::APP_TAS_TITLE);
$criteria->add(AppCacheViewPeer::APP_UID, $row['APP_UID'], Criteria::EQUAL);
$criteria->add(AppCacheViewPeer::DEL_INDEX, $index, Criteria::EQUAL);
$resultCacheView = AppCacheViewPeer::doSelectRS($criteria);
$resultCacheView->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$resultCacheView = AppCacheViewPeer::doSelectRS($criteria);
$resultCacheView->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$row['APP_TITLE'] = '-';
$row['APP_TITLE'] = '-';
while ($resultCacheView->next()) {
$rowCacheView = $resultCacheView->getRow();
$row['APP_TITLE'] = $rowCacheView['APP_TITLE'];
$row['TAS_TITLE'] = $rowCacheView['APP_TAS_TITLE'];
}
while ($resultCacheView->next()) {
$rowCacheView = $resultCacheView->getRow();
$row['APP_TITLE'] = $rowCacheView['APP_TITLE'];
$row['TAS_TITLE'] = $rowCacheView['APP_TAS_TITLE'];
}
if ($row['DEL_INDEX'] == 0) {
$row['TAS_TITLE'] = $tasTitleDefault;
}
break;
case 'TEST':
$row['PRO_UID'] = '';
$row['APP_NUMBER'] = '';
$row['PRO_TITLE'] = '';
$row['APP_TITLE'] = '';
$row['TAS_TITLE'] = '';
break;
case 'EXTERNAL-REGISTRATION':
$row['PRO_UID'] = '';
$row['APP_NUMBER'] = '';
$row['PRO_TITLE'] = '';
$row['APP_TITLE'] = '';
$row['TAS_TITLE'] = '';
break;
if ($row['DEL_INDEX'] == 0) {
$row['TAS_TITLE'] = $tasTitleDefault;
}
break;
case 'TEST':
$row['PRO_UID'] = '';
$row['APP_NUMBER'] = '';
$row['PRO_TITLE'] = '';
$row['APP_TITLE'] = '';
$row['TAS_TITLE'] = '';
break;
case 'EXTERNAL-REGISTRATION':
$row['PRO_UID'] = '';
$row['APP_NUMBER'] = '';
$row['PRO_TITLE'] = '';
$row['APP_TITLE'] = '';
$row['TAS_TITLE'] = '';
break;
}
$data[] = $row;
}
$response = array();
$response['totalCount'] = $totalCount;
$response['data'] = $data;
$response['data'] = $data;
die(G::json_encode($response));
break;
case 'updateStatusMessage':