Merge branch 'master' into enable-rest-api-from-plugins

2015-04-28 08:12:34 -05:00
parent 2a4b59f71f 6fdb3308af
commit c9a92b499c
50 changed files with 331 additions and 156 deletions
--- a/gulliver/core/Session/PmSessionHandler.php
+++ b/gulliver/core/Session/PmSessionHandler.php
@@ -229,7 +229,7 @@ class PmSessionHandler //implements SessionHandlerInterface
    /**
     * Garbase Collection method 
     * 
-     * @param  int $maxlifetime max time that especify if the session is active or not
+     * @param int $maxlifetime max time that specifies if the session is active or not
     * @return bool always returns true
     */
    public function gc($maxlifetime)
@@ -255,4 +255,4 @@ class PmSessionHandler //implements SessionHandlerInterface
        error_log('PM Session Handler :: ' . print_r($data, true));
    }
-}
+}
--- a/gulliver/js/highlight/core/test.html
+++ b/gulliver/js/highlight/core/test.html
@@ -160,7 +160,7 @@ abstract class Zend_Uri
         */
        $uri = explode(':', $uri, 2);
        $scheme = strtolower($uri[0]);
-        $schemeSpecific = isset($uri[1]) ? $uri[1] : '';
+        $schemeSpecify = isset($uri[1]) ? $uri[1] : '';
        if (!strlen($scheme)) {
            throw new Zend_Uri_Exception('An empty string was supplied for the scheme');
@@ -617,4 +617,4 @@ public boolean unpack(container packedClass)
 <pre><code class="no-highlight">&lt;div id="contents"&gt;
  &lt;p&gt;Hello, World!
 &lt;/div&gt;
-</code></pre>
+</code></pre>
--- a/gulliver/system/class.bootstrap.php
+++ b/gulliver/system/class.bootstrap.php
@@ -463,7 +463,7 @@ class Bootstrap
        $filter = new InputFilter();
        $file = $filter->xssFilterHard($file);
        $downloadFileName = $filter->xssFilterHard($downloadFileName);
-        
+
        $fileNameIni = $file;
        $browserCacheFilesUid = G::browserCacheFilesGetUid();
@@ -1273,7 +1273,7 @@ class Bootstrap
        $checkSum = '';
        foreach ($files as $file) {
            if (is_file($file)) {
-                $checkSum .= md5_file($file);
+                $checkSum .= Bootstrap::encryptFileOld($file);
            }
        }
        return Bootstrap::encryptOld($checkSum . $key);
@@ -1376,7 +1376,7 @@ class Bootstrap
    {
        global $translation;
-        // if the second parameter $lang is an array does mean it was especified to use as data
+        // if the second parameter ($lang) is an array, it was specified to use it as data
        if (is_array($lang)) {
            $data = $lang;
            $lang = SYS_LANG;
@@ -1409,7 +1409,7 @@ class Bootstrap
     *
     * @param $path path to scan recursively the write permission
     * @param $flags to notive glob function
-     * @param $pattern pattern to filter some especified files
+     * @param $pattern pattern to filter some specified files
     * @return <array> array containing the recursive glob results
     */
    public function rglob($pattern = '*', $flags = 0, $path = '')
@@ -2894,7 +2894,7 @@ class Bootstrap
        if ($hashType == '') {
            $hashType = Bootstrap::getPasswordHashType();
        }
-        
+
        G::LoadSystem('inputfilter');
        $filter = new InputFilter();
        $hashType = $filter->validateInput($hashType);
@@ -2934,4 +2934,3 @@ class Bootstrap
        return md5($string);
    }
 }
--- a/gulliver/system/class.g.php
+++ b/gulliver/system/class.g.php
@@ -2095,7 +2095,7 @@ class G
    {
        global $translation;
-        // if the second parameter $lang is an array does mean it was especified to use as data
+        // if the second parameter ($lang) is an array, it was specified to use as data
        if (is_array( $lang )) {
            $data = $lang;
            $lang = SYS_LANG;
@@ -2634,8 +2634,8 @@ class G
            $oldumask = umask( 0 );
            if (! is_dir( $path )) {
                G::verifyPath( $path, true );
-            }     
+            }
-            
+
            if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
                $file = str_replace("\\\\","\\",$file,$count);
                if(!$count) {
@@ -2647,13 +2647,13 @@ class G
                        }
                    }
                    $file = substr($file,0,-1);
-                }   
+                }
            }
-            
+
            G::LoadSystem('inputfilter');
            $filter = new InputFilter();
-            $file = $filter->validateInput($file, "path"); 
+            $file = $filter->validateInput($file, "path");
-            
+
            move_uploaded_file( $file, $path . "/" . $nameToSave );
            @chmod( $path . "/" . $nameToSave, $permission );
            umask( $oldumask );
@@ -3133,6 +3133,9 @@ class G
     */
    public function evalJScript ($c)
    {
        G::LoadSystem('inputfilter');
        $filter = new InputFilter();
        $c = $filter->xssFilterHard($c);
        print ("<script language=\"javascript\">{$c}</script>") ;
    }
@@ -3634,7 +3637,7 @@ class G
     * @author Erik Amaru Ortiz <erik@colosa.com>
     *
     * @param $path path to scan recursively the write permission
-     * @param $pattern pattern to filter some especified files
+     * @param $pattern pattern to filter some specified files
     * @return <boolean> if the $path, assuming that is a directory -> all files in it are writeables or not
     */
    public function is_rwritable($path, $pattern = '*')
@@ -3655,7 +3658,7 @@ class G
     *
     * @param $path path to scan recursively the write permission
     * @param $flags to notive glob function
-     * @param $pattern pattern to filter some especified files
+     * @param $pattern pattern to filter some specified files
     * @return <array> array containing the recursive glob results
     */
    public static function rglob($pattern = '*', $flags = 0, $path = '')
@@ -4582,7 +4585,7 @@ class G
        $checkSum = '';
        foreach ($files as $file) {
            if (is_file( $file )) {
-                $checkSum .= md5_file( $file );
+                $checkSum .= G::encryptFileOld( $file );
            }
        }
        return G::encryptOld( $checkSum . $key );
@@ -5600,6 +5603,17 @@ class G
        return md5($string);
    }
    /**
    * encryptFileOld
    *
    * @param string $string
    *
    * @return md5_file($string)
    */
    public function encryptFileOld ($string)
    {
        return md5_file($string);
    }
    /**
    * crc32
    *
    * @param string $string
@@ -5705,4 +5719,3 @@ function __ ($msgID, $lang = SYS_LANG, $data = null)
 {
    return G::LoadTranslation( $msgID, $lang, $data );
 }
--- a/gulliver/thirdparty/creole/drivers/pgsql/metadata/PgSQLTableInfo.php
+++ b/gulliver/thirdparty/creole/drivers/pgsql/metadata/PgSQLTableInfo.php
@@ -80,8 +80,7 @@ class PgSQLTableInfo extends TableInfo {
        require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
        $filter = new InputFilter();
        $this->oid = $filter->validateInput($this->oid, 'int');
-        
+        $query = "SELECT
    	$result = pg_query ($this->conn->getResource(), sprintf ("SELECT 
    								att.attname,
    								att.atttypmod,
    								att.atthasdef,
@@ -102,7 +101,9 @@ class PgSQLTableInfo extends TableInfo {
 									LEFT OUTER JOIN pg_attrdef def ON adrelid=att.attrelid AND adnum=att.attnum
 								WHERE att.attrelid = %d AND att.attnum > 0
 									AND att.attisdropped IS FALSE
-								ORDER BY att.attnum", $this->oid));
+								ORDER BY att.attnum";
 				$query = $filter->preventSqlInjection($query);
    	$result = pg_query ($this->conn->getResource(), sprintf ($query, $this->oid));
        if (!$result) {
