fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in release/3.2.2 (pull request #6128)

Browse Source 
release/3.2.2

Approved-by: Paula Quispe <paula.quispe@processmaker.com>
This commit is contained in:
Paula Quispe
2017-10-20 12:47:58 +00:00
parent 2032b5076a 4eb81fd01e
commit dd317925c5
24 changed files with 719 additions and 511 deletions
Download Patch File Download Diff File Expand all files Collapse all files

722
gulliver/methods/genericAjax.php
View File

@@ -1,228 +1,266 @@
<?php <?php
$filter = new InputFilter(); $filter = new InputFilter();
$_GET = $filter->xssFilterHard($_GET,"url"); $_GET = $filter->xssFilterHard($_GET, "url");
$_POST = $filter->xssFilterHard($_POST,"url"); $_POST = $filter->xssFilterHard($_POST, "url");
$_REQUEST = $filter->xssFilterHard($_REQUEST,"url"); $_REQUEST = $filter->xssFilterHard($_REQUEST, "url");
$_SESSION = $filter->xssFilterHard($_SESSION,"url"); $_SESSION = $filter->xssFilterHard($_SESSION, "url");
$request = isset($_POST['request'])? $_POST['request']: null; $request = isset($_POST['request']) ? $_POST['request'] : null;
if( !isset($request) ){
$request = isset($_GET['request'])? $_GET['request']: null; if (!isset($request)) {
$request = isset($_GET['request']) ? $_GET['request'] : null;
} }
if( isset($request) ){ if (isset($request)) {
switch($request){ switch ($request) {
case 'deleteGridRowOnDynaform': case 'deleteGridRowOnDynaform':
//This code is to update the SESSION variable for dependent fields in grids //This code is to update the SESSION variable for dependent fields in grids
if (!defined("XMLFORM_AJAX_PATH")) { if (!defined("XMLFORM_AJAX_PATH")) {
define("XMLFORM_AJAX_PATH", PATH_XMLFORM); define("XMLFORM_AJAX_PATH", PATH_XMLFORM);
}
if (is_array($_SESSION[$_POST["formID"]][$_POST["gridname"]])) {
if (!is_array($_SESSION[$_POST["formID"]][$_POST["gridname"]])) {
$_SESSION[$_POST["formID"]][$_POST["gridname"]] = (array)$_SESSION[$_POST["formID"]][$_POST["gridname"]];
}
ksort($_SESSION[$_POST["formID"]][$_POST["gridname"]]);
$oFields = array();
$initialKey = 1;
foreach ($_SESSION[$_POST["formID"]][$_POST["gridname"]] as $key => $value) {
if ($key != $_POST["rowpos"]) {
$oFields[$initialKey] = $value;
$initialKey++;
}
}
unset($_SESSION[$_POST["formID"]][$_POST["gridname"]]);
$_SESSION[$_POST["formID"]][$_POST["gridname"]] = $oFields;
}
break;
/** widgets **/
case 'suggest':
try {
if(isset($_GET["inputEnconde64"])) {
$_GET['input'] = base64_decode($_GET['input']);
}
$sData = base64_decode(str_rot13($_GET['hash']));
list($SQL, $DB_UID) = explode('@|', $sData);
// Remplace values for dependent fields
$aDependentFieldsKeys = explode("|", base64_decode(str_rot13($_GET['dependentFieldsKeys'])));
$aDependentFieldsValue = explode("|", $_GET['dependentFieldsValue']);
if ($aDependentFieldsKeys) {
$aDependentFields = array();
foreach ($aDependentFieldsKeys as $nKey => $sFieldVar ) {
$sKeyDepFields = substr($sFieldVar, 2);
$aDependentFields[$sKeyDepFields] = $aDependentFieldsValue[$nKey];
}
$SQL = G::replaceDataField($SQL, $aDependentFields);
}
// Parsed SQL Structure
$parser = new PHPSQLParser($SQL);
$searchType = $_GET["searchType"];
// Verif parsed array
// print_r($parser->parsed);
$SQL = queryModified($parser->parsed, $_GET['input'], $searchType);
$aRows = Array();
try {
$con = Propel::getConnection($DB_UID);
$con->begin();
$rs = $con->executeQuery($SQL);
$con->commit();
while ( $rs->next() ) {
array_push($aRows, $rs->getRow());
}
} catch (SQLException $sqle) {
$con->rollback();
}
$input = strtolower( $_GET['input'] );
$len = strlen($input);
$limit = isset($_GET['limit']) ? (int) $_GET['limit'] : 0;
$aResults = array();
$count = 0;
$aRows = sortByChar($aRows, $input);
if ($len){
for ($i=0;$i<count($aRows);$i++){
$aRow = $aRows[$i];
$nCols = sizeof($aRow);
$aRow = array_values($aRow);
switch( $nCols ){
case 1:
$id = $aRow[0];
$value = $aRow[0];
$info = '';
break;
case 2:
$id = $aRow[0];
$value = $aRow[1];
$info = '';
break;
case $nCols >= 3:
$id = $aRow[0];
$value = $aRow[1];
$info = $aRow[2];
break;
} }
if (is_array($_SESSION[$_POST["formID"]][$_POST["gridname"]])) {
if (!is_array($_SESSION[$_POST["formID"]][$_POST["gridname"]])) {
$_SESSION[$_POST["formID"]][$_POST["gridname"]] = (array)$_SESSION[$_POST["formID"]][$_POST["gridname"]];
}
ksort($_SESSION[$_POST["formID"]][$_POST["gridname"]]);
$oFields = array();
$initialKey = 1;
// had to use utf_decode, here foreach ($_SESSION[$_POST["formID"]][$_POST["gridname"]] as $key => $value) {
// not necessary if the results are coming from mysql if ($key != $_POST["rowpos"]) {
// $oFields[$initialKey] = $value;
$count++; $initialKey++;
$aResults[] = array( "id"=>$id ,"value"=>htmlspecialchars($value), "info"=>htmlspecialchars($info) ); }
}
} unset($_SESSION[$_POST["formID"]][$_POST["gridname"]]);
}
header ("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past $_SESSION[$_POST["formID"]][$_POST["gridname"]] = $oFields;
header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified }
header ("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header ("Pragma: no-cache"); // HTTP/1.0
if (isset($_REQUEST['json'])) {
header("Content-Type: application/json");
echo Bootstrap::json_encode(array("status" => 0, "results" => $aResults));
} else {
header("Content-Type: text/xml");
echo "<?xml version=\"1.0\" encoding=\"utf-8\" ?><results>";
for ($i=0;$i<count($aResults);$i++)
{
echo "<rs id=\"".$aResults[$i]['id']."\" info=\"".$aResults[$i]['info']."\">".$aResults[$i]['value']."</rs>";
}
echo "</results>";
}
} catch(Exception $e){
$err = $e->getMessage();
//$err = eregi_replace("[\n|\r|\n\r]", ' ', $err);
$err = preg_replace("[\n|\r|\n\r]", ' ', $err);//Made compatible to PHP 5.3
echo '{"status":1, "message":"'.$err.'"}';
}
break;
case 'storeInTmp':
if(!isset($_SESSION['USER_LOGGED'])) {
echo "{status: 1, message: \"success\"}";
break; break;
} /** widgets **/
try { case 'suggest':
$con = Propel::getConnection($_GET['cnn']);
if($_GET['pkt'] == 'int'){
$primaryKeyField = Propel::getDB($_GET['cnn'])->quoteIdentifier($_GET['pk']);
$tableName = Propel::getDB($_GET['cnn'])->quoteIdentifier($_GET['table']);
$rs = $con->executeQuery("SELECT MAX($primaryKeyField) as lastId FROM $tableName");
$rs->next();
$row = $rs->getRow();
$gKey = (int)$row['lastId'] + 1;
} else { try {
$gKey = G::encryptOld(date('Y-m-d H:i:s').'@'.rand());
}
// See above. Gross, but it works.
