Merged master into dashboards2

2015-04-01 09:08:57 -04:00
parent dc89b7dbe8 2ef493d4f0
commit db31fbe173
40 changed files with 119 additions and 86 deletions
--- a/gulliver/methods/genericAjax.php
+++ b/gulliver/methods/genericAjax.php
@@ -180,7 +180,7 @@ if( isset($request) ){
          $gKey = (int)$row['lastId'] + 1;

        } else {
-          $gKey = md5(date('Y-m-d H:i:s').'@'.rand());
+          $gKey = G::encryptOld(date('Y-m-d H:i:s').'@'.rand());
        }

        $rs = $con->executeQuery("INSERT INTO {$_GET['table']} ({$_GET['pk']}, {$_GET['fld']}) VALUES ('$gKey', '{$_GET['value']}');");
--- a/gulliver/system/class.bootstrap.php
+++ b/gulliver/system/class.bootstrap.php
@@ -399,7 +399,7 @@ class Bootstrap
                // Detect by creating a temporary file
                // Try to use system's temporary directory as random name
                // shouldn't exist
-                $temp_file = tempnam(md5(uniqid(rand(), true)), '');
+                $temp_file = tempnam(Bootstrap::encryptOld(uniqid(rand(), true)), '');
                if ($temp_file) {
                    $temp_dir = realpath(dirname($temp_file));
                    unlink($temp_file);
@@ -1077,7 +1077,7 @@ class Bootstrap
        $mtime = date('U');
        $gmt_mtime = gmdate("D, d M Y H:i:s", $mtime) . " GMT";
        header('Pragma: cache');
-        header('ETag: "' . md5($mtime . $filename) . '"');
+        header('ETag: "' . Bootstrap::encryptOld($mtime . $filename) . '"');
        header("Last-Modified: " . $gmt_mtime);
        header('Cache-Control: public');
        header("Expires: " . gmdate("D, d M Y H:i:s", time() + 30 * 60 * 60 * 24) . " GMT"); //1 month
@@ -1090,7 +1090,7 @@ class Bootstrap
        }

        if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) {
-            if (str_replace('"', '', stripslashes($_SERVER['HTTP_IF_NONE_MATCH'])) == md5($mtime . $filename)) {
+            if (str_replace('"', '', stripslashes($_SERVER['HTTP_IF_NONE_MATCH'])) == Bootstrap::encryptOld($mtime . $filename)) {
                header("HTTP/1.1 304 Not Modified");
                exit();
            }
@@ -1216,7 +1216,7 @@ class Bootstrap
                $mtime = date('U');
            }
            $gmt_mtime = gmdate("D, d M Y H:i:s", $mtime) . " GMT";
-            header('ETag: "' . md5($mtime . $filename) . '"');
+            header('ETag: "' . Bootstrap::encryptOld($mtime . $filename) . '"');
            header("Last-Modified: " . $gmt_mtime);
            header('Cache-Control: public');
            header("Expires: " . gmdate("D, d M Y H:i:s", time() + 60 * 10) . " GMT"); // ten
@@ -1234,7 +1234,7 @@ class Bootstrap
                $mtime = date('U');
            }
            $gmt_mtime = gmdate("D, d M Y H:i:s", $mtime) . " GMT";
-            header('ETag: "' . md5($mtime . $filename) . '"');
+            header('ETag: "' . Bootstrap::encryptOld($mtime . $filename) . '"');
            header("Last-Modified: " . $gmt_mtime);
            header('Cache-Control: public');
            header("Expires: " . gmdate("D, d M Y H:i:s", time() + 90 * 60 * 60 * 24) . " GMT");
@@ -1246,7 +1246,7 @@ class Bootstrap
            }

            if (isset($_SERVER ['HTTP_IF_NONE_MATCH'])) {
-                if (str_replace('"', '', stripslashes($_SERVER ['HTTP_IF_NONE_MATCH'])) == md5($mtime . $filename)) {
+                if (str_replace('"', '', stripslashes($_SERVER ['HTTP_IF_NONE_MATCH'])) == Bootstrap::encryptOld($mtime . $filename)) {
                    header("HTTP/1.1 304 Not Modified");
                    exit();
                }
@@ -1276,7 +1276,7 @@ class Bootstrap
                $checkSum .= md5_file($file);
            }
        }
-        return md5($checkSum . $key);
+        return Bootstrap::encryptOld($checkSum . $key);
    }

    /**
@@ -2922,5 +2922,16 @@ class Bootstrap
        }
        return false;
    }
+    /**
+    * encryptOld
+    *
+    * @param string $string
+    *
+    * @return md5($string)
+    */
+    public function encryptOld ($string)
+    {
+        return md5($string);
+    }
 }

--- a/gulliver/system/class.g.php
+++ b/gulliver/system/class.g.php
@@ -1211,7 +1211,7 @@ class G
                $mtime = date( 'U' );
            }
            $gmt_mtime = gmdate( "D, d M Y H:i:s", $mtime ) . " GMT";
-            header( 'ETag: "' . md5( $mtime . $filename ) . '"' );
+            header( 'ETag: "' . G::encryptOld( $mtime . $filename ) . '"' );
            header( "Last-Modified: " . $gmt_mtime );
            header( 'Cache-Control: public' );
            header( "Expires: " . gmdate( "D, d M Y H:i:s", time() + 60 * 10 ) . " GMT" ); //ten minutes
@@ -1228,7 +1228,7 @@ class G
                $mtime = date( 'U' );
            }
            $gmt_mtime = gmdate( "D, d M Y H:i:s", $mtime ) . " GMT";
-            header( 'ETag: "' . md5( $mtime . $filename ) . '"' );
+            header( 'ETag: "' . G::encryptOld( $mtime . $filename ) . '"' );
            header( "Last-Modified: " . $gmt_mtime );
            header( 'Cache-Control: public' );
            header( "Expires: " . gmdate( "D, d M Y H:i:s", time() + 90 * 60 * 60 * 24 ) . " GMT" );
@@ -1240,7 +1240,7 @@ class G
            }