            throw new SQLException("Could not list fields for table: " . $this->name, pg_last_error($this->conn->getResource()));
@@ -224,8 +225,7 @@ class PgSQLTableInfo extends TableInfo {
        require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
        $filter = new InputFilter();
        $strDomain = $filter->validateInput($strDomain);
-        
+      $query = "SELECT
    	$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
 														d.typname as domname,
 														b.typname as basetype,
 														d.typlen,
@@ -237,7 +237,9 @@ class PgSQLTableInfo extends TableInfo {
 													WHERE
 														d.typtype = 'd'
 														AND d.typname = '%s'
-													ORDER BY d.typname", $strDomain));
+													ORDER BY d.typname";
    	$query = $filter->preventSqlInjection($query);
    	$result = pg_query ($this->conn->getResource(), sprintf ($query, $strDomain));
        if (!$result) {
            throw new SQLException("Query for domain [" . $strDomain . "] failed.", pg_last_error($this->conn->getResource()));
@@ -276,7 +278,7 @@ class PgSQLTableInfo extends TableInfo {
        $filter = new InputFilter();
        $this->oid = $filter->validateInput($this->oid, 'int');
-        $result = pg_query ($this->conn->getResource(), sprintf ("SELECT
+        $query = "SELECT
 						      conname,
 						      confupdtype,
 						      confdeltype,
@@ -294,7 +296,9 @@ class PgSQLTableInfo extends TableInfo {
 						     AND conrelid = %d
 						     AND a2.attnum = ct.conkey[1]
 						     AND a1.attnum = ct.confkey[1]
-						ORDER BY conname", $this->oid));
+						ORDER BY conname";
        $query = $filter->preventSqlInjection($query);
        $result = pg_query ($this->conn->getResource(), sprintf ($query, $this->oid));
        if (!$result) {
            throw new SQLException("Could not list foreign keys for table: " . $this->name, pg_last_error($this->conn->getResource()));
        }
@@ -371,15 +375,17 @@ class PgSQLTableInfo extends TableInfo {
        $filter = new InputFilter();
        $this->oid = $filter->validateInput($this->oid, 'int');
-		$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
+		    $query = "SELECT
-													      DISTINCT ON(cls.relname)
+												DISTINCT ON(cls.relname)
-													      cls.relname as idxname,
+												cls.relname as idxname,
-													      indkey,
+												indkey,
-													      indisunique
+												indisunique
-													FROM pg_index idx
+									FROM pg_index idx
-													     JOIN pg_class cls ON cls.oid=indexrelid
+									JOIN pg_class cls ON cls.oid=indexrelid
-													WHERE indrelid = %d AND NOT indisprimary
+									WHERE indrelid = %d AND NOT indisprimary
-													ORDER BY cls.relname", $this->oid));
+									ORDER BY cls.relname";
 		    $query = $filter->preventSqlInjection($query);
 		    $result = pg_query ($this->conn->getResource(), sprintf ($query, $this->oid));
        if (!$result) {
@@ -407,10 +413,12 @@ class PgSQLTableInfo extends TableInfo {
            {
                $intColNum = $filter->validateInput($intColNum, 'int');
-	            $result2 = pg_query ($this->conn->getResource(), sprintf ("SELECT a.attname
+	            $query = "SELECT a.attname
 															FROM pg_catalog.pg_class c JOIN pg_catalog.pg_attribute a ON a.attrelid = c.oid
 															WHERE c.oid = '%s' AND a.attnum = %d AND NOT a.attisdropped
-															ORDER BY a.attnum", $this->oid, $intColNum));
+															ORDER BY a.attnum";
 	            $query = $filter->preventSqlInjection($query);
 	            $result2 = pg_query ($this->conn->getResource(), sprintf ($query, $this->oid, $intColNum));
 				if (!$result2)
 				{
            		throw new SQLException("Could not list indexes keys for table: " . $this->name, pg_last_error($this->conn->getResource()));
@@ -444,7 +452,7 @@ class PgSQLTableInfo extends TableInfo {
        $filter = new InputFilter();
        $this->oid = $filter->validateInput($this->oid);
-        $result = pg_query($this->conn->getResource(), sprintf ("SELECT
+        $query = "SELECT
 													      DISTINCT ON(cls.relname)
 													      cls.relname as idxname,
 													      indkey,
@@ -452,7 +460,9 @@ class PgSQLTableInfo extends TableInfo {
 													FROM pg_index idx
 													     JOIN pg_class cls ON cls.oid=indexrelid
 													WHERE indrelid = %s AND indisprimary
-													ORDER BY cls.relname", $this->oid));
+													ORDER BY cls.relname";
        $query = $filter->preventSqlInjection($query);
        $result = pg_query($this->conn->getResource(), sprintf ($query, $this->oid));
        if (!$result) {
            throw new SQLException("Could not list primary keys for table: " . $this->name, pg_last_error($this->conn->getResource()));
        }
@@ -477,10 +487,12 @@ class PgSQLTableInfo extends TableInfo {
            {
 	            $intColNum = $filter->validateInput($intColNum, 'int');
-	            $result2 = pg_query ($this->conn->getResource(), sprintf ("SELECT a.attname
+	            $query = "SELECT a.attname
 															FROM pg_catalog.pg_class c JOIN pg_catalog.pg_attribute a ON a.attrelid = c.oid
 															WHERE c.oid = '%s' AND a.attnum = %d AND NOT a.attisdropped
-															ORDER BY a.attnum", $this->oid, $intColNum));
+															ORDER BY a.attnum";
 	            $query = $filter->preventSqlInjection($query);
 	            $result2 = pg_query ($this->conn->getResource(), sprintf ($query, $this->oid, $intColNum));
 				if (!$result2)
 				{
            		throw new SQLException("Could not list indexes keys for table: " . $this->name, pg_last_error($this->conn->getResource()));
--- a/gulliver/thirdparty/creole/drivers/sqlite/metadata/SQLiteTableInfo.php
+++ b/gulliver/thirdparty/creole/drivers/sqlite/metadata/SQLiteTableInfo.php
@@ -123,7 +123,9 @@ class SQLiteTableInfo extends TableInfo {
            $this->indexes[$name] = new IndexInfo($name);
            // get columns for that index
-            $res2 = sqlite_query($this->conn->getResource(), "PRAGMA index_info('$name')");
+            $query = "PRAGMA index_info('$name')";
            $query = $filter->preventSqlInjection($query);
            $res2 = sqlite_query($this->conn->getResource(), $query);
            while($row2 = sqlite_fetch_array($res2, SQLITE_ASSOC)) {
                $colname = $row2['name'];
                $this->indexes[$name]->addColumn($this->columns[ $colname ]);
--- a/gulliver/thirdparty/pear/PEAR/Frontend/CLI.php
+++ b/gulliver/thirdparty/pear/PEAR/Frontend/CLI.php
@@ -72,6 +72,15 @@ class PEAR_Frontend_CLI extends PEAR
    function _displayLine($text)
    {
        $realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
        $docuroot = explode( '/', $realdocuroot );
        array_pop( $docuroot );
        $pathhome = implode( '/', $docuroot ) . '/';
        array_pop( $docuroot );
        $pathTrunk = implode( '/', $docuroot ) . '/';
        require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
        $filter = new InputFilter();
        $text = $filter->xssFilterHard($text);
        print "$this->lp$text\n";
    }
@@ -124,15 +133,25 @@ class PEAR_Frontend_CLI extends PEAR
    function userDialog($command, $prompts, $types = array(), $defaults = array())
    {
        $realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
        $docuroot = explode( '/', $realdocuroot );
        array_pop( $docuroot );
        $pathhome = implode( '/', $docuroot ) . '/';
        array_pop( $docuroot );
        $pathTrunk = implode( '/', $docuroot ) . '/';
        require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