$field = mysql_real_escape_string($_GET['fld']);
$field = str_replace("`", "", $field);
$query = "INSERT INTO $tableName ($primaryKeyField, $field) VALUES (?, ?)"; // '$gKey', '{$_GET['value']}')";
$rs = $con->prepareStatement($query); if (isset($_GET["inputEnconde64"])) {
$rs->set(1, $gKey); $_GET['input'] = base64_decode($_GET['input']);
$rs->set(2, $_GET['value']); }
$rs->executeQuery();
echo "{status: 1, message: \"success\"}"; if (!isset($_GET['form']) || !isset($_GET['variable'])) {
} catch (Exception $e) { throw new Exception('Please contact the system administrator.');
$err = $e->getMessage(); }
//$err = eregi_replace("[\n|\r|\n\r]", ' ', $err);
$err = preg_replace("[\n|\r|\n\r]", " ", $err); //Made compatible to PHP 5.3 $gridName = isset($_GET['grid']) ? $_GET['grid'] : '';
echo "{status: 0, message: \"" . $err . "\"}"; //When is a grid the form parameter include the name of grid
} $xmlFile = str_replace($gridName, '', $_GET['form']);
break; //We will to get the form and variable and the query related
} $xmlFile = G::getUIDName(urlDecode($xmlFile));
$gridName = isset($_GET['grid']) ? $_GET['grid'] : '';
$xmlFile = str_replace($gridName, '', $xmlFile);
$myForm = new Form($xmlFile, PATH_DYNAFORM);
$myForm->id = urlDecode($_GET['form']);
$bdUid = 'workflow';
if (isset($_GET['type']) && $_GET['type']==='form' && isset($myForm->fields[$_GET['variable']]->sql)) {
$sqlQuery = $myForm->fields[$_GET['variable']]->sql;
if (isset($myForm->fields[$_GET['variable']]->sqlConnection) && !empty($myForm->fields[$_GET['variable']]->sqlConnection)) {
$bdUid = $myForm->fields[$_GET['variable']]->sqlConnection;
}
} elseif (isset($_GET['type']) && $_GET['type']==='grid' && isset($myForm->fields[$_GET['grid']])) {
foreach ($myForm->fields[$_GET['grid']] as $index => $value) {
if (is_array($value) && isset($value[$_GET['variable']])) {
$newObj = $value[$_GET['variable']];
$sqlQuery = $newObj->sql;
if (isset($newObj->sqlConnection) && !empty($newObj->sqlConnection)) {
$bdUid = $newObj->sqlConnection;
}
}
}
} else {
throw new Exception('The variable with ' . $_GET['variable'] . ' does not defined in the form.');
}
// Replace values for dependent fields
$aDependentFieldsKeys = explode("|", base64_decode(str_rot13($_GET['dependentFieldsKeys'])));
$aDependentFieldsValue = explode("|", $_GET['dependentFieldsValue']);
if ($aDependentFieldsKeys) {
$aDependentFields = array();
foreach ($aDependentFieldsKeys as $nKey => $sFieldVar) {
$sKeyDepFields = substr($sFieldVar, 2);
$aDependentFields[$sKeyDepFields] = $aDependentFieldsValue[$nKey];
}
$sqlQuery = G::replaceDataField($sqlQuery, $aDependentFields);
}
// Parsed SQL Structure
$parser = new PHPSQLParser($sqlQuery);
$searchType = $_GET["searchType"];
// Verify parsed array
$sqlQuery = queryModified($parser->parsed, $_GET['input'], $searchType);
$aRows = Array();
try {
$con = Propel::getConnection($bdUid);
$con->begin();
$rs = $con->executeQuery($sqlQuery);
$con->commit();
while ($rs->next()) {
array_push($aRows, $rs->getRow());
}
} catch (SQLException $sqle) {
$con->rollback();
}
$input = strtolower($_GET['input']);
$len = strlen($input);
$limit = isset($_GET['limit']) ? (int)$_GET['limit'] : 0;
$aResults = array();
$count = 0;
$aRows = sortByChar($aRows, $input);
if ($len) {
for ($i = 0; $i < count($aRows); $i++) {
$aRow = $aRows[$i];
$nCols = sizeof($aRow);
$aRow = array_values($aRow);
switch ($nCols) {
case 1:
$id = $aRow[0];
$value = $aRow[0];
$info = '';
break;
case 2:
$id = $aRow[0];
$value = $aRow[1];
$info = '';
break;
case $nCols >= 3:
$id = $aRow[0];
$value = $aRow[1];
$info = $aRow[2];
break;
}
// had to use utf_decode, here
// not necessary if the results are coming from mysql
//
$count++;
$aResults[] = array(
"id" => $id,
"value" => htmlspecialchars($value),
"info" => htmlspecialchars($info)
);
}
}
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Pragma: no-cache"); // HTTP/1.0
if (isset($_REQUEST['json'])) {
header("Content-Type: application/json");
echo Bootstrap::json_encode(array("status" => 0, "results" => $aResults));
} else {
header("Content-Type: text/xml");
echo "<?xml version=\"1.0\" encoding=\"utf-8\" ?><results>";
for ($i = 0; $i < count($aResults); $i++) {
echo "<rs id=\"" . $aResults[$i]['id'] . "\" info=\"" . $aResults[$i]['info'] . "\">" . $aResults[$i]['value'] . "</rs>";
}
echo "</results>";
}
} catch (Exception $e) {