            if (isset( $_SERVER['HTTP_IF_NONE_MATCH'] )) {
-                if (str_replace( '"', '', stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) ) == md5( $mtime . $filename )) {
+                if (str_replace( '"', '', stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) ) == G::encryptOld( $mtime . $filename )) {
                    header( "HTTP/1.1 304 Not Modified" );
                    exit();
                }
@@ -3212,7 +3212,7 @@ class G
            } else {
                // Detect by creating a temporary file
                // Try to use system's temporary directory as random name shouldn't exist
-                $temp_file = tempnam( md5( uniqid( rand(), true ) ), '' );
+                $temp_file = tempnam( G::encryptOld( uniqid( rand(), true ) ), '' );
                if ($temp_file) {
                    $temp_dir = realpath( dirname( $temp_file ) );
                    unlink( $temp_file );
@@ -4571,7 +4571,7 @@ class G
                $checkSum .= md5_file( $file );
            }
        }
-        return md5( $checkSum . $key );
+        return G::encryptOld( $checkSum . $key );
    }

    /**
@@ -5574,6 +5574,28 @@ class G
       $clean = ($lowercase) ? (function_exists('mb_strtolower')) ? mb_strtolower($clean, 'UTF-8') : strtolower($clean) : $clean;
       return $clean;
   }
+   /**
+    * encryptOld
+    *
+    * @param string $string
+    *
+    * @return md5($string)
+    */
+    public function encryptOld ($string)
+    {
+        return md5($string);
+    }
+    /**
+    * crc32
+    *
+    * @param string $string
+    *
+    * @return crc32($string)
+    */
+    public function encryptCrc32 ($string)
+    {
+        return crc32($string);
+    }
 }

 /**
--- a/gulliver/system/class.headPublisher.php
+++ b/gulliver/system/class.headPublisher.php
@@ -536,7 +536,7 @@ class headPublisher
            $cacheFilename = PATH_C . 'ExtJs' . PATH_SEP . $cacheName . '.js';
            file_put_contents($cacheFilename, file_get_contents($jsFilename));
        } else {
-            $cacheName = md5($mtime . $jsFilename);
+            $cacheName = G::encryptOld($mtime . $jsFilename);
            $cacheFilename = PATH_C . 'ExtJs' . PATH_SEP . $cacheName . '.js';

            if (!file_exists($cacheFilename)) {
@@ -581,7 +581,7 @@ class headPublisher
                    }
                    if (file_exists(PATH_PLUGINS . $pluginJsFile)) {
                        $mtime = filemtime(PATH_PLUGINS . $pluginJsFile);
-                        $jsPluginCacheName = md5($mtime . $pluginJsFile);
+                        $jsPluginCacheName = G::encryptOld($mtime . $pluginJsFile);
                        $cacheFilename = PATH_C . 'ExtJs' . PATH_SEP . $jsPluginCacheName . '.js';

                        if (!file_exists($cacheFilename)) {
--- a/gulliver/system/class.rbac.php
+++ b/gulliver/system/class.rbac.php
@@ -320,7 +320,7 @@ class RBAC
            G::LoadClass('pmLicenseManager');
        }
        $licenseManager =& pmLicenseManager::getSingleton();
-        if (in_array(md5($licenseManager->result), array('38afd7ae34bd5e3e6fc170d8b09178a3', 'ba2b45bdc11e2a4a6e86aab2ac693cbb'))) {
+        if (in_array(G::encryptOld($licenseManager->result), array('38afd7ae34bd5e3e6fc170d8b09178a3', 'ba2b45bdc11e2a4a6e86aab2ac693cbb'))) {
            return -7;
        }
        /*----------------------------------********---------------------------------*/
--- a/gulliver/system/class.xmlform.php
+++ b/gulliver/system/class.xmlform.php
@@ -5439,7 +5439,7 @@ class XmlForm
        }
        $filesToDelete = substr( (defined( 'PATH_C' ) ? PATH_C : PATH_DATA) . 'xmlform/', 0, - 1 ) . $realPath . '.*.js';
        $auxPath = explode( PATH_SEP, $realPath );
-        $auxPath[count( $auxPath ) - 1] = $auxPath[count( $auxPath ) - 1] . '.' . md5( filemtime( $this->fileName ) );
+        $auxPath[count( $auxPath ) - 1] = $auxPath[count( $auxPath ) - 1] . '.' . G::encryptOld( filemtime( $this->fileName ) );
        $realPath = implode( PATH_SEP, $auxPath );
        // Improvement for the js cache - End
        $this->parsedFile = $parsedFilePath;
--- a/gulliver/thirdparty/pear/class.soap_transport_http.php
+++ b/gulliver/thirdparty/pear/class.soap_transport_http.php
@@ -317,13 +317,13 @@ class soap_transport_http extends nusoap_base {
 				$A1 = $username. ':' . (isset($digestRequest['realm']) ? $digestRequest['realm'] : '') . ':' . $password;
 	
 				// H(A1) = MD5(A1)
-				$HA1 = md5($A1);
+				$HA1 = G::encryptOld($A1);
 	
 				// A2 = Method ":" digest-uri-value
 				$A2 = 'POST:' . $this->digest_uri;
 	
 				// H(A2)
-				$HA2 =  md5($A2);
+				$HA2 =  G::encryptOld($A2);
 	
 				// KD(secret, data) = H(concat(secret, ":", data))
 				// if qop == auth:
@@ -345,7 +345,7 @@ class soap_transport_http extends nusoap_base {
 					$unhashedDigest = $HA1 . ':' . $nonce . ':' . $HA2;
 				}
 	