        $filter = new InputFilter();
        $result = array();
        if (is_array($prompts)) {
            $fp = fopen("php://stdin", "r");
            foreach ($prompts as $key => $prompt) {
                $type = $types[$key];
                $default = @$defaults[$key];
                $default = $filter->xssFilterHard($default);
                if ($type == 'password') {
                    system('stty -echo');
                }
                $prompt = $filter->xssFilterHard($prompt);
                print "$this->lp$prompt ";
                if ($default) {
                    print "[$default] ";
--- a/gulliver/thirdparty/pear/SOAP/Interop/interop_client_run.php
+++ b/gulliver/thirdparty/pear/SOAP/Interop/interop_client_run.php
@@ -82,10 +82,19 @@ function print_test_names()
 function print_endpoint_names()
 {
    global $iop;
    $realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
    $docuroot = explode( '/', $realdocuroot );
    array_pop( $docuroot );
    $pathhome = implode( '/', $docuroot ) . '/';
    array_pop( $docuroot );
    $pathTrunk = implode( '/', $docuroot ) . '/';
    require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
    $filter = new InputFilter();
    $currTest = $filter->xssFilterHard($iop->currentTest);
    if (!$iop->getEndpoints($iop->currentTest)) {
-        die("Unable to retrieve endpoints for $iop->currentTest\n");
+        die("Unable to retrieve endpoints for $currTest\n");
    }
-    print "Interop Servers for $iop->currentTest:\n";
+    print "Interop Servers for $currTestt:\n";
    foreach ($iop->endpoints as $server) {
        print "  $server->name\n";
    }
--- a/gulliver/thirdparty/pear/class.wsdlcache.php
+++ b/gulliver/thirdparty/pear/class.wsdlcache.php
@@ -134,7 +134,7 @@ class wsdlcache {
 			$this->debug("Lock for $filename already exists");
 			return false;
 		}
-		$this->fplock[md5($filename)] = fopen($filename.".lock", "w");
+		$this->fplock[G::encryptOld($filename)] = fopen($filename.".lock", "w");
 		if ($mode == "r") {
 			return flock($this->fplock[G::encryptOld($filename)], LOCK_SH);
 		} else {
@@ -173,9 +173,18 @@ class wsdlcache {
 	* @access private
 	*/
 	function releaseMutex($filename) {
-		$ret = flock($this->fplock[md5($filename)], LOCK_UN);
+		if(!class_exists('G')){
-		fclose($this->fplock[md5($filename)]);
+			$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
-		unset($this->fplock[md5($filename)]);
+			$docuroot = explode( '/', $realdocuroot );
 			array_pop( $docuroot );
 			$pathhome = implode( '/', $docuroot ) . '/';
 			array_pop( $docuroot );
 			$pathTrunk = implode( '/', $docuroot ) . '/';
 			require_once($pathTrunk.'gulliver/system/class.g.php');
 		}
 		$ret = flock($this->fplock[G::encryptOld($filename)], LOCK_UN);
 		fclose($this->fplock[G::encryptOld($filename)]);
 		unset($this->fplock[G::encryptOld($filename)]);
 		if (! $ret) {
 			$this->debug("Not able to release lock for $filename");
 		}
--- a/gulliver/thirdparty/phpmailer/class.phpmailer.php
+++ b/gulliver/thirdparty/phpmailer/class.phpmailer.php
@@ -2527,7 +2527,7 @@ class PHPMailer {
          $mimeType  = self::_mime_types($ext);
          if ( strlen($basedir) > 1 && substr($basedir, -1) != '/') { $basedir .= '/'; }
          if ( strlen($directory) > 1 && substr($directory, -1) != '/') { $directory .= '/'; }
-          if ( $this->AddEmbeddedImage($basedir.$directory.$filename, md5($url), $filename, 'base64', $mimeType) ) {
+          if ( $this->AddEmbeddedImage($basedir.$directory.$filename, G::encryptOld($url), $filename, 'base64', $mimeType) ) {
            $message = preg_replace("/".$images[1][$i]."=[\"']".preg_quote($url, '/')."[\"']/Ui", $images[1][$i]."=\"".$cid."\"", $message);
          }
        }
--- a/workflow/engine/bin/cron.php
+++ b/workflow/engine/bin/cron.php
@@ -5,7 +5,7 @@
 */
 if ( !defined('PATH_SEP') ) {
-  define('PATH_SEP', ( substr(PHP_OS, 0, 3) == 'WIN' ) ? '\\' : '/');
+    define("PATH_SEP", (substr(PHP_OS, 0, 3) == "WIN")? "\\" : "/");
 }
 $docuroot = explode(PATH_SEP, str_replace('engine' . PATH_SEP . 'methods' . PATH_SEP . 'services', '', dirname(__FILE__)));
@@ -129,7 +129,7 @@ if ($force || !$bCronIsRunning) {
            $oDirectory = dir(PATH_DB);
            $cws = 0;
-            while($sObject = $oDirectory->read()) {
+            while (($sObject = $oDirectory->read()) !== false) {
                if (($sObject != ".") && ($sObject != "..")) {
                    if (is_dir(PATH_DB . $sObject)) {
                        if (file_exists(PATH_DB . $sObject . PATH_SEP . "db.php")) {
@@ -141,6 +141,10 @@ if ($force || !$bCronIsRunning) {
                }
            }
        } else {
            if (!is_dir(PATH_DB . $ws) || !file_exists(PATH_DB . $ws . PATH_SEP . "db.php")) {
                throw new Exception("Error: The workspace \"$ws\" does not exist");
            }
            $cws = 1;
            system("php -f \"" . dirname(__FILE__) . PATH_SEP . "cron_single.php\" $ws \"$sDate\" \"$dateSystem\" $argsx", $retval);
--- a/workflow/engine/bin/cron_single.php
+++ b/workflow/engine/bin/cron_single.php
@@ -10,11 +10,6 @@ register_shutdown_function(
    )
 );
 /**
 * cron_single.php
 * @package workflow-engine-bin
 */
 if (!defined('SYS_LANG')) {
    define('SYS_LANG', 'en');
 }
@@ -220,9 +215,6 @@ Bootstrap::registerClass('CaseTrackerObject',    PATH_HOME . "engine/classes/mod
 Bootstrap::registerClass('BaseCaseTrackerObjectPeer',PATH_HOME . "engine/classes/model/om/BaseCaseTrackerObjectPeer.php");
 Bootstrap::registerClass('CaseTrackerObjectPeer',    PATH_HOME . "engine/classes/model/CaseTrackerObjectPeer.php");
 Bootstrap::registerClass('BaseConfiguration',   PATH_HOME . "engine/classes/model/om/BaseConfiguration.php");
 Bootstrap::registerClass('Configuration',       PATH_HOME . "engine/classes/model/Configuration.php");
 Bootstrap::registerClass('BaseDbSource',        PATH_HOME . "engine/classes/model/om/BaseDbSource.php");
 Bootstrap::registerClass('DbSource',            PATH_HOME . "engine/classes/model/DbSource.php");
@@ -367,7 +359,7 @@ Bootstrap::registerClass("AddonsManagerPeer",   PATH_HOME . "engine" . PATH_SEP
 Bootstrap::registerClass('dashboards',   PATH_HOME . "engine/classes/class.dashboards.php");
 /*----------------------------------********---------------------------------*/
-$arrayClass = array("EmailServer", "ListInbox", "ListParticipatedHistory");
+$arrayClass = array("Configuration", "EmailServer", "ListInbox", "ListParticipatedHistory");
 foreach ($arrayClass as $value) {
    Bootstrap::registerClass("Base" . $value,          PATH_HOME . "engine" . PATH_SEP . "classes" . PATH_SEP . "model" . PATH_SEP . "om" . PATH_SEP . "Base" . $value . ".php");
--- a/workflow/engine/bin/messageeventcron.php
+++ b/workflow/engine/bin/messageeventcron.php
@@ -114,6 +114,10 @@ try {
                    }
                }
            } else {
                if (!is_dir(PATH_DB . $workspace) || !file_exists(PATH_DB . $workspace . PATH_SEP . "db.php")) {
                    throw new Exception("Error: The workspace \"$workspace\" does not exist");
                }
                $countw++;
                passthru("php -f \"$messageEventCronSinglePath\" $workspace \"" . base64_encode(PATH_HOME) . "\" \"" . base64_encode(PATH_TRUNK) . "\" \"" . base64_encode(PATH_OUTTRUNK) . "\"");
--- a/workflow/engine/bin/rest-gen
+++ b/workflow/engine/bin/rest-gen
@@ -24,8 +24,8 @@ Usage: {$argv[0]} [build-crud] [gen-ini] [-p <plugin name>] [-w <workspace name>
 Options:
    build-crud : Task, build Rest Crud API.
    gen-ini    : Task, generates the rest config ini file.