$err = $e->getMessage();
$err = preg_replace("[\n|\r|\n\r]", ' ', $err);//Made compatible to PHP 5.3
echo '{"status":1, "message":"' . $err . '"}';
}
break;
case 'storeInTmp':
if (!isset($_SESSION['USER_LOGGED'])) {
echo "{status: 1, message: \"success\"}";
break;
}
try {
$con = Propel::getConnection($_GET['cnn']);
if ($_GET['pkt'] == 'int') {
$primaryKeyField = Propel::getDB($_GET['cnn'])->quoteIdentifier($_GET['pk']);
$tableName = Propel::getDB($_GET['cnn'])->quoteIdentifier($_GET['table']);
$rs = $con->executeQuery("SELECT MAX($primaryKeyField) as lastId FROM $tableName");
$rs->next();
$row = $rs->getRow();
$gKey = (int)$row['lastId'] + 1;
} else {
$gKey = G::encryptOld(date('Y-m-d H:i:s') . '@' . rand());
}
// See above. Gross, but it works.
$field = mysql_real_escape_string($_GET['fld']);
$field = str_replace("`", "", $field);
$query = "INSERT INTO $tableName ($primaryKeyField, $field) VALUES (?, ?)"; // '$gKey', '{$_GET['value']}')";
$rs = $con->prepareStatement($query);
$rs->set(1, $gKey);
$rs->set(2, $_GET['value']);
$rs->executeQuery();
echo "{status: 1, message: \"success\"}";
} catch (Exception $e) {
$err = $e->getMessage();
$err = preg_replace("[\n|\r|\n\r]", " ", $err); //Made compatible to PHP 5.3
echo "{status: 0, message: \"" . $err . "\"}";
}
break;
}
} }
function sortByChar($aRows, $charSel) function sortByChar($aRows, $charSel)
{ {
$aIniChar = array(); $aIniChar = array();
$aRest = array(); $aRest = array();
for($i=0; $i<count($aRows) ;$i++){ for ($i = 0; $i < count($aRows); $i++) {
$aRow = $aRows[$i]; $aRow = $aRows[$i];
$nCols = sizeof($aRow); $nCols = sizeof($aRow);
$aRowOrder = array_values($aRow); $aRowOrder = array_values($aRow);
switch( $nCols ){ switch ($nCols) {
case 1: case 1:
$value = $aRowOrder[0]; $value = $aRowOrder[0];
break; break;
case 2: case 2:
$value = $aRowOrder[1]; $value = $aRowOrder[1];
break; break;
case $nCols >= 3: case $nCols >= 3:
$value = $aRowOrder[1]; $value = $aRowOrder[1];
break; break;
}
if (substr(strtolower($value), 0, 1) == substr(strtolower($charSel), 0, 1)) {
array_push($aIniChar, $aRow);
} else {
array_push($aRest, $aRow);
}
} }
if(substr(strtolower($value), 0, 1) == substr( strtolower($charSel), 0, 1)){ return array_merge($aIniChar, $aRest);
array_push($aIniChar, $aRow);
} else {
array_push($aRest, $aRow);
}
}
return array_merge($aIniChar, $aRest);
} }
@@ -234,148 +272,164 @@ function sortByChar($aRows, $charSel)
*/ */
function queryModified($sqlParsed, $inputSel = "", $searchType) function queryModified($sqlParsed, $inputSel = "", $searchType)
{ {
if(!empty($sqlParsed['SELECT'])) { if (!empty($sqlParsed['SELECT'])) {
$sqlSelectOptions = (isset($sqlParsed["OPTIONS"]) && count($sqlParsed["OPTIONS"]) > 0)? implode(" ", $sqlParsed["OPTIONS"]) : null; $sqlSelectOptions = (isset($sqlParsed["OPTIONS"]) && count($sqlParsed["OPTIONS"]) > 0) ? implode(" ",
$sqlParsed["OPTIONS"]) : null;
$sqlSelect = "SELECT $sqlSelectOptions "; $sqlSelect = "SELECT $sqlSelectOptions ";
$aSelect = $sqlParsed["SELECT"]; $aSelect = $sqlParsed["SELECT"];
$sFieldSel = (count($aSelect)>1 ) ? $aSelect[1]['base_expr'] : $aSelect[0]['base_expr'];
foreach($aSelect as $key => $value ) {
if($key != 0)
$sqlSelect .= ", ";
$sAlias = str_replace("`","", $aSelect[$key]['alias']);
$sBaseExpr = $aSelect[$key]['base_expr'];
switch($aSelect[$key]['expr_type']){
case 'colref' : if($sAlias === $sBaseExpr)
$sqlSelect .= $sAlias;
else
$sqlSelect .= $sBaseExpr . ' AS ' . $sAlias;
break;
case 'expression' : if($sAlias === $sBaseExpr)
$sqlSelect .= $sBaseExpr;
else
$sqlSelect .= $sBaseExpr . ' AS ' . $sAlias;
break;
case 'subquery' : if(strpos($sAlias, $sBaseExpr,0) != 0)
$sqlSelect .= $sAlias;
else
$sqlSelect .= $sBaseExpr . " AS " . $sAlias;
break;
case 'operator' : $sqlSelect .= $sBaseExpr;
break;
default : $sqlSelect .= $sBaseExpr;
break;
}
}
$sqlFrom = " FROM ";
if(!empty($sqlParsed['FROM'])){
$aFrom = $sqlParsed['FROM'];
if(count($aFrom) > 0){
foreach($aFrom as $key => $value ){
if($key == 0) {
$sqlFrom .= $aFrom[$key]['table'] . (($aFrom[$key]['table'] == $aFrom[$key]['alias'])?"" : " " . $aFrom[$key]['alias']);
} else {
$sqlFrom .= " " . (($aFrom[$key]['join_type']=='JOIN')?"INNER": $aFrom[$key]['join_type']) . " JOIN " . $aFrom[$key]['table']
. (($aFrom[$key]['table'] == $aFrom[$key]['alias'])?"" : " " . $aFrom[$key]['alias']) . " " . $aFrom[$key]['ref_type'] . " " . $aFrom[$key]['ref_clause'] ;