-				$hashedDigest = md5($unhashedDigest);
+				$hashedDigest = G::encryptOld($unhashedDigest);
 	
 				$this->outgoing_headers['Authorization'] = 'Digest username="' . $username . '", realm="' . $digestRequest['realm'] . '", nonce="' . $nonce . '", uri="' . $this->digest_uri . '", cnonce="' . $cnonce . '", nc=' . sprintf("%08x", $digestRequest['nc']) . ', qop="' . $digestRequest['qop'] . '", response="' . $hashedDigest . '"';
 			}
--- a/workflow/engine/classes/class.Installer.php
+++ b/workflow/engine/classes/class.Installer.php
@@ -443,12 +443,12 @@ class Installer
        //  The mysql_escape_string function has been DEPRECATED as of PHP 5.3.0.
        //  $this->run_query('UPDATE USERS SET USR_USERNAME = \''.mysql_escape_string($this->options['admin']['username']).'\', `USR_PASSWORD` = \''.md5($this->options['admin']['password']).'\' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1',
        //    "Add 'admin' user in ProcessMaker (wf)");
-        $this->run_query('UPDATE USERS SET USR_USERNAME = \'' . mysql_real_escape_string($this->options['admin']['username']) . '\', ' . '  `USR_PASSWORD` = \'' . md5($this->options['admin']['password']) . '\' ' . '  WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', "Add 'admin' user in ProcessMaker (wf)");
+        $this->run_query('UPDATE USERS SET USR_USERNAME = \'' . mysql_real_escape_string($this->options['admin']['username']) . '\', ' . '  `USR_PASSWORD` = \'' . G::encryptOld($this->options['admin']['password']) . '\' ' . '  WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', "Add 'admin' user in ProcessMaker (wf)");
        mysql_select_db($this->rbac_site_name, $this->connection_database);
        // The mysql_escape_string function has been DEPRECATED as of PHP 5.3.0.
        // $this->run_query('UPDATE USERS SET USR_USERNAME = \''.mysql_escape_string($this->options['admin']['username']).'\', `USR_PASSWORD` = \''.md5($this->options['admin']['password']).'\' WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1',
        //   "Add 'admin' user in ProcessMaker (rb)");
-        $this->run_query('UPDATE RBAC_USERS SET USR_USERNAME = \'' . mysql_real_escape_string($this->options['admin']['username']) . '\', ' . '  `USR_PASSWORD` = \'' . md5($this->options['admin']['password']) . '\' ' . '  WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', "Add 'admin' user in ProcessMaker (rb)");
+        $this->run_query('UPDATE RBAC_USERS SET USR_USERNAME = \'' . mysql_real_escape_string($this->options['admin']['username']) . '\', ' . '  `USR_PASSWORD` = \'' . G::encryptOld($this->options['admin']['password']) . '\' ' . '  WHERE `USR_UID` = \'00000000000000000000000000000001\' LIMIT 1', "Add 'admin' user in ProcessMaker (rb)");
    }

    /**
--- a/workflow/engine/classes/class.Upgrade.php
+++ b/workflow/engine/classes/class.Upgrade.php
@@ -104,11 +104,11 @@ class Upgrade
            $archiveMD5 = $checksum;
            if (strcasecmp($archiveMD5, $installedMD5) != 0) {
                $changedFiles[] = $filename;
-                if (!is_dir(dirname("$backupDir/$filename"))) {
-                    mkdir(dirname("$backupDir/$filename"), 0777, true);
+                if (!is_dir(dirname($backupDir.'/'.$filename))) {
+                    mkdir(dirname($backupDir.'/'.$filename), 0777, true);
                }
                if (file_exists($installedFile) && is_file($installedFile)) {
-                    copy($installedFile, "$backupDir/$filename");
+                    copy($installedFile, $backupDir.'/'.$filename);
                }
                if (!is_dir(dirname($installedFile))) {
                    mkdir(dirname($installedFile), 0777, true);
--- a/workflow/engine/classes/class.archive.php
+++ b/workflow/engine/classes/class.archive.php
@@ -713,7 +713,7 @@ class zip_file extends archive
            } elseif ($fp = @fopen( $current['name'], "rb" )) {
                $temp = fread( $fp, $current['stat'][7] );
                fclose( $fp );
-                $crc32 = crc32( $temp );
+                $crc32 = G::encryptCrc32( $temp );
                if (! isset( $current['method'] ) && $this->options['method'] == 1) {
                    $temp = gzcompress( $temp, $this->options['level'] );
                    $size = strlen( $temp ) - 6;
--- a/workflow/engine/classes/class.case.php
+++ b/workflow/engine/classes/class.case.php
@@ -5687,7 +5687,7 @@ class Cases
    {
        //CASE INSENSITIVE pin
        $pin = G::toUpper($pin);
-        $pin = md5($pin);
+        $pin = G::encryptOld($pin);