-    -p         : Especify a plugin to set as enviroment to perform the tasks.
+    -p         : Specifies a plugin to set as environment to perform the tasks.
-    -w         : Especify a workspace to set as enviroment to perform the tasks.
+    -w         : Specifies a workspace to set as environment to perform the tasks.
 EOT;
@@ -42,7 +42,7 @@ try {
        case 'gen-ini':
            if (isset($argv[2])) {
                if (! isset($argv[3])) {
-                    throw new Exception("Missing option, need especify a valid argument after option '{$argv[2]}'");
+                    throw new Exception("Missing option, need specify a valid argument after option '{$argv[2]}'");
                }
                switch ($argv[2]) {
--- a/workflow/engine/bin/tasks/cliUpgrade.php
+++ b/workflow/engine/bin/tasks/cliUpgrade.php
@@ -217,7 +217,7 @@ function run_unify_database($args)
    if ($count > 1) {
        if(!Bootstrap::isLinuxOs()){
-            CLI::error("This is not a Linux enviroment, please especify workspace.\n");
+            CLI::error("This is not a Linux enviroment, please specify workspace.\n");
            return;
        }
    }
--- a/workflow/engine/classes/class.Upgrade.php
+++ b/workflow/engine/classes/class.Upgrade.php
@@ -98,7 +98,7 @@ class Upgrade
                $installedMD5 = "";
            } else {
                $time = microtime(1);
-                $installedMD5 = md5_file($installedFile);
+                $installedMD5 = G::encryptFileOld($installedFile);
                $checksumTime += microtime(1) - $time;
            }
            $archiveMD5 = $checksum;
--- a/workflow/engine/classes/class.derivation.php
+++ b/workflow/engine/classes/class.derivation.php
@@ -752,14 +752,19 @@ class Derivation
            //$appFields['APP_PROC_CODE'] = $nextDel['TAS_DEF_PROC_CODE'];
            /*----------------------------------********---------------------------------*/
            if ($nextDel['TAS_UID'] != '-1') {
-                $taskCur = TaskPeer::retrieveByPK($nextDel['TAS_UID']);
+                $taskNex = TaskPeer::retrieveByPK($nextDel['TAS_UID']);
-                $aTask = $taskCur->toArray( BasePeer::TYPE_FIELDNAME );
+                $aTask = $taskNex->toArray( BasePeer::TYPE_FIELDNAME );
                $arrayTaskTypeToExclude = array("WEBENTRYEVENT", "END-MESSAGE-EVENT", "START-MESSAGE-EVENT", "INTERMEDIATE-THROW-MESSAGE-EVENT", "INTERMEDIATE-CATCH-MESSAGE-EVENT");
                if (!in_array($aTask['TAS_TYPE'], $arrayTaskTypeToExclude)) {
                    if (!empty($iNewDelIndex) && empty($aSP)) {
                        $oAppDel = AppDelegationPeer::retrieveByPK( $appFields['APP_UID'], $iNewDelIndex );
                        $aFields = $oAppDel->toArray( BasePeer::TYPE_FIELDNAME );
                        $aFields['APP_STATUS'] = $currentDelegation['APP_STATUS'];
                        $taskCur  = TaskPeer::retrieveByPK($currentDelegation['TAS_UID']);
                        $aTaskCur = $taskCur->toArray( BasePeer::TYPE_FIELDNAME );
                        if ($aTaskCur['TAS_TYPE'] == "INTERMEDIATE-CATCH-MESSAGE-EVENT") {
                            $removeList = false;
                        }
                        $aFields['REMOVED_LIST'] = $removeList;
                        $inbox = new ListInbox();
                        $inbox->newRow($aFields, $appFields['CURRENT_USER_UID'], false, array(), ($nextDel['TAS_ASSIGN_TYPE'] == 'SELF_SERVICE' ? true : false));
--- a/workflow/engine/classes/class.pluginRegistry.php
+++ b/workflow/engine/classes/class.pluginRegistry.php
@@ -399,22 +399,19 @@ class PMPluginRegistry
    }
    /**
-     * get status plugin in the singleton
+     * Get status plugin in the singleton
     *
-     * @param unknown_type $sNamespace
+     * @param string $name Plugin name
     *
     * return mixed Return a string with status plugin, 0 otherwise
     */
-    public function getStatusPlugin ($sNamespace)
+    public function getStatusPlugin($name)
    {
-        foreach ($this->_aPluginDetails as $namespace => $detail) {
+        try {
-            if ($sNamespace == $namespace) {
+            return (isset($this->_aPluginDetails[$name]))? (($this->_aPluginDetails[$name]->enabled)? "enabled" : "disabled") : 0;
-                if ($this->_aPluginDetails[$sNamespace]->enabled) {
+        } catch (Excepton $e) {
-                    return 'enabled';
+            throw $e;
                } else {
                    return 'disabled';
                }
            }
        }
        return 0;
    }
    /**
--- a/workflow/engine/classes/class.system.php
+++ b/workflow/engine/classes/class.system.php
@@ -260,7 +260,7 @@ class System
                continue;
            }
            if (file_exists( realpath( $filename ) )) {
-                if (strcmp( $checksum, md5_file( realpath( $filename ) ) ) != 0) {
+                if (strcmp( $checksum, G::encryptFileOld( realpath( $filename ) ) ) != 0) {
                    $result['diff'][] = $filename;
                }
            } else {
@@ -542,7 +542,7 @@ class System
                    $file = PATH_TRUNK . trim( $line[2] );
                    if (is_readable( $file )) {
                        $size = sprintf( "%07d", filesize( $file ) );
-                        $checksum = sprintf( "%010u", crc32( file_get_contents( $file ) ) );
+                        $checksum = sprintf( "%010u", G::encryptCrc32( file_get_contents( $file ) ) );
                        if (! ($line[0] == $size && $line[1] == $checksum) && substr( $file, - 4 ) != '.xml') {
                            $distinctFiles .= $file . "\n";
                            $distinct ++;
--- a/workflow/engine/classes/model/AddonsManager.php
+++ b/workflow/engine/classes/model/AddonsManager.php
@@ -61,7 +61,7 @@ class AddonsManager extends BaseAddonsManager
        if ($download_md5 == null) {
            return null;
        }
-        return (strcasecmp(md5_file($filename), $download_md5) == 0);
+        return (strcasecmp(G::encryptFileOld($filename), $download_md5) == 0);
    }
    /**
--- a/workflow/engine/classes/model/Application.php
+++ b/workflow/engine/classes/model/Application.php
@@ -367,7 +367,7 @@ class Application extends BaseApplication
            $pin = G::generateCode(4, 'ALPHANUMERIC');
            $this->setAppData(serialize(array('PIN' => $pin)));
-            $this->setAppPin(md5($pin));
+            $this->setAppPin(G::encryptOld($pin));
            $c = new Criteria();
            $c->clearSelectColumns();
--- a/workflow/engine/controllers/installer.php
+++ b/workflow/engine/controllers/installer.php
@@ -848,7 +848,7 @@ class Installer extends Controller
            // Write the paths_installed.php file (contains all the information configured so far)
            if (! file_exists( FILE_PATHS_INSTALLED )) {
-                $sh = md5( filemtime( PATH_GULLIVER . '/class.g.php' ) );
+                $sh = G::encryptOld( filemtime( PATH_GULLIVER . '/class.g.php' ) );
                $h = G::encrypt( $db_hostname . $sh . $db_username . $sh . $db_password, $sh );
                $dbText = "<?php\n";
                $dbText .= sprintf( "  define('PATH_DATA',         '%s');\n", $pathShared );
@@ -1152,18 +1152,18 @@ class Installer extends Controller
            $query = sprintf( "USE %s;", $wf );