}
$sFieldSel = (count($aSelect) > 1) ? $aSelect[1]['base_expr'] : $aSelect[0]['base_expr'];
foreach ($aSelect as $key => $value) {
if ($key != 0) {
$sqlSelect .= ", ";
}
$sAlias = str_replace("`", "", $aSelect[$key]['alias']);
$sBaseExpr = $aSelect[$key]['base_expr'];
switch ($aSelect[$key]['expr_type']) {
case 'colref' :
if ($sAlias === $sBaseExpr) {
$sqlSelect .= $sAlias;
} else {
$sqlSelect .= $sBaseExpr . ' AS ' . $sAlias;
}
break;
case 'expression' :
if ($sAlias === $sBaseExpr) {
$sqlSelect .= $sBaseExpr;
} else {
$sqlSelect .= $sBaseExpr . ' AS ' . $sAlias;
}
break;
case 'subquery' :
if (strpos($sAlias, $sBaseExpr, 0) != 0) {
$sqlSelect .= $sAlias;
} else {
$sqlSelect .= $sBaseExpr . " AS " . $sAlias;
}
break;
case 'operator' :
$sqlSelect .= $sBaseExpr;
break;
default :
$sqlSelect .= $sBaseExpr;
break;
}
} }
}
}
$sqlConditionLike = "LIKE '%" . $inputSel . "%'"; $sqlFrom = " FROM ";
if (!empty($sqlParsed['FROM'])) {
$aFrom = $sqlParsed['FROM'];
if (count($aFrom) > 0) {
foreach ($aFrom as $key => $value) {
if ($key == 0) {
$sqlFrom .= $aFrom[$key]['table'] . (($aFrom[$key]['table'] == $aFrom[$key]['alias']) ? "" : " " . $aFrom[$key]['alias']);
} else {
$sqlFrom .= " " . (($aFrom[$key]['join_type'] == 'JOIN') ? "INNER" : $aFrom[$key]['join_type']) . " JOIN " . $aFrom[$key]['table']
. (($aFrom[$key]['table'] == $aFrom[$key]['alias']) ? "" : " " . $aFrom[$key]['alias']) . " " . $aFrom[$key]['ref_type'] . " " . $aFrom[$key]['ref_clause'];
}
switch ($searchType) { }
case "searchtype*": }
$sqlConditionLike = "LIKE '" . $inputSel . "%'"; }
break;
case "*searchtype":
$sqlConditionLike = "LIKE '%" . $inputSel . "'";
break;
}
if(!empty($sqlParsed['WHERE'])){ $sqlConditionLike = "LIKE '%" . $inputSel . "%'";
$sqlWhere = " WHERE ";
$aWhere = $sqlParsed['WHERE'];
foreach($aWhere as $key => $value ){
$sqlWhere .= $value['base_expr'] . " ";
}
$sqlWhere .= " AND " . $sFieldSel . " " . $sqlConditionLike;
}
else {
$sqlWhere = " WHERE " . $sFieldSel . " " . $sqlConditionLike;
}
$sqlGroupBy = ""; switch ($searchType) {
if(!empty($sqlParsed['GROUP'])){ case "searchtype*":
$sqlGroupBy = "GROUP BY "; $sqlConditionLike = "LIKE '" . $inputSel . "%'";
$aGroup = $sqlParsed['GROUP']; break;
foreach($aGroup as $key => $value ){ case "*searchtype":
if($key != 0) $sqlConditionLike = "LIKE '%" . $inputSel . "'";
$sqlGroupBy .= ", "; break;
if($value['direction'] == 'ASC' ) }
$sqlGroupBy .= $value['base_expr'];
else
$sqlGroupBy .= $value['base_expr'] . " " . $value['direction'];
}
}
$sqlHaving = ""; if (!empty($sqlParsed['WHERE'])) {
if(!empty($sqlParsed['HAVING'])){ $sqlWhere = " WHERE ";
$sqlHaving = "HAVING "; $aWhere = $sqlParsed['WHERE'];
$aHaving = $sqlParsed['HAVING']; foreach ($aWhere as $key => $value) {
foreach($aHaving as $key => $value ){ $sqlWhere .= $value['base_expr'] . " ";
$sqlHaving .= $value['base_expr'] . " "; }
} $sqlWhere .= " AND " . $sFieldSel . " " . $sqlConditionLike;
} } else {
$sqlWhere = " WHERE " . $sFieldSel . " " . $sqlConditionLike;
}
$sqlOrderBy = ""; $sqlGroupBy = "";
if(!empty($sqlParsed['ORDER'])){ if (!empty($sqlParsed['GROUP'])) {
$sqlOrderBy = "ORDER BY "; $sqlGroupBy = "GROUP BY ";
$aOrder = $sqlParsed['ORDER']; $aGroup = $sqlParsed['GROUP'];
foreach($aOrder as $key => $value ){ foreach ($aGroup as $key => $value) {
if($key != 0) if ($key != 0) {
$sqlOrderBy .= ", "; $sqlGroupBy .= ", ";
if($value['direction'] == 'ASC' ) }
$sqlOrderBy .= $value['base_expr']; if ($value['direction'] == 'ASC') {
else $sqlGroupBy .= $value['base_expr'];
$sqlOrderBy .= $value['base_expr'] . " " . $value['direction']; } else {
} $sqlGroupBy .= $value['base_expr'] . " " . $value['direction'];
} else { }
$sqlOrderBy = " ORDER BY " . $sFieldSel; }
} }
$sqlLimit = ""; $sqlHaving = "";
if(!empty($sqlParsed['LIMIT'])){ if (!empty($sqlParsed['HAVING'])) {
$sqlLimit = "LIMIT ". $sqlParsed['LIMIT']['start'] . ", " . $sqlParsed['LIMIT']['end']; $sqlHaving = "HAVING ";
} $aHaving = $sqlParsed['HAVING'];
foreach ($aHaving as $key => $value) {
$sqlHaving .= $value['base_expr'] . " ";
}
}
return $sqlSelect . $sqlFrom . $sqlWhere . $sqlGroupBy . $sqlHaving . $sqlOrderBy . $sqlLimit; $sqlOrderBy = "";
} if (!empty($sqlParsed['ORDER'])) {
if(!empty($sqlParsed['CALL'])){ $sqlOrderBy = "ORDER BY ";
$sCall = "CALL "; $aOrder = $sqlParsed['ORDER'];
$aCall = $sqlParsed['CALL']; foreach ($aOrder as $key => $value) {