        $oCriteria = new Criteria('workflow');
        $oCriteria->addSelectColumn(ApplicationPeer::APP_UID);
--- a/workflow/engine/classes/class.license.app.php
+++ b/workflow/engine/classes/class.license.app.php
@@ -420,7 +420,7 @@ class license_application extends padl
            $DATA = $this->_unwrap_license($dat_str);
            if (is_array($DATA)) {
                # missing / incorrect id therefore it has been tampered with
-                if ($DATA['ID'] != md5($this->ID1)) {
+                if ($DATA['ID'] != G::encryptOld($this->ID1)) {
                    $DATA['RESULT'] = 'CORRUPT';
                }
                if ($this->USE_TIME) {
@@ -463,7 +463,7 @@ class license_application extends padl
                        # create the details to send to the home server
                        $stuff_to_send = array();
                        $stuff_to_send['LICENSE_DATA'] = $DATA;
-                        $stuff_to_send['LICENSE_DATA']['KEY'] = md5($dat_str);
+                        $stuff_to_send['LICENSE_DATA']['KEY'] = G::encryptOld($dat_str);
                        # dial home
                        $DATA['RESULT'] = $this->_call_home($stuff_to_send, $dialhost, $dialpath, $dialport);
                    } else {
--- a/workflow/engine/classes/class.pmFunctions.php
+++ b/workflow/engine/classes/class.pmFunctions.php
@@ -2234,7 +2234,7 @@ function setCaseTrackerCode ($sApplicationUID, $sCode, $sPIN = '')
        $aFields['APP_PROC_CODE'] = $sCode;
        if ($sPIN != '') {
            $aFields['APP_DATA']['PIN'] = $sPIN;
-            $aFields['APP_PIN'] = md5( $sPIN );
+            $aFields['APP_PIN'] = G::encryptOld( $sPIN );
        }
        $oCase->updateCase( $sApplicationUID, $aFields );
        if (isset($_SESSION['APPLICATION'])) {
--- a/workflow/engine/classes/model/AppHistory.php
+++ b/workflow/engine/classes/model/AppHistory.php
@@ -130,6 +130,7 @@ class AppHistory extends BaseAppHistory

        $c->add(AppHistoryPeer::PRO_UID, $PRO_UID);
        $c->add(AppHistoryPeer::APP_UID, $APP_UID);
+        $c->add(AppHistoryPeer::TAS_UID, $TAS_UID);
        if ((isset($DYN_UID))&&($DYN_UID!="")) {
            $c->add(AppHistoryPeer::DYN_UID, $DYN_UID);
        }
--- a/workflow/engine/classes/model/Event.php
+++ b/workflow/engine/classes/model/Event.php
@@ -196,7 +196,7 @@ class Event extends BaseEvent
                $oEvent->setTriUid( $oTrigger->getTriUid() );

                $parameters = new StdClass();
-                $parameters->hash = md5( $oTrigger->getTriWebbot() );
+                $parameters->hash = G::encryptOld( $oTrigger->getTriWebbot() );

                if (isset( $aData['EVN_ACTION_PARAMETERS']->SUBJECT )) {
                    $parameters->SUBJECT = $aData['EVN_ACTION_PARAMETERS']->SUBJECT;
@@ -327,7 +327,7 @@ class Event extends BaseEvent
                    $aTrigger['TRI_WEBBOT'] = $sTrigger;
                    $oTrigger->update( $aTrigger );
                    $oParameters = new StdClass();
-                    $oParameters->hash = md5( $sTrigger );
+                    $oParameters->hash = G::encryptOld( $sTrigger );
                    $oParameters->SUBJECT = $aData['EVN_ACTION_PARAMETERS']['SUBJECT'];
                    $oParameters->TO = $aData['EVN_ACTION_PARAMETERS']['TO'];
                    $oParameters->CC = $aData['EVN_ACTION_PARAMETERS']['CC'];
--- a/workflow/engine/classes/model/FieldCondition.php
+++ b/workflow/engine/classes/model/FieldCondition.php
@@ -150,7 +150,7 @@ class FieldCondition extends BaseFieldCondition

        if (sizeof( $aRows ) != 0) {
            foreach ($aRows as $aRow) {
-                $hashCond = md5( $aRow['FCD_UID'] );
+                $hashCond = G::encryptOld( $aRow['FCD_UID'] );
                $sCondition = $this->parseCondition( $aRow['FCD_CONDITION'] );
                $sCondition = addslashes( $sCondition );

--- a/workflow/engine/classes/model/Translation.php
+++ b/workflow/engine/classes/model/Translation.php
@@ -638,7 +638,7 @@ class Translation extends BaseTranslation
        include PATH_TRUNK .'vendor/colosa/MichelangeloFE/' . 'labels.php';

        foreach ($labels as $key => $row) {
-            $this->addTranslation ('LABEL', 'ID_MAFE_'.MD5($row), $lang, $row);
+            $this->addTranslation ('LABEL', 'ID_MAFE_'.G::encryptOld($row), $lang, $row);
        }
    }
 }
--- a/workflow/engine/classes/triggers/class.pmSugarFunctions.php
+++ b/workflow/engine/classes/triggers/class.pmSugarFunctions.php
@@ -1,4 +1,4 @@
-<?php
+<?php