            $this->mssqlQuery( $query );
-            $query = sprintf( "UPDATE USERS SET USR_USERNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, md5( $adminPassword ) );
+            $query = sprintf( "UPDATE USERS SET USR_USERNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, G::encryptOld( $adminPassword ) );
            $this->mssqlQuery( $query );
            $query = sprintf( "USE %s;", $wf );
            $this->mssqlQuery( $query );
-            $query = sprintf( "UPDATE RBAC_USERS SET USR_USERNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, md5( $adminPassword ) );
+            $query = sprintf( "UPDATE RBAC_USERS SET USR_USERNAME = '%s', USR_PASSWORD = '%s' WHERE USR_UID = '00000000000000000000000000000001' ", $adminUsername, G::encryptOld( $adminPassword ) );
            $this->mssqlQuery( $query );
            // Write the paths_installed.php file (contains all the information configured so far)
            if (! file_exists( FILE_PATHS_INSTALLED )) {
-                $sh = md5( filemtime( PATH_GULLIVER . '/class.g.php' ) );
+                $sh = G::encryptOld( filemtime( PATH_GULLIVER . '/class.g.php' ) );
                $h = G::encrypt( $db_hostname . $sh . $db_username . $sh . $db_password . '1', $sh );
                $dbText = "<?php\n";
                $dbText .= sprintf( "  define ('PATH_DATA',        '%s' );\n", $pathShared );
--- a/workflow/engine/methods/authSources/authSources_Ajax.php
+++ b/workflow/engine/methods/authSources/authSources_Ajax.php
@@ -149,16 +149,30 @@ try {
            }
            break;
        case 'authSourcesNew':
            $pluginRegistry = &PMPluginRegistry::getSingleton();
            $arr = Array ();
            $oDirectory = dir( PATH_RBAC . 'plugins' . PATH_SEP );
-            $aAuthSourceTypes = array ();
+
            while ($sObject = $oDirectory->read()) {
                if (($sObject != '.') && ($sObject != '..') && ($sObject != '.svn') && ($sObject != 'ldap')) {
                    if (is_file( PATH_RBAC . 'plugins' . PATH_SEP . $sObject )) {
-                        $sType = trim( str_replace( 'class.', '', str_replace( '.php', '', $sObject ) ) );
+                        $sType = trim(str_replace(array("class.", ".php"), "", $sObject));
-                        $aAuthSourceTypes['sType'] = $sType;
+
-                        $aAuthSourceTypes['sLabel'] = $sType;
+                        $statusPlugin = $pluginRegistry->getStatusPlugin($sType);
-                        $arr[] = $aAuthSourceTypes;
+                        $flagAdd = false;
                        if (preg_match("/^(?:enabled|disabled)$/", $statusPlugin)) {
                            if ($statusPlugin == "enabled") {
                                $flagAdd = true;
                            }
                        } else {
                            $flagAdd = true;
                        }
                        if ($flagAdd) {
                            $arr[] = array("sType" => $sType, "sLabel" => $sType);
                        }
                    }
                }
            }
--- a/workflow/engine/methods/cases/caseHistory_Ajax.php
+++ b/workflow/engine/methods/cases/caseHistory_Ajax.php
@@ -137,7 +137,7 @@ if ($actionAjax == "showDynaformHistoryGetNomDynaform_JXP") {
        $dynTitle = $contentObjeto->getConValue();
    }
-    $md5Hash = md5( $idDin . $dynDate );
+    $md5Hash = G::encryptOld( $idDin . $dynDate );
    //assign task
    $result = new stdClass();
--- a/workflow/engine/methods/cases/casesListExtJs.php
+++ b/workflow/engine/methods/cases/casesListExtJs.php
@@ -42,6 +42,12 @@ switch ($action) {
        $urlProxy = 'proxyCasesList';
        $action = 'unassigned';
        break;
    case 'to_revise':
        $urlProxy = 'proxyCasesList';
        break;
    case 'to_reassign':
        $urlProxy = 'proxyCasesList';
        break;
 }
 /*----------------------------------********---------------------------------*/
--- a/workflow/engine/methods/cases/cases_StepToRevise.php
+++ b/workflow/engine/methods/cases/cases_StepToRevise.php
@@ -138,7 +138,7 @@ if (! isset( $_GET['ex'] )) {
 // DEPRECATED this JS section is marked for removal
 function setSelect()
 {
-  var ex=<?php echo $_GET['ex']?>;
+  var ex=<?php echo $filter->xssFilterHard($_GET['ex'])?>;
  try {
    for(i=1; i<50; i++) {
      if (i == ex) {
--- a/workflow/engine/methods/cases/cases_StepToReviseInputs.php
+++ b/workflow/engine/methods/cases/cases_StepToReviseInputs.php
@@ -140,7 +140,7 @@ G::RenderPage( 'publish', 'blank' );
 //Deprecated Section since the interface are now movig to ExtJS
 function setSelect()
 {
-    var ex=<?php echo $_GET['ex']?>;
+    var ex=<?php echo $filter->xssFilterHard($_GET['ex'])?>;
    try {
        for (i=1; i<50; i++) {
            if (i == ex) {
--- a/workflow/engine/methods/cases/cases_StepToReviseOutputs.php
+++ b/workflow/engine/methods/cases/cases_StepToReviseOutputs.php
@@ -84,7 +84,7 @@ if (! isset( $_GET['ex'] )) {
 //Deprecated Section since the interface are now movig to ExtJS
 function setSelect()
 {
-    var ex=<?php echo $_GET['ex']?>;
+    var ex=<?php echo $filter->xssFilterHard($_GET['ex'])?>;
    try{
        for (i=1; i<50; i++) {
            if (i == ex) {
--- a/workflow/engine/methods/cases/cases_ToReviseOutputDocView.php
+++ b/workflow/engine/methods/cases/cases_ToReviseOutputDocView.php
@@ -104,7 +104,7 @@ if (! isset( $_GET['ex'] )) {
 /*------------------------------ To Revise Routines ---------------------------*/
 function setSelect()
 {
-  var ex=<?php echo $_GET['ex']?>;
+  var ex=<?php echo $filter->xssFilterHard($_GET['ex'])?>;
  try{
    for(i=1; i<50; i++)
    {
--- a/workflow/engine/methods/dynaforms/dynaforms_FlatEditor.php
+++ b/workflow/engine/methods/dynaforms/dynaforms_FlatEditor.php
@@ -170,12 +170,12 @@ G::RenderPage( "publish", "raw" );
 <script>
  var toolbar = document.getElementById('fields_Toolbar')
  var fieldsList = document.getElementById('dynaformEditor[0]')
-  var tableHeight=<?php echo $config['FieldsList']['height'] ?>;
+  var tableHeight=<?php echo $filter->xssFilterHard($config['FieldsList']['height']) ?>;
-  var tableWidth=<?php echo $config['FieldsList']['width'] ?>;
+  var tableWidth=<?php echo $filter->xssFilterHard($config['FieldsList']['width']) ?>;
-  var toolbarTop=<?php echo $config['Toolbar']['top'] ?>;
+  var toolbarTop=<?php echo $filter->xssFilterHard($config['Toolbar']['top']) ?>;
-  var toolbarLeft=<?php echo $config['Toolbar']['left'] ?>;
+  var toolbarLeft=<?php echo $filter->xssFilterHard($config['Toolbar']['left']) ?>;
-  var fieldsListTop=<?php echo $config['FieldsList']['top'] ?>//(toolbarTop+toolbar.clientHeight+44+8 );
+  var fieldsListTop=<?php echo $filter->xssFilterHard($config['FieldsList']['top']) ?>//(toolbarTop+toolbar.clientHeight+44+8 );
-  var fieldsListLeft=<?php echo $config['FieldsList']['left'] ?>;
+  var fieldsListLeft=<?php echo $filter->xssFilterHard($config['FieldsList']['left']) ?>;
  mainPanel.elements.headerBar.style.backgroundColor='#CBDAEF';
  mainPanel.elements.headerBar.style.borderBottom='1px solid #808080';
  mainPanel.elements.headerBar.appendChild(toolbar);
--- a/workflow/engine/methods/enterprise/addonsStoreAction.php
+++ b/workflow/engine/methods/enterprise/addonsStoreAction.php
@@ -269,7 +269,7 @@ try {
                }