foreach($aCall as $key => $value ){ if ($key != 0) {
$sCall .= $value . " "; $sqlOrderBy .= ", ";
}
if ($value['direction'] == 'ASC') {
$sqlOrderBy .= $value['base_expr'];
} else {
$sqlOrderBy .= $value['base_expr'] . " " . $value['direction'];
}
}
} else {
$sqlOrderBy = " ORDER BY " . $sFieldSel;
}
$sqlLimit = "";
if (!empty($sqlParsed['LIMIT'])) {
$sqlLimit = "LIMIT " . $sqlParsed['LIMIT']['start'] . ", " . $sqlParsed['LIMIT']['end'];
}
return $sqlSelect . $sqlFrom . $sqlWhere . $sqlGroupBy . $sqlHaving . $sqlOrderBy . $sqlLimit;
} }
return $sCall; if (!empty($sqlParsed['CALL'])) {
} $sCall = "CALL ";
if(!empty($sqlParsed['EXECUTE'])){ $aCall = $sqlParsed['CALL'];
$sCall = "EXECUTE "; foreach ($aCall as $key => $value) {
$aCall = $sqlParsed['EXECUTE']; $sCall .= $value . " ";
foreach($aCall as $key => $value ){ }
$sCall .= $value . " ";
return $sCall;
} }
return $sCall; if (!empty($sqlParsed['EXECUTE'])) {
} $sCall = "EXECUTE ";
if(!empty($sqlParsed[''])){ $aCall = $sqlParsed['EXECUTE'];
$sCall = ""; foreach ($aCall as $key => $value) {
$aCall = $sqlParsed['']; $sCall .= $value . " ";
foreach($aCall as $key => $value ){ }
$sCall .= $value . " ";
return $sCall;
}
if (!empty($sqlParsed[''])) {
$sCall = "";
$aCall = $sqlParsed[''];
foreach ($aCall as $key => $value) {
$sCall .= $value . " ";
}
return $sCall;
} }
return $sCall;
}
} }

12
gulliver/system/class.xmlform.php
View File

@@ -1354,8 +1354,7 @@ class XmlFormFieldSuggest extends XmlFormFieldSimpleText
} else { } else {
$sCallBack = ''; $sCallBack = '';
} }
$hash = str_rot13( base64_encode( $this->sql . '@|' . $this->sqlConnection ) );
$sSQL = $this->sql; $sSQL = $this->sql;
$nCount = preg_match_all( '/\@(?:([\@\%\#\!Qq])([a-zA-Z\_]\w*)|([a-zA-Z\_][\w\-\>\:]*)\(((?:[^\\\\\)]*?)*)\))/', $sSQL, $match, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE ); $nCount = preg_match_all( '/\@(?:([\@\%\#\!Qq])([a-zA-Z\_]\w*)|([a-zA-Z\_][\w\-\>\:]*)\(((?:[^\\\\\)]*?)*)\))/', $sSQL, $match, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE );
@@ -1405,8 +1404,8 @@ class XmlFormFieldSuggest extends XmlFormFieldSimpleText
$sOptions = 'script: function (input) { '; $sOptions = 'script: function (input) { ';
$sOptions .= ' var inputValue = base64_encode(getField(\'' . $this->name . '_label\').value); '; $sOptions .= ' var inputValue = base64_encode(getField(\'' . $this->name . '_label\').value); ';
$sOptions .= ' return "' . $this->ajaxServer . '?request=suggest&json=true&limit=' . $this->maxresults; $sOptions .= ' return "' . $this->ajaxServer . '?request=suggest&type=form&form=' . $owner->id . '&variable=' . $this->name . '&json=true&limit=' . $this->maxresults;
$sOptions .= '&hash=' . $hash . '&dependentFieldsKeys=' . $sResultKeys . '&dependentFieldsValue="'; $sOptions .= '&dependentFieldsKeys=' . $sResultKeys . '&dependentFieldsValue="';
$sOptions .= $depValues . '"&input="+inputValue+"&inputEnconde64=enable&searchType=' . $this->searchType . '";'; $sOptions .= $depValues . '"&input="+inputValue+"&inputEnconde64=enable&searchType=' . $this->searchType . '";';
@@ -1561,7 +1560,6 @@ class XmlFormFieldSuggest extends XmlFormFieldSimpleText
$sCallBack = ''; $sCallBack = '';
} }
$hash = str_rot13( base64_encode( $this->sql . '@|' . $this->sqlConnection ) );
$sSQL = $this->sql; $sSQL = $this->sql;
$nCount = preg_match_all( '/\@(?:([\@\%\#\!Qq])([a-zA-Z\_]\w*)|([a-zA-Z\_][\w\-\>\:]*)\(((?:[^\\\\\)]*?)*)\))/', $sSQL, $match, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE ); $nCount = preg_match_all( '/\@(?:([\@\%\#\!Qq])([a-zA-Z\_]\w*)|([a-zA-Z\_][\w\-\>\:]*)\(((?:[^\\\\\)]*?)*)\))/', $sSQL, $match, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE );
@@ -1602,8 +1600,8 @@ class XmlFormFieldSuggest extends XmlFormFieldSimpleText
$sOptions .= ' var inputValue = base64_encode(getField(\'' . $rowIdField . '[' . $this->name . '_label\').value); '; $sOptions .= ' var inputValue = base64_encode(getField(\'' . $rowIdField . '[' . $this->name . '_label\').value); ';
$sOptions .= ' return "' . $this->ajaxServer . '?request=suggest&json=true&limit=' . $this->maxresults; $sOptions .= ' return "' . $this->ajaxServer . '?request=suggest&type=grid&form=' . $owner->id . '&grid=' . $owner->name . '&variable=' . $this->name . '&json=true&limit=' . $this->maxresults;