 /**
 * class.pmSugar.pmFunctions.php
@@ -51,7 +51,7 @@ function getSoapClientOptions ()
 function sugarLogin ($sugarSoap, $user, $password)
 {
    $client = new SoapClient( $sugarSoap, getSoapClientOptions() );
-    $auth_array = array ('user_auth' => array ('user_name' => $user,'password' => md5( $password ),'version' => '1.0') );
+    $auth_array = array ('user_auth' => array ('user_name' => $user,'password' => G::encryptOld( $password ),'version' => '1.0') );
    $login_results = $client->__SoapCall( 'login', $auth_array );
    $session_id = $login_results->id;
    $user_guid = $client->__SoapCall( 'get_user_id', array ($session_id) );
--- a/workflow/engine/controllers/caseSchedulerProxy.php
+++ b/workflow/engine/controllers/caseSchedulerProxy.php
@@ -174,7 +174,7 @@ class caseSchedulerProxy extends HttpProxyController
        $aData['SCH_UID'] = G::generateUniqueID();
        $aData['SCH_NAME'] = $params->fDescription; //$_POST['form']['SCH_NAME'];
        $aData['SCH_DEL_USER_NAME'] = $params->fUser; //$_POST['form']['SCH_USER_NAME'];
-        $aData['SCH_DEL_USER_PASS'] = md5( $params->fPassword );
+        $aData['SCH_DEL_USER_PASS'] = G::encryptOld( $params->fPassword );
        $aData['SCH_DEL_USER_UID'] = $params->usr_uid; //$_POST['form']['SCH_USER_UID'];
        $aData['PRO_UID'] = $params->pro_uid; //$_POST['form']['PRO_UID'];
        $aData['TAS_UID'] = $params->tas_uid; //$_POST['form']['TAS_UID'];
--- a/workflow/engine/methods/authSources/authSources_ImportUsers.php
+++ b/workflow/engine/methods/authSources/authSources_ImportUsers.php
@@ -40,7 +40,7 @@ foreach ($_POST['aUsers'] as $sUser) {
    $matches = array ();
    $aUser = (array) Bootstrap::json_decode( stripslashes( $sUser ) );
    $aData['USR_USERNAME'] = str_replace( "*", "'", $aUser['sUsername'] );
-    $aData['USR_PASSWORD'] = md5( str_replace( "*", "'", $aUser['sUsername'] ) );
+    $aData['USR_PASSWORD'] = G::encryptOld( str_replace( "*", "'", $aUser['sUsername'] ) );
    // note added by gustavo gustavo-at-colosa.com
    // asign the FirstName and LastName variables
    // add replace to change D*Souza to D'Souza by krlos
@@ -72,7 +72,7 @@ foreach ($_POST['aUsers'] as $sUser) {
    }
    $aData['USR_STATUS'] = 'ACTIVE';
    $aData['USR_UID'] = $sUserUID;
-    $aData['USR_PASSWORD'] = md5( $sUserUID ); //fake :p
+    $aData['USR_PASSWORD'] = G::encryptOld( $sUserUID ); //fake :p
    $aData['USR_ROLE'] = 'PROCESSMAKER_OPERATOR';

    if (count($aAttributes)) {
--- a/workflow/engine/methods/cases/ajaxListener.php
+++ b/workflow/engine/methods/cases/ajaxListener.php
@@ -851,7 +851,7 @@ class Ajax
        $_POST["DYN_UID"] = $_REQUEST["DYN_UID"];

        $G_PUBLISH = new Publisher();
-        $FieldsHistory = unserialize($_SESSION["HISTORY_DATA"]);
+        $FieldsHistory = $_SESSION["HISTORY_DATA"];
        $Fields["APP_DATA"] = $FieldsHistory[$_POST["HISTORY_ID"]]; //isset($FieldsHistory[$_POST["HISTORY_ID"]])? $FieldsHistory[$_POST["HISTORY_ID"]] : "";
        $Fields["APP_DATA"]["__DYNAFORM_OPTIONS"]["PREVIOUS_STEP_LABEL"] = "";
        $Fields["APP_DATA"]["__DYNAFORM_OPTIONS"]["NEXT_STEP_LABEL"] = "";
--- a/workflow/engine/methods/cases/casesHistoryDynaformPage_Ajax.php
+++ b/workflow/engine/methods/cases/casesHistoryDynaformPage_Ajax.php
@@ -383,7 +383,7 @@ if ($actionAjax == 'dynaformChangeLogViewHistory') {

    global $G_PUBLISH;
    $G_PUBLISH = new Publisher();
-    $FieldsHistory = unserialize( $_SESSION['HISTORY_DATA'] );
+    $FieldsHistory = $_SESSION['HISTORY_DATA'];
    $Fields['APP_DATA'] = $FieldsHistory[$_POST['HISTORY_ID']];
    $Fields['APP_DATA']['__DYNAFORM_OPTIONS']['PREVIOUS_STEP_LABEL'] = '';
    $Fields['APP_DATA']['__DYNAFORM_OPTIONS']['NEXT_STEP_LABEL'] = '';
--- a/workflow/engine/methods/cases/casesList_Ajax.php
+++ b/workflow/engine/methods/cases/casesList_Ajax.php
@@ -549,7 +549,7 @@ if ($actionAjax == 'dynaformChangeLogViewHistory') {

    global $G_PUBLISH;
    $G_PUBLISH = new Publisher();
-    $FieldsHistory = unserialize( $_SESSION['HISTORY_DATA'] );
+    $FieldsHistory = $_SESSION['HISTORY_DATA'];
    $Fields['APP_DATA'] = $FieldsHistory[$_POST['HISTORY_ID']];
    $Fields['APP_DATA']['__DYNAFORM_OPTIONS']['PREVIOUS_STEP_LABEL'] = '';
    $Fields['APP_DATA']['__DYNAFORM_OPTIONS']['NEXT_STEP_LABEL'] = '';
--- a/workflow/engine/methods/cases/casesStartPage_Ajax.php
+++ b/workflow/engine/methods/cases/casesStartPage_Ajax.php
@@ -75,7 +75,7 @@ function getProcessList ()
        if (1) {
            foreach ($processList as $key => $processInfo) {
                $tempTree['text'] = $key;
-                $tempTree['id'] = md5($key);
+                $tempTree['id'] = G::encryptOld($key);
                $tempTree['cls'] = 'folder';
                $tempTree['draggable'] = true;
                $tempTree['optionType'] = "category";
@@ -92,7 +92,7 @@ function getProcessList ()
                    //print_r($processInfo);
                    $tempTreeChild['text'] = htmlentities($keyChild, ENT_QUOTES, 'UTF-8'); //ellipsis ( $keyChild, 50 );
                    //$tempTree['text']=$key;
-                    $tempTreeChild['id'] = md5($keyChild);
+                    $tempTreeChild['id'] = G::encryptOld($keyChild);
                    $tempTreeChild['draggable'] = true;
                    $tempTreeChild['leaf'] = true;
                    $tempTreeChild['icon'] = '/images/icon.trigger.png';
--- a/workflow/engine/methods/cases/cases_Ajax.php
+++ b/workflow/engine/methods/cases/cases_Ajax.php
@@ -700,7 +700,7 @@ switch (($_POST['action']) ? $_POST['action'] : $_REQUEST['action']) {
        break;
    case 'showDynaformHistory':
        $G_PUBLISH = new Publisher();
-        $FieldsHistory = unserialize( $_SESSION['HISTORY_DATA'] );
+        $FieldsHistory = $_SESSION['HISTORY_DATA'];
        $Fields['APP_DATA'] = $FieldsHistory[$_POST['HISTORY_ID']];
        $Fields['APP_DATA']['__DYNAFORM_OPTIONS']['PREVIOUS_STEP_LABEL'] = '';
        $Fields['APP_DATA']['__DYNAFORM_OPTIONS']['NEXT_STEP_LABEL'] = '';
--- a/workflow/engine/methods/enterprise/processMakerAjax.php
+++ b/workflow/engine/methods/enterprise/processMakerAjax.php
@@ -129,7 +129,7 @@ switch ($option) {
            }