                ///////
-                $boundary = "---------------------" . substr(md5(rand(0, 32000)), 0, 10);
+                $boundary = "---------------------" . substr(G::encryptOld(rand(0, 32000)), 0, 10);
                $data = null;
                $data = $data . "--$boundary\n";
--- a/workflow/engine/methods/install/r.php
+++ b/workflow/engine/methods/install/r.php
@@ -2,25 +2,25 @@
 G::LoadSystem('inputfilter');
 $filter = new InputFilter();
 if(isset($_GET['srv'])) {
-    $_GET['srv'] = $filter->xssFilterHard($_GET['srv']);
+    $srv = $filter->xssFilterHard($_GET['srv']);
 }
 if(isset($_GET['usr'])) {
-    $_GET['usr'] = $filter->xssFilterHard($_GET['usr']);
+    $usr = $filter->xssFilterHard($_GET['usr']);
 }
 if(isset($_GET['pass'])) {
-    $_GET['pass'] = $filter->xssFilterHard($_GET['pass']);
+    $pass = $filter->xssFilterHard($_GET['pass']);
 }
 if(isset($_GET['gen'])) {
-    $_GET['gen'] = $filter->xssFilterHard($_GET['gen']);
+    $gen = $filter->xssFilterHard($_GET['gen']);
 }
 ?>
 <form action="r">
 	Server: <input type="text" name="srv"
-		value="<?php echo isset($_GET['srv'])?$_GET['srv']:'';?>"> User: <input
+		value="<?php echo isset($srv)? $srv:'';?>"> User: <input
 		type="text" name="usr"
-		value="<?php echo isset($_GET['usr'])?$_GET['usr']:'';?>" /> Passwd: <input
+		value="<?php echo isset($usr)? $usr:'';?>" /> Passwd: <input
 		type="text" name="pass"
-		value="<?php echo isset($_GET['pass'])?$_GET['pass']:'';?>" /> <input
+		value="<?php echo isset($pass)? $pass:'';?>" /> <input
 		type="submit" value="Gen" name="gen" /> <input type="submit"
 		value="Regenerate paths_installed" name="reg" /><br />
 </form>
@@ -28,14 +28,18 @@ if(isset($_GET['gen'])) {
 if (isset( $_GET['gen'] )) {
    $sh = G::encryptOld( filemtime( PATH_GULLIVER . "/class.g.php" ) );
    $sh = $filter->xssFilterHard($sh);
    $h = G::encrypt( $_GET['srv'] . $sh . $_GET['usr'] . $sh . $_GET['pass'] . $sh . (1), $sh );
    $h = $filter->xssFilterHard($h);
    echo "HASH_INSTALLATION<br/>";
    echo "<textarea cols=120>$h</textarea><br/>";
    echo "SYSTEM_HASH<br/>";
    echo "<textarea cols=120>$sh</textarea>";
 } elseif (isset( $_GET['reg'] )) {
    $sh = G::encryptOld( filemtime( PATH_GULLIVER . "/class.g.php" ) );
    $sh = $filter->xssFilterHard($sh);
    $h = G::encrypt( $_GET['srv'] . $sh . $_GET['usr'] . $sh . $_GET['pass'] . $sh . (1), $sh );
    $h = $filter->xssFilterHard($h);
    echo "HASH_INSTALLATION<br/>";
    echo "<textarea cols=120>$h</textarea><br/>";
    echo "SYSTEM_HASH<br/>";
--- a/workflow/engine/methods/setup/appCacheViewAjax.php
+++ b/workflow/engine/methods/setup/appCacheViewAjax.php
@@ -302,7 +302,7 @@ switch ($request) {
        list($sucess, $msgErr) = testConnection(DB_ADAPTER, $serverName, $user, $passwd, $port);
        if ($sucess) {
-            $sh = md5( filemtime( PATH_GULLIVER . "/class.g.php" ) );
+            $sh = G::encryptOld( filemtime( PATH_GULLIVER . "/class.g.php" ) );
            $h = G::encrypt( $_POST['host'] . $sh . $_POST['user'] . $sh . $_POST['password'] . $sh . (1), $sh );
            $insertStatements = "define ( 'HASH_INSTALLATION','{$h}' );  \ndefine ( 'SYSTEM_HASH', '{$sh}' ); \n";
            $lines = array ();
--- a/workflow/engine/methods/setup/pluginsRemove.php
+++ b/workflow/engine/methods/setup/pluginsRemove.php
@@ -39,7 +39,8 @@ switch ($RBAC->userCanAccess('PM_SETUP_ADVANCE'))
 }*/
 G::LoadClass( "plugin" );
-
+G::LoadSystem('inputfilter');
 $filter = new InputFilter();
 $pluginName = $_REQUEST["pluginUid"];
 if (file_exists( PATH_PLUGINS . $pluginName . ".php" )) {
@@ -50,5 +51,5 @@ if (file_exists( PATH_PLUGINS . $pluginName . ".php" )) {
    $pluginRegistry->unSerializeInstance( file_get_contents( PATH_DATA_SITE . "plugin.singleton" ) );
 }
 G::auditLog("RemovePlugin","Plugin Name: ".$pluginName);
-echo $pluginName . " " . nl2br( G::LoadTranslation( "ID_MSG_REMOVE_PLUGIN_SUCCESS" ) );
+echo $pluginName . " " . nl2br( $filter->xssFilterHard(G::LoadTranslation( "ID_MSG_REMOVE_PLUGIN_SUCCESS" )) );
--- a/workflow/engine/skinEngine/neoclassic/layout.html
+++ b/workflow/engine/skinEngine/neoclassic/layout.html
@@ -15,7 +15,7 @@
              <tr>
                  {if $user_logged neq '' or $tracker neq ''}
                  <td rowspan="2" style="vertical-align:top;width: 245px;"><img src="{$logo_company}" class="logo_company"/></td>
-                  <td class="mainMenuBG" rowspan="2" valign="center" >
+                  <td id="mainMenuBG" class="mainMenuBG" rowspan="2" valign="center" >
                      {include file="$tpl_menu"}
                      {if (count($subMenus)>0) }
                          {include file= "$tpl_submenu"}
@@ -30,7 +30,7 @@
                        <label class="textBlue"><a href="../../uxs/home">{$switch_interface_label}</a> | </label>
                        {/if}
                        <a href="{$linklogout}" class="tableOption">{$logout}</a>&nbsp;&nbsp;<br/>
-                        <label class="textBlack"><b>{$rolename}</b> {$workspace_label} <b><u>{$workspace}</u></b> &nbsp; &nbsp; <br/>
+                        <label class="textBlack"><b>{$rolename}</b> {$workspace_label} <b><u>{$workspace}</u></b><br />
                        {$udate}</label>&nbsp; &nbsp;
                      {else}
                          {if $tracker eq 1}
@@ -110,4 +110,4 @@
        </div>
    </body>
  {/if}
-</html>
+</html>
--- a/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php
+++ b/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php
@@ -861,15 +861,33 @@ class Cases
     *
     * @access public
     * @param string $app_uid, Uid for case
     * @param string $usr_uid, Uid user
     * @return array
     *
     * @author Brayan Pereyra (Cochalo) <brayan@colosa.com>
     * @copyright Colosa - Bolivia
     */
-    public function deleteCase($app_uid)
+    public function deleteCase($app_uid, $usr_uid)
    {
        Validator::isString($app_uid, '$app_uid');
        Validator::appUid($app_uid, '$app_uid');
        $criteria = new \Criteria();
        $criteria->addSelectColumn( \ApplicationPeer::APP_STATUS );
        $criteria->addSelectColumn( \ApplicationPeer::APP_INIT_USER );
        $criteria->add( \ApplicationPeer::APP_UID, $app_uid, \Criteria::EQUAL );
        $dataset = \ApplicationPeer::doSelectRS($criteria);
        $dataset->setFetchmode(\ResultSet::FETCHMODE_ASSOC);
        $dataset->next();
        $aRow = $dataset->getRow();
        if ($aRow['APP_STATUS'] != 'DRAFT') {
            throw (new \Exception(\G::LoadTranslation("ID_DELETE_CASE_NO_STATUS")));
        }
        if ($aRow['APP_INIT_USER'] != $usr_uid) {
            throw (new \Exception(\G::LoadTranslation("ID_DELETE_CASE_NO_OWNER")));
        }
        $case = new \Cases();
        $case->removeCase( $app_uid );
    }
--- a/workflow/engine/src/ProcessMaker/BusinessModel/FilesManager.php
+++ b/workflow/engine/src/ProcessMaker/BusinessModel/FilesManager.php
@@ -190,12 +190,11 @@ class FilesManager
                    break;
            }
            $content = $aData['prf_content'];
-            if (is_string($content)) {
+            if (file_exists($sDirectory) ) {
-                if (file_exists($sDirectory)) {
+                $directory = $sMainDirectory. PATH_SEP . $sSubDirectory . $aData['prf_filename'];