$sOptions .= '&hash=' . $hash . '&dependentFieldsKeys=' . $sResultKeys . '&dependentFieldsValue="'; $sOptions .= '&dependentFieldsKeys=' . $sResultKeys . '&dependentFieldsValue="';
$sOptions .= $depValues . '"&input="+inputValue+"&inputEnconde64=enable&searchType=' . $this->searchType . '";'; $sOptions .= $depValues . '"&input="+inputValue+"&inputEnconde64=enable&searchType=' . $this->searchType . '";';
$sOptions .= '},'; $sOptions .= '},';

3
workflow/engine/PmBootstrap.php
View File

@@ -322,8 +322,7 @@ class PmBootstrap extends Bootstrap
require_once 'classes/model/Users.php'; require_once 'classes/model/Users.php';
$oUser = new Users(); $oUser = new Users();
$aUser = $oUser->load($aSession['USR_UID']); $aUser = $oUser->load($aSession['USR_UID']);
$_SESSION['USER_LOGGED'] = $aUser['USR_UID']; initUserSession($aUser['USR_UID'], $aUser['USR_USERNAME']);
$_SESSION['USR_USERNAME'] = $aUser['USR_USERNAME'];
$bRedirect = false; $bRedirect = false;
$RBAC->initRBAC(); $RBAC->initRBAC();
$RBAC->loadUserRolePermission( $RBAC->sSystem, $_SESSION['USER_LOGGED'] ); $RBAC->loadUserRolePermission( $RBAC->sSystem, $_SESSION['USER_LOGGED'] );

2
workflow/engine/classes/model/map/PluginsRegistryMapBuilder.php
View File

@@ -109,6 +109,8 @@ class PluginsRegistryMapBuilder
$tMap->addColumn('PLUGIN_REST_SERVICE', 'PluginRestService', 'string', CreoleTypes::LONGVARCHAR, false, null); $tMap->addColumn('PLUGIN_REST_SERVICE', 'PluginRestService', 'string', CreoleTypes::LONGVARCHAR, false, null);
$tMap->addColumn('PLUGIN_TASK_EXTENDED_PROPERTIES', 'PluginTaskExtendedProperties', 'string', CreoleTypes::LONGVARCHAR, false, null);
$tMap->addColumn('PLUGIN_ATTRIBUTES', 'PluginAttributes', 'string', CreoleTypes::LONGVARCHAR, false, null); $tMap->addColumn('PLUGIN_ATTRIBUTES', 'PluginAttributes', 'string', CreoleTypes::LONGVARCHAR, false, null);
} // doBuild() } // doBuild()

66
workflow/engine/classes/model/om/BasePluginsRegistry.php
View File

@@ -159,6 +159,12 @@ abstract class BasePluginsRegistry extends BaseObject implements Persistent
*/ */
protected $plugin_rest_service; protected $plugin_rest_service;
/**
* The value for the plugin_task_extended_properties field.
* @var string
*/
protected $plugin_task_extended_properties;
/** /**
* The value for the plugin_attributes field. * The value for the plugin_attributes field.
* @var string * @var string
@@ -421,6 +427,17 @@ abstract class BasePluginsRegistry extends BaseObject implements Persistent
return $this->plugin_rest_service; return $this->plugin_rest_service;
} }
/**
* Get the [plugin_task_extended_properties] column value.
*
* @return string
*/
public function getPluginTaskExtendedProperties()
{
return $this->plugin_task_extended_properties;
}
/** /**
* Get the [plugin_attributes] column value. * Get the [plugin_attributes] column value.
* *
@@ -916,6 +933,28 @@ abstract class BasePluginsRegistry extends BaseObject implements Persistent
} // setPluginRestService() } // setPluginRestService()
/**
* Set the value of [plugin_task_extended_properties] column.
*
* @param string $v new value
* @return void
*/
public function setPluginTaskExtendedProperties($v)
{
// Since the native PHP type for this column is string,
// we will cast the input to a string (if it is not).
if ($v !== null && !is_string($v)) {
$v = (string) $v;
}
if ($this->plugin_task_extended_properties !== $v) {
$this->plugin_task_extended_properties = $v;
$this->modifiedColumns[] = PluginsRegistryPeer::PLUGIN_TASK_EXTENDED_PROPERTIES;
}
} // setPluginTaskExtendedProperties()
/** /**
* Set the value of [plugin_attributes] column. * Set the value of [plugin_attributes] column.
* *
@@ -999,14 +1038,16 @@ abstract class BasePluginsRegistry extends BaseObject implements Persistent
$this->plugin_rest_service = $rs->getString($startcol + 21); $this->plugin_rest_service = $rs->getString($startcol + 21);
$this->plugin_attributes = $rs->getString($startcol + 22); $this->plugin_task_extended_properties = $rs->getString($startcol + 22);
$this->plugin_attributes = $rs->getString($startcol + 23);
$this->resetModified(); $this->resetModified();
$this->setNew(false); $this->setNew(false);
// FIXME - using NUM_COLUMNS may be clearer. // FIXME - using NUM_COLUMNS may be clearer.
return $startcol + 23; // 23 = PluginsRegistryPeer::NUM_COLUMNS - PluginsRegistryPeer::NUM_LAZY_LOAD_COLUMNS). return $startcol + 24; // 24 = PluginsRegistryPeer::NUM_COLUMNS - PluginsRegistryPeer::NUM_LAZY_LOAD_COLUMNS).