            ///////
-            $boundary = "---------------------" . substr(md5(rand(0, 32000)), 0, 10);
+            $boundary = "---------------------" . substr(G::encryptOld(rand(0, 32000)), 0, 10);
            $data = null;

            $data = $data . "--$boundary\n";
--- a/workflow/engine/methods/events/eventsEditAction.php
+++ b/workflow/engine/methods/events/eventsEditAction.php
@@ -45,7 +45,7 @@ $parameters = unserialize( $oEvent->getEvnActionParameters() );
 //g::pr($parameters); die;
 $aTrigger = $oTrigger->load( $aFields['TRI_UID'] );

-$hash = md5( $oTrigger->getTriWebbot() );
+$hash = G::encryptOld( $oTrigger->getTriWebbot() );
 //var_dump($hash,$parameters->hash);die;
 //if the hash is different, the script was edited , so we will show the trigger editor.
 if ((isset( $parameters->hash ) && $hash != $parameters->hash) || $aFields['EVN_ACTION'] == 'EXECUTE_TRIGGER' || $aFields['EVN_ACTION'] == 'EXECUTE_CONDITIONAL_TRIGGER') {
--- a/workflow/engine/methods/install/r.php
+++ b/workflow/engine/methods/install/r.php
@@ -27,14 +27,14 @@ if(isset($_GET['gen'])) {
 <?php

 if (isset( $_GET['gen'] )) {
-    $sh = md5( filemtime( PATH_GULLIVER . "/class.g.php" ) );
+    $sh = G::encryptOld( filemtime( PATH_GULLIVER . "/class.g.php" ) );
    $h = G::encrypt( $_GET['srv'] . $sh . $_GET['usr'] . $sh . $_GET['pass'] . $sh . (1), $sh );
    echo "HASH_INSTALLATION<br/>";
    echo "<textarea cols=120>$h</textarea><br/>";
    echo "SYSTEM_HASH<br/>";
    echo "<textarea cols=120>$sh</textarea>";
 } elseif (isset( $_GET['reg'] )) {
-    $sh = md5( filemtime( PATH_GULLIVER . "/class.g.php" ) );
+    $sh = G::encryptOld( filemtime( PATH_GULLIVER . "/class.g.php" ) );
    $h = G::encrypt( $_GET['srv'] . $sh . $_GET['usr'] . $sh . $_GET['pass'] . $sh . (1), $sh );
    echo "HASH_INSTALLATION<br/>";
    echo "<textarea cols=120>$h</textarea><br/>";
--- a/workflow/engine/methods/login/authentication.php
+++ b/workflow/engine/methods/login/authentication.php
@@ -253,7 +253,7 @@ try {
        file_put_contents(PATH_DATA_SITE . PATH_SEP . '.server_info', $cput);
    } else {
        $c = file_get_contents(PATH_DATA_SITE . PATH_SEP . '.server_info');
-        if (md5($c) != md5($cput)) {
+        if (G::encryptOld($c) != G::encryptOld($cput)) {
            file_put_contents(PATH_DATA_SITE . PATH_SEP . '.server_info', $cput);
        }
    }
@@ -286,7 +286,7 @@ try {
        die();
    }

-    $aUserProperty = $oUserProperty->loadOrCreateIfNotExists($_SESSION['USER_LOGGED'], array('USR_PASSWORD_HISTORY' => serialize(array(md5($pwd)))));
+    $aUserProperty = $oUserProperty->loadOrCreateIfNotExists($_SESSION['USER_LOGGED'], array('USR_PASSWORD_HISTORY' => serialize(array(G::encryptOld($pwd)))));
    $aErrors       = $oUserProperty->validatePassword($_POST['form']['USR_PASSWORD'], $aUserProperty['USR_LAST_UPDATE_DATE'], $aUserProperty['USR_LOGGED_NEXT_TIME'], true);