-                    $directory = $sMainDirectory. PATH_SEP . $sSubDirectory . $aData['prf_filename'];
+                throw new \Exception(\G::LoadTranslation("ID_EXISTS_FILE", array($directory)));
                    throw new \Exception(\G::LoadTranslation("ID_EXISTS_FILE", array($directory)));
                }
            }
            if (!file_exists($sCheckDirectory)) {
                $sPkProcessFiles = \G::generateUniqueID();
                $oProcessFiles = new \ProcessFiles();
@@ -555,4 +554,3 @@ class FilesManager
        }
    }
 }
--- a/workflow/engine/src/ProcessMaker/Project/Adapter/BpmnWorkflow.php
+++ b/workflow/engine/src/ProcessMaker/Project/Adapter/BpmnWorkflow.php
@@ -497,7 +497,10 @@ class BpmnWorkflow extends Project\Bpmn
                            //Setting as start Task
                            //or
                            //Remove as start Task
-                            $this->wp->setStartTask($arrayFlowData["FLO_ELEMENT_DEST"], $flagStartTask);
+                            $bwp = new self;
                            if ($bwp->getActivity($arrayFlowData["FLO_ELEMENT_DEST"])) {
                                $this->wp->setStartTask($arrayFlowData["FLO_ELEMENT_DEST"], $flagStartTask);
                            }
                            break;
                    }
                }
@@ -1384,6 +1387,10 @@ class BpmnWorkflow extends Project\Bpmn
            $activity = $bwp->getActivity($activityData["ACT_UID"]);
            if ($activity["BOU_CONTAINER"] != $activityData["BOU_CONTAINER"]) {
                $activity = null;
            }
            if ($forceInsert || is_null($activity)) {
                if ($generateUid) {
                    //Generate and update UID
--- a/workflow/engine/src/ProcessMaker/Services/Api/Cases.php
+++ b/workflow/engine/src/ProcessMaker/Services/Api/Cases.php
@@ -809,8 +809,9 @@ class Cases extends Api
    public function doDeleteCase($cas_uid)
    {
        try {
            $usr_uid = $this->getUserId();
            $cases = new \ProcessMaker\BusinessModel\Cases();
-            $cases->deleteCase($cas_uid);
+            $cases->deleteCase($cas_uid, $usr_uid);
        } catch (\Exception $e) {
            throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()));
        }
--- a/workflow/engine/src/ProcessMaker/Services/Api/Project/DynaForm.php
+++ b/workflow/engine/src/ProcessMaker/Services/Api/Project/DynaForm.php
@@ -47,6 +47,10 @@ class DynaForm extends Api
            $dynaForm->setArrayFieldNameForException(array("processUid" => "prj_uid"));
            $arrayData = $dynaForm->executeCreate($prj_uid, $request_data);
            if (!array_key_exists('dyn_content', $request_data)) {
                $request_data['dyn_content']="{}";
            }
            $arrayData = $dynaForm->update($arrayData['dyn_uid'], $request_data);
            $response = $arrayData;
--- a/workflow/engine/templates/admin/calendarEdit.js
+++ b/workflow/engine/templates/admin/calendarEdit.js
@@ -750,8 +750,7 @@ Ext.onReady( function() {
                      xtype      : 'textfield' ,
                      width      : 200 ,
                      fieldLabel : _('ID_NAME') ,
-                      name       : 'name' ,
+                      name       : 'name' 
                      allowBlank : false
                    },
                    {
                      id         : 'dynaformCalendarDescription' ,
@@ -935,6 +934,9 @@ Ext.onReady( function() {
                    Ext.getCmp('dynaformCalendarName').setValue(Ext.getCmp('dynaformCalendarName').getValue().trim());
                    var canlendarName = Ext.getCmp('dynaformCalendarName').getValue().trim();
                    if(canlendarName === ""){
                        Ext.apply(Ext.getCmp('dynaformCalendarName'), {allowBlank: false}, {});
                        Ext.Msg.alert(_('ID_WARNING'), _("ID_FIELD_REQUIRED", _("ID_NAME")));
                        Ext.getCmp('dynaformCalendarName').setValue("");
                        return;
                    }
                    Ext.Ajax.request({
--- a/workflow/engine/templates/designer/index.html
+++ b/workflow/engine/templates/designer/index.html
@@ -79,6 +79,7 @@
 </head>
 <body onresize="resizingFrame();">
 <!--<div class="ui-layout-north">-->
     <div class="loader"></div>
     <section class="navBar" id="idNavBar">
        <div class="head"></div>
        <nav>
--- a/workflow/engine/templates/processes/main.js
+++ b/workflow/engine/templates/processes/main.js
@@ -1402,7 +1402,11 @@ importProcessBpmnSubmit = function () {
                    return;
                }
                Ext.getCmp('importProcessWindow').close();
-                window.location.href = "../designer?prj_uid=" + resp_.prj_uid;
+                if (typeof(importProcessGlobal.processFileType) != "undefined" && importProcessGlobal.processFileType == "bpmn") {
                    openWindowIfIE("../designer?prj_uid=" + resp_.prj_uid);
                } else {
                    window.location.href = "processes_Map?PRO_UID=" + resp_.prj_uid;
                }
            },
            failure: function (o, resp) {
                Ext.getCmp('importProcessWindow').close();
--- a/workflow/engine/templates/processes/mainLoad.php
+++ b/workflow/engine/templates/processes/mainLoad.php
@@ -25,13 +25,32 @@
    document.getElementById('pm_submenu').style.display = 'none';
  document.documentElement.style.overflowY = 'hidden';
  function autoResizeScreen() {
-    oCasesFrame    = document.getElementById('frameMain');
+  	var containerList1, containerList2;
-    oClientWinSize = getClientWindowSize();
+    oCasesFrame = document.getElementById('frameMain');
-    height = oClientWinSize.height-105;
+	containerList1 = document.getElementById("pm_header");
-    oCasesFrame.style.height = height;
+	if (document.getElementById("mainMenuBG") && 
-    if (oCasesFrame.height ) {
+		document.getElementById("mainMenuBG").parentNode &&
-    	oCasesFrame.height = height;
+		document.getElementById("mainMenuBG").parentNode.parentNode &&
-    }
+		document.getElementById("mainMenuBG").parentNode.parentNode.parentNode &&
 		document.getElementById("mainMenuBG").parentNode.parentNode.parentNode.parentNode
 		){
 			containerList2 = document.getElementById("mainMenuBG").parentNode.parentNode.parentNode.parentNode;			
 		}
 	if (containerList1 === containerList2) {
 		height = oClientWinSize.height - containerList1.clientHeight;
 		oCasesFrame.style.height = height;
 		if (oCasesFrame.height ) {
 			oCasesFrame.height = height;
 		}
 	} else {
 	    oCasesFrame    = document.getElementById('frameMain');
 		oClientWinSize = getClientWindowSize();
 		height = oClientWinSize.height-105;
 		oCasesFrame.style.height = height;
 		if (oCasesFrame.height ) {
 			oCasesFrame.height = height;
 		}		
 	}
    //oCasesSubFrame = oCasesFrame.contentWindow.document.getElementById('casesSubFrame');
    //oCasesSubFrame.style.height = height-10;
  }
--- a/workflow/engine/templates/processes/webentryPost.tpl
+++ b/workflow/engine/templates/processes/webentryPost.tpl
@@ -22,11 +22,32 @@ try {
        throw (new Exception("function ws_open() is not defined. File wsClient.php is missing"));
    }
    /*
     * PMDynaform
     * DYN_VERSION is 1: classic Dynaform,
     * DYN_VERSION is 2: responsive form, Pmdynaform.