} catch (Exception $e) { } catch (Exception $e) {
throw new PropelException("Error populating PluginsRegistry object", $e); throw new PropelException("Error populating PluginsRegistry object", $e);
@@ -1277,6 +1318,9 @@ abstract class BasePluginsRegistry extends BaseObject implements Persistent
return $this->getPluginRestService(); return $this->getPluginRestService();
break; break;
case 22: case 22:
return $this->getPluginTaskExtendedProperties();
break;
case 23:
return $this->getPluginAttributes(); return $this->getPluginAttributes();
break; break;
default: default:
@@ -1321,7 +1365,8 @@ abstract class BasePluginsRegistry extends BaseObject implements Persistent
$keys[19] => $this->getPluginCss(), $keys[19] => $this->getPluginCss(),
$keys[20] => $this->getPluginJs(), $keys[20] => $this->getPluginJs(),
$keys[21] => $this->getPluginRestService(), $keys[21] => $this->getPluginRestService(),
$keys[22] => $this->getPluginAttributes(), $keys[22] => $this->getPluginTaskExtendedProperties(),
$keys[23] => $this->getPluginAttributes(),
); );
return $result; return $result;
} }
@@ -1420,6 +1465,9 @@ abstract class BasePluginsRegistry extends BaseObject implements Persistent
$this->setPluginRestService($value); $this->setPluginRestService($value);
break; break;
case 22: case 22:
$this->setPluginTaskExtendedProperties($value);
break;
case 23:
$this->setPluginAttributes($value); $this->setPluginAttributes($value);
break; break;
} // switch() } // switch()
@@ -1534,7 +1582,11 @@ abstract class BasePluginsRegistry extends BaseObject implements Persistent
} }
if (array_key_exists($keys[22], $arr)) { if (array_key_exists($keys[22], $arr)) {
$this->setPluginAttributes($arr[$keys[22]]); $this->setPluginTaskExtendedProperties($arr[$keys[22]]);
}
if (array_key_exists($keys[23], $arr)) {
$this->setPluginAttributes($arr[$keys[23]]);
} }
} }
@@ -1636,6 +1688,10 @@ abstract class BasePluginsRegistry extends BaseObject implements Persistent
$criteria->add(PluginsRegistryPeer::PLUGIN_REST_SERVICE, $this->plugin_rest_service); $criteria->add(PluginsRegistryPeer::PLUGIN_REST_SERVICE, $this->plugin_rest_service);
} }
if ($this->isColumnModified(PluginsRegistryPeer::PLUGIN_TASK_EXTENDED_PROPERTIES)) {
$criteria->add(PluginsRegistryPeer::PLUGIN_TASK_EXTENDED_PROPERTIES, $this->plugin_task_extended_properties);
}
if ($this->isColumnModified(PluginsRegistryPeer::PLUGIN_ATTRIBUTES)) { if ($this->isColumnModified(PluginsRegistryPeer::PLUGIN_ATTRIBUTES)) {
$criteria->add(PluginsRegistryPeer::PLUGIN_ATTRIBUTES, $this->plugin_attributes); $criteria->add(PluginsRegistryPeer::PLUGIN_ATTRIBUTES, $this->plugin_attributes);
} }
@@ -1736,6 +1792,8 @@ abstract class BasePluginsRegistry extends BaseObject implements Persistent
$copyObj->setPluginRestService($this->plugin_rest_service); $copyObj->setPluginRestService($this->plugin_rest_service);
$copyObj->setPluginTaskExtendedProperties($this->plugin_task_extended_properties);
$copyObj->setPluginAttributes($this->plugin_attributes); $copyObj->setPluginAttributes($this->plugin_attributes);

23
workflow/engine/classes/model/om/BasePluginsRegistryPeer.php
View File

@@ -25,7 +25,7 @@ abstract class BasePluginsRegistryPeer
const CLASS_DEFAULT = 'classes.model.PluginsRegistry'; const CLASS_DEFAULT = 'classes.model.PluginsRegistry';
/** The total number of columns. */ /** The total number of columns. */
const NUM_COLUMNS = 23; const NUM_COLUMNS = 24;
/** The number of lazy-loaded columns. */ /** The number of lazy-loaded columns. */
const NUM_LAZY_LOAD_COLUMNS = 0; const NUM_LAZY_LOAD_COLUMNS = 0;
@@ -97,6 +97,9 @@ abstract class BasePluginsRegistryPeer
/** the column name for the PLUGIN_REST_SERVICE field */ /** the column name for the PLUGIN_REST_SERVICE field */
const PLUGIN_REST_SERVICE = 'PLUGINS_REGISTRY.PLUGIN_REST_SERVICE'; const PLUGIN_REST_SERVICE = 'PLUGINS_REGISTRY.PLUGIN_REST_SERVICE';
/** the column name for the PLUGIN_TASK_EXTENDED_PROPERTIES field */
const PLUGIN_TASK_EXTENDED_PROPERTIES = 'PLUGINS_REGISTRY.PLUGIN_TASK_EXTENDED_PROPERTIES';
/** the column name for the PLUGIN_ATTRIBUTES field */ /** the column name for the PLUGIN_ATTRIBUTES field */