    if (!empty($aErrors) && in_array("ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN", $aErrors)) {
--- a/workflow/engine/methods/login/login.php
+++ b/workflow/engine/methods/login/login.php
@@ -146,7 +146,7 @@ if (!class_exists('pmLicenseManager')) {
  G::LoadClass('pmLicenseManager');
 }
 $licenseManager =& pmLicenseManager::getSingleton();
-if (in_array(md5($licenseManager->result), array('38afd7ae34bd5e3e6fc170d8b09178a3', 'ba2b45bdc11e2a4a6e86aab2ac693cbb'))) {
+if (in_array(G::encryptOld($licenseManager->result), array('38afd7ae34bd5e3e6fc170d8b09178a3', 'ba2b45bdc11e2a4a6e86aab2ac693cbb'))) {
    $G_PUBLISH = new Publisher();
    $G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/licenseExpired', '', array(), 'licenseUpdate');
    G::RenderPage('publish');
--- a/workflow/engine/methods/roles/roles_Ajax.php
+++ b/workflow/engine/methods/roles/roles_Ajax.php
@@ -31,7 +31,7 @@ switch ($REQUEST) {
        G::RenderPage( 'publish', 'raw' );
        break;
    case 'saveNewRole':
-        $newid = md5( $_POST['code'] . date( "d-M-Y_H:i:s" ) );
+        $newid = G::encryptOld( $_POST['code'] . date( "d-M-Y_H:i:s" ) );
        $aData['ROL_UID'] = $newid;
        //$aData['ROL_PARENT'] = $_POST['parent'];
        $aData['ROL_SYSTEM'] = '00000000000000000000000000000002';
@@ -162,13 +162,13 @@ switch ($REQUEST) {
        foreach ($aUserIuds as $key => $val) {
            $sData['USR_UID'] = $val;
            $sData['ROL_UID'] = $ROL_UID;
-            if ($sData['USR_UID'] == '00000000000000000000000000000001') {
+            if ($sData['USR_UID'] == '00000000000000000000000000000001') {
                if ($sData['ROL_UID'] != 'PROCESSMAKER_ADMIN') {
                    $response = new stdclass();
 					$response->userRole = true;
-					echo G::json_encode($response);
-                    break;
-                }
+					echo G::json_encode($response);
+                    break;
+                }
            }
            $RBAC->assignUserToRole( $sData );
        }
--- a/workflow/engine/methods/services/demoSoap.php
+++ b/workflow/engine/methods/services/demoSoap.php
@@ -178,7 +178,7 @@ ini_set( "soap.wsdl_cache_enabled", "0" ); // disabling WSDL cache
 switch ($action) {
    case 'login':
        $user = $_POST["user"];
-        $pass = md5( $_POST["pass"] );
+        $pass = G::encryptOld( $_POST["pass"] );
        $wsdl = $endpoint;
        //$client = new SoapClient( $endpoint );
        $client = new SoapClient( null, array ('location' => $endpoint,'uri' => 'http://www.sugarcrm.com/sugarcrm','soap_version' => SOAP_1_1,        //SOAP_1_2 - 1.2 not supported by sugar nusoap
--- a/workflow/engine/methods/triggers/triggers_Edit.php
+++ b/workflow/engine/methods/triggers/triggers_Edit.php
@@ -40,7 +40,7 @@ if (isset( $_GET['TRI_UID'] )) {
    if ($aFields['TRI_PARAM'] != '' && ! $editWizardSource) {
        $aTriggerData = unserialize( $aFields['TRI_PARAM'] );
        // if the trigger has been modified manually, it cant be edited with the wizard.
-        if (md5( $aFields['TRI_WEBBOT'] ) == $aTriggerData['hash']) {
+        if (G::encryptOld( $aFields['TRI_WEBBOT'] ) == $aTriggerData['hash']) {
            $triUid = $_GET['TRI_UID'];
            $STEP_UID = isset($_GET['STEP_UID'])?$_GET['STEP_UID']:'';
            $ST_TYPE = isset($_GET['ST_TYPE'])?$_GET['ST_TYPE']:'';
--- a/workflow/engine/methods/triggers/triggers_WizardSave.php
+++ b/workflow/engine/methods/triggers/triggers_WizardSave.php
@@ -99,7 +99,7 @@ $sPMfunction .= $aDataTriggers['PMFUNTION_NAME'] . " (" . implode(",", $methodPa
 //Create Trigger
 $aDataTriggers['TRI_WEBBOT'] = $sPMfunction;
 $aDataTriggersParams = array();
-$aDataTriggersParams['hash'] = md5($sPMfunction);
+$aDataTriggersParams['hash'] = G::encryptOld($sPMfunction);
 $aDataTriggersParams['params'] = $aDataTriggers;

 $aDataTriggers['TRI_PARAM'] = serialize($aDataTriggersParams);
--- a/workflow/engine/methods/triggers/triggers_WizardUpdate.php
+++ b/workflow/engine/methods/triggers/triggers_WizardUpdate.php
@@ -102,7 +102,7 @@ $sPMfunction .= $aDataTriggers['PMFUNTION_NAME'] . " (" . implode(",", $methodPa
 //Create Trigger
 $aDataTriggers['TRI_WEBBOT'] = $sPMfunction;
 $aDataTriggersParams = array();
-$aDataTriggersParams['hash'] = md5($sPMfunction);
+$aDataTriggersParams['hash'] = G::encryptOld($sPMfunction);
 $aDataTriggersParams['params'] = $aDataTriggers;