     */
    $a = new Criteria("workflow");
    $a->addSelectColumn(DynaformPeer::DYN_VERSION);
    $a->add(DynaformPeer::DYN_UID, "{dynaformUid}", Criteria::EQUAL);
    $a = ProcessPeer::doSelectRS($a);
    $a->setFetchmode(ResultSet::FETCHMODE_ASSOC);
    $a->next();
    $row = $a->getRow();
    $swpmdynaform = isset($row) && $row["DYN_VERSION"] == 2;
    if ($swpmdynaform) {
        $pmdynaform = $_POST["form"];
    }
    $oForm = new Form("{processUid}" . "/" . "{dynaformUid}", PATH_DYNAFORM);
    $oForm->validatePost();
    ws_open();
-    $result = ws_newCase("{processUid}", "{taskUid}", convertFormToWSObjects($_POST["form"]));
+    if ($swpmdynaform) {
        $result = ws_newCase("{processUid}", "{taskUid}", convertFormToWSObjects($pmdynaform));
    } else {
      $result = ws_newCase("{processUid}", "{taskUid}", convertFormToWSObjects($_POST["form"]));
    }
    if ($result->status_code == 0) {
        $caseId = $result->caseId;
--- a/workflow/engine/templates/reportTables/mainLoad.php
+++ b/workflow/engine/templates/reportTables/mainLoad.php
@@ -20,7 +20,7 @@ if(isset($_GET['gui'])) {
 }
 </style>
 <body onresize="autoResizeScreen()" onload="autoResizeScreen()">
-<iframe name="frameMain" id="frameMain" src ="../reportTables/mainInit?PRO_UID=<?php echo $gui?>" width="99%" height="200" frameborder="0">
+<iframe name="frameMain" id="frameMain" src ="../reportTables/mainInit?PRO_UID=<?php echo $filter->xssFilterHard($gui)?>" width="99%" height="200" frameborder="0">
  <p>Your browser does not support iframes.</p>
 </iframe>
 </body>
--- a/workflow/engine/templates/services/login_getStarted.html
+++ b/workflow/engine/templates/services/login_getStarted.html
@@ -33,7 +33,7 @@
      border-right: #fff  1px solid;
      padding-right: 10px;
      border-top: #fff 1px solid;
-      padding-top: 10px;
+      padding-top: 5px;
      border-left: #fff 1px solid;
      padding-left: 10px;
      border-bottom: #fff 1px solid;
@@ -47,6 +47,16 @@
    span.cLow {
        color: #002c72;
    }
    span.cLow-min {
        color: #002c72;
        font-size: 13px;
        line-height: 1.3em;
    }
    span.cLow-autor {
        color: #002c72;
        font-size: 15px;
        line-height: 1.3em;
    }
    </style>
    <!--[if IE]>
@@ -68,23 +78,23 @@
            <a target="_blank" href="http://www.processmaker.com"><img src="/images/get_started.png" border="0" width="163" height="438"></a>
        </td>
        <td class="cell2" valign="top">
-            <p><span class="cLow">Welcome to ProcessMaker!</span></p>
+            <p><b><span class="cLow">Welcome to ProcessMaker 3.</span></b></p>
-            <p><span class="cLow">To get started, log in using the following credentials. You can change them later:</span></p>
+            <p style="text-align: justify;"><span class="cLow-min">This new version features a new process designer based upon the Business Process Management Notation 2 standard. It offers a new form designer with flexible layouts for desktops, tablets and cellphones and a new REST API to remotely access ProcessMaker.</span></p>
            <p style="text-align: justify;"><span class="cLow-min">To get started, log in using the following credentials. You can change them later:</span></p>
            <span class="cNeg">Username:</span><span class="cLow"> {name}</span><br>
-            <span class="cNeg">Password:</span><span class="cLow"> {pass}</span>
+            <span class="cNeg">Password:</span><span class="cLow"> {pass}</span><br><br>
-            <p><span class="cLow">We suggest you follow our 7 easy videos to automate your workflow.  You can see a demo of each step at&nbsp;<a target="_blank" href="http://www.processmaker.com/demos/">http://www.processmaker.com/demos/</a> </span></p>
+            <p style="text-align: justify;"><span class="cLow-min">We suggest you follow our 7 easy videos to automate your workflow.  You can see a demo of each step at <a target="_blank" href="http://www.processmaker.com/tutorials">http://www.processmaker.com/tutorials/</a></span></p>
-            <span class="cLow">Other Resources:</span><br/><br/>
+            <b><span class="cLow">Other Resources:</span></b><br/><br/>
            <span class="cLow"><a target="_blank" href="http://wiki.processmaker.com">PM Wiki </a>- Manuals</span><br/>
-            <span class="cLow"><a target="_blank" href="http://forum.processmaker.com">PM Forum </a>- Ask Questions</span><br/>
+            <span class="cLow"><a target="_blank" href="http://forum.processmaker.com">PM Forum </a>- Ask Questions</span><br/><br/>
-            <p><span class="cLow">We hope you enjoy using ProcessMaker. For more information about our enterprise support and consulting services <a target="_blank" href="http://www.processmaker.com/contact-us">contact us.</a>
+            <p style="text-align: justify;"><span class="cLow-min">We hope you enjoy using ProcessMaker. For more information about our enterprise support and consulting services <a target="_blank" href="http://www.processmaker.com/contact-us">contact us.</a></span></p>
-            </span></p>
+            <p><b><span class="cLow-autor">The ProcessMaker Team</span></b></p>
            <p><span class="cLow">The ProcessMaker Team</span></p>
-            <input type="checkbox" name="getStarted" id="getStarted" onclick="saveConfig();"><span class="cLow">Don't show me again</span>
+            <input type="checkbox" name="getStarted" id="getStarted" onclick="saveConfig();"><span class="cLow"> Don't show me again</span>
        </td>
    </tr>
 </table>
--- a/workflow/engine/xmlform/login/forgotPasswordpm3.xml
+++ b/workflow/engine/xmlform/login/forgotPasswordpm3.xml
@@ -6,7 +6,7 @@
  <USR_USERNAME type="text" size="30" maxlength="50" required="true" validate="Any" autocomplete="0">
    <en><![CDATA[User]]></en>
  </USR_USERNAME>
-  <USR_EMAIL type="text" size="30" required="true" maxlength="254"  autocomplete="0">
+  <USR_EMAIL type="text" size="30" required="true" maxlength="100"  autocomplete="0">
    <en><![CDATA[Email]]></en>
  </USR_EMAIL>
  <URL type="hidden"/>
--- a/workflow/engine/xmlform/login/licenseExpiredpm3.html
+++ b/workflow/engine/xmlform/login/licenseExpiredpm3.html
@@ -16,7 +16,7 @@
        {$form.updateButton}                
    </fieldset>
-    <div class="FormRequiredTextMessage"><font color="red">*  </font>Required Field</div>       </div>
+    <div class="FormRequiredTextMessage"></div>
       <div class="boxBottom"><div class="a">&nbsp;</div><div class="b">&nbsp;</div><div class="c">&nbsp;</div></div>
       </div>
    <script type="text/javascript">      
--- a/workflow/public_html/bootstrap.php
+++ b/workflow/public_html/bootstrap.php
@@ -342,7 +342,7 @@
    }
    else {
      if(SYS_TARGET=="dbInfo"){ //Show dbInfo when no SYS_SYS
-          $pathFile = PATH_METHODS . "login/dbInfo.php";
+          $pathFile = PATH_METHODS . 'login/dbInfo.php';
          $pathFile = $filter->validateInput($pathFile,'path');
          require_once($pathFile);
      }
@@ -361,7 +361,7 @@
          }
        }
        else { // classic sysLogin interface
-          $pathFile = PATH_METHODS . "login/sysLogin.php";
+          $pathFile = PATH_METHODS . 'login/sysLogin.php';
          $pathFile = $filter->validateInput($pathFile,'path');
          require_once($pathFile) ;
          die();