const PLUGIN_ATTRIBUTES = 'PLUGINS_REGISTRY.PLUGIN_ATTRIBUTES'; const PLUGIN_ATTRIBUTES = 'PLUGINS_REGISTRY.PLUGIN_ATTRIBUTES';
@@ -111,10 +114,10 @@ abstract class BasePluginsRegistryPeer
* e.g. self::$fieldNames[self::TYPE_PHPNAME][0] = 'Id' * e.g. self::$fieldNames[self::TYPE_PHPNAME][0] = 'Id'
*/ */
private static $fieldNames = array ( private static $fieldNames = array (
BasePeer::TYPE_PHPNAME => array ('PrUid', 'PluginNamespace', 'PluginDescription', 'PluginClassName', 'PluginFriendlyName', 'PluginFile', 'PluginFolder', 'PluginSetupPage', 'PluginCompanyLogo', 'PluginWorkspaces', 'PluginVersion', 'PluginEnable', 'PluginPrivate', 'PluginMenus', 'PluginFolders', 'PluginTriggers', 'PluginPmFunctions', 'PluginRedirectLogin', 'PluginSteps', 'PluginCss', 'PluginJs', 'PluginRestService', 'PluginAttributes', ), BasePeer::TYPE_PHPNAME => array ('PrUid', 'PluginNamespace', 'PluginDescription', 'PluginClassName', 'PluginFriendlyName', 'PluginFile', 'PluginFolder', 'PluginSetupPage', 'PluginCompanyLogo', 'PluginWorkspaces', 'PluginVersion', 'PluginEnable', 'PluginPrivate', 'PluginMenus', 'PluginFolders', 'PluginTriggers', 'PluginPmFunctions', 'PluginRedirectLogin', 'PluginSteps', 'PluginCss', 'PluginJs', 'PluginRestService', 'PluginTaskExtendedProperties', 'PluginAttributes', ),
BasePeer::TYPE_COLNAME => array (PluginsRegistryPeer::PR_UID, PluginsRegistryPeer::PLUGIN_NAMESPACE, PluginsRegistryPeer::PLUGIN_DESCRIPTION, PluginsRegistryPeer::PLUGIN_CLASS_NAME, PluginsRegistryPeer::PLUGIN_FRIENDLY_NAME, PluginsRegistryPeer::PLUGIN_FILE, PluginsRegistryPeer::PLUGIN_FOLDER, PluginsRegistryPeer::PLUGIN_SETUP_PAGE, PluginsRegistryPeer::PLUGIN_COMPANY_LOGO, PluginsRegistryPeer::PLUGIN_WORKSPACES, PluginsRegistryPeer::PLUGIN_VERSION, PluginsRegistryPeer::PLUGIN_ENABLE, PluginsRegistryPeer::PLUGIN_PRIVATE, PluginsRegistryPeer::PLUGIN_MENUS, PluginsRegistryPeer::PLUGIN_FOLDERS, PluginsRegistryPeer::PLUGIN_TRIGGERS, PluginsRegistryPeer::PLUGIN_PM_FUNCTIONS, PluginsRegistryPeer::PLUGIN_REDIRECT_LOGIN, PluginsRegistryPeer::PLUGIN_STEPS, PluginsRegistryPeer::PLUGIN_CSS, PluginsRegistryPeer::PLUGIN_JS, PluginsRegistryPeer::PLUGIN_REST_SERVICE, PluginsRegistryPeer::PLUGIN_ATTRIBUTES, ), BasePeer::TYPE_COLNAME => array (PluginsRegistryPeer::PR_UID, PluginsRegistryPeer::PLUGIN_NAMESPACE, PluginsRegistryPeer::PLUGIN_DESCRIPTION, PluginsRegistryPeer::PLUGIN_CLASS_NAME, PluginsRegistryPeer::PLUGIN_FRIENDLY_NAME, PluginsRegistryPeer::PLUGIN_FILE, PluginsRegistryPeer::PLUGIN_FOLDER, PluginsRegistryPeer::PLUGIN_SETUP_PAGE, PluginsRegistryPeer::PLUGIN_COMPANY_LOGO, PluginsRegistryPeer::PLUGIN_WORKSPACES, PluginsRegistryPeer::PLUGIN_VERSION, PluginsRegistryPeer::PLUGIN_ENABLE, PluginsRegistryPeer::PLUGIN_PRIVATE, PluginsRegistryPeer::PLUGIN_MENUS, PluginsRegistryPeer::PLUGIN_FOLDERS, PluginsRegistryPeer::PLUGIN_TRIGGERS, PluginsRegistryPeer::PLUGIN_PM_FUNCTIONS, PluginsRegistryPeer::PLUGIN_REDIRECT_LOGIN, PluginsRegistryPeer::PLUGIN_STEPS, PluginsRegistryPeer::PLUGIN_CSS, PluginsRegistryPeer::PLUGIN_JS, PluginsRegistryPeer::PLUGIN_REST_SERVICE, PluginsRegistryPeer::PLUGIN_TASK_EXTENDED_PROPERTIES, PluginsRegistryPeer::PLUGIN_ATTRIBUTES, ),
BasePeer::TYPE_FIELDNAME => array ('PR_UID', 'PLUGIN_NAMESPACE', 'PLUGIN_DESCRIPTION', 'PLUGIN_CLASS_NAME', 'PLUGIN_FRIENDLY_NAME', 'PLUGIN_FILE', 'PLUGIN_FOLDER', 'PLUGIN_SETUP_PAGE', 'PLUGIN_COMPANY_LOGO', 'PLUGIN_WORKSPACES', 'PLUGIN_VERSION', 'PLUGIN_ENABLE', 'PLUGIN_PRIVATE', 'PLUGIN_MENUS', 'PLUGIN_FOLDERS', 'PLUGIN_TRIGGERS', 'PLUGIN_PM_FUNCTIONS', 'PLUGIN_REDIRECT_LOGIN', 'PLUGIN_STEPS', 'PLUGIN_CSS', 'PLUGIN_JS', 'PLUGIN_REST_SERVICE', 'PLUGIN_ATTRIBUTES', ), BasePeer::TYPE_FIELDNAME => array ('PR_UID', 'PLUGIN_NAMESPACE', 'PLUGIN_DESCRIPTION', 'PLUGIN_CLASS_NAME', 'PLUGIN_FRIENDLY_NAME', 'PLUGIN_FILE', 'PLUGIN_FOLDER', 'PLUGIN_SETUP_PAGE', 'PLUGIN_COMPANY_LOGO', 'PLUGIN_WORKSPACES', 'PLUGIN_VERSION', 'PLUGIN_ENABLE', 'PLUGIN_PRIVATE', 'PLUGIN_MENUS', 'PLUGIN_FOLDERS', 'PLUGIN_TRIGGERS', 'PLUGIN_PM_FUNCTIONS', 'PLUGIN_REDIRECT_LOGIN', 'PLUGIN_STEPS', 'PLUGIN_CSS', 'PLUGIN_JS', 'PLUGIN_REST_SERVICE', 'PLUGIN_TASK_EXTENDED_PROPERTIES', 'PLUGIN_ATTRIBUTES