 $aDataTriggers['TRI_PARAM'] = serialize($aDataTriggersParams);
--- a/workflow/engine/methods/users/myInfo_Save.php
+++ b/workflow/engine/methods/users/myInfo_Save.php
@@ -68,7 +68,7 @@ try {
            $aData['USR_PASSWORD'] = $_POST['form']['USR_PASSWORD'];
            require_once 'classes/model/UsersProperties.php';
            $oUserProperty = new UsersProperties();
-            $aUserProperty = $oUserProperty->loadOrCreateIfNotExists( $_POST['form']['USR_UID'], array ('USR_PASSWORD_HISTORY' => serialize( array (md5( $_POST['form']['USR_NEW_PASS'] )
+            $aUserProperty = $oUserProperty->loadOrCreateIfNotExists( $_POST['form']['USR_UID'], array ('USR_PASSWORD_HISTORY' => serialize( array (G::encryptOld( $_POST['form']['USR_NEW_PASS'] )
            ) )
            ) );
            $aErrors = $oUserProperty->validatePassword( $_POST['form']['USR_NEW_PASS'], $aUserProperty['USR_LAST_UPDATE_DATE'], $aUserProperty['USR_LOGGED_NEXT_TIME'] );
@@ -120,7 +120,7 @@ try {
    $aData['USR_DUE_DATE'] = $_POST['form']['USR_DUE_DATE'];
    $aData['USR_UPDATE_DATE'] = date( 'Y-m-d H:i:s' );
    $RBAC->updateUser( $aData );
-    $aData['USR_PASSWORD'] = md5( $_POST['form']['USR_USERNAME'] ); //fake :p
+    $aData['USR_PASSWORD'] = G::encryptOld( $_POST['form']['USR_USERNAME'] ); //fake :p
    $aData['USR_COUNTRY'] = $_POST['form']['USR_COUNTRY'];
    $aData['USR_CITY'] = $_POST['form']['USR_CITY'];
    $aData['USR_LOCATION'] = $_POST['form']['USR_LOCATION'];
--- a/workflow/engine/methods/users/users_Save.php
+++ b/workflow/engine/methods/users/users_Save.php
@@ -91,7 +91,7 @@ try {
        $sUserUID = $RBAC->createUser( $aData, $form['USR_ROLE'] );
        $aData['USR_STATUS'] = $statusWF;
        $aData['USR_UID'] = $sUserUID;
-        $aData['USR_PASSWORD'] = md5( $sUserUID ); //fake :p
+        $aData['USR_PASSWORD'] = G::encryptOld( $sUserUID ); //fake :p
        $aData['USR_COUNTRY'] = $form['USR_COUNTRY'];
        $aData['USR_CITY'] = $form['USR_CITY'];
        $aData['USR_LOCATION'] = $form['USR_LOCATION'];
@@ -130,7 +130,7 @@ try {
                $aData['USR_PASSWORD'] = $form['USR_PASSWORD'];
                require_once 'classes/model/UsersProperties.php';
                $oUserProperty = new UsersProperties();
-                $aUserProperty = $oUserProperty->loadOrCreateIfNotExists( $form['USR_UID'], array ('USR_PASSWORD_HISTORY' => serialize( array (md5( $form['USR_PASSWORD'] )
+                $aUserProperty = $oUserProperty->loadOrCreateIfNotExists( $form['USR_UID'], array ('USR_PASSWORD_HISTORY' => serialize( array (G::encryptOld( $form['USR_PASSWORD'] )
                ) )
                ) );

--- a/workflow/engine/templates/cases/cases_DynaformHistory.php
+++ b/workflow/engine/templates/cases/cases_DynaformHistory.php
@@ -172,7 +172,7 @@ if (!isset($changedValues)) {
    $tpl->assign("noResults", G::LoadTranslation("ID_NO_RECORDS_FOUND"));
 }

-$_SESSION['HISTORY_DATA'] = serialize($historyData);
+$_SESSION['HISTORY_DATA'] = $historyData;
 $tpl->gotoBlock("_ROOT");

 $tpl->printToScreen();
--- a/workflow/engine/templates/cases/open.js
+++ b/workflow/engine/templates/cases/open.js
@@ -1539,24 +1539,23 @@ Ext.onReady(function(){
 	                  TabPanel.setActiveTab(tabId);
 	                }
 	                else {
-                    if(!isBrowserIE()){
-                      TabPanel.add({
-                          id: tabId,
-                          title: menuSelectedTitle[name],
-                          frameConfig: {name: name + 'Frame', id: name + 'Frame'},
-                          defaultSrc: uri,
-                          loadMask: {msg: _('ID_LOADING_GRID') + '...'},
-                          autoWidth: true,
-                          closable: true,
-                          autoScroll: true,
-                          bodyStyle: {height: (PMExt.getBrowser().screen.height - 60) + 'px', overflow: 'auto'}
-                      }).show();
-
-                      TabPanel.doLayout();
-                    }else{
-                      var windContainer = window.open(uri,"winContainer");
-                    }
-	              }
+	                  if(name == "processMap" && isBrowserIE()){
+	                      var windContainer = window.open(uri,"winContainer");
+	                  } else {
+	                      TabPanel.add({
+	                         id: tabId,
+	                         title: menuSelectedTitle[name],
+	                         frameConfig:{name: name + 'Frame', id: name + 'Frame'},
+	                         defaultSrc : uri,
+	                         loadMask:{msg:_('ID_LOADING_GRID')+'...'},
+	                         autoWidth: true,
+	                         closable:true,
+	                         autoScroll: true,
+	                         bodyStyle:{height: (PMExt.getBrowser().screen.height-60) + 'px', overflow:'auto'}
+	                      }).show();
+	                      TabPanel.doLayout();
+	                  }
+	                }
 	            }
 	          },
 	          failure: function ( result, request) {
--- a/workflow/public_html/sysGeneric.php
+++ b/workflow/public_html/sysGeneric.php
@@ -151,7 +151,7 @@ if (file_exists($requestFile)) {
    header ( 'Pragma: cache' );
    $mtime = filemtime ( $requestFile );
    $gmt_mtime = gmdate ( "D, d M Y H:i:s", $mtime ) . " GMT";
-    header ( 'ETag: "' . md5 ( $mtime . $requestFile ) . '"' );
+    header ( 'ETag: "' . Bootstrap::encryptOld ( $mtime . $requestFile ) . '"' );
    header ( "Last-Modified: " . $gmt_mtime );
    header ( 'Cache-Control: public' );
    $userAgent = strtolower ( $_SERVER ['HTTP_USER_AGENT'] );
@@ -165,7 +165,7 @@ if (file_exists($requestFile)) {
            }
        }
        if (isset ( $_SERVER ['HTTP_IF_NONE_MATCH'] )) {
-            if (str_replace ( '"', '', stripslashes ( $_SERVER ['HTTP_IF_NONE_MATCH'] ) ) == md5 ( $mtime . $requestFile )) {
+            if (str_replace ( '"', '', stripslashes ( $_SERVER ['HTTP_IF_NONE_MATCH'] ) ) == Bootstrap::encryptOld ( $mtime . $requestFile )) {
                header ( "HTTP/1.1 304 Not Modified" );
            }
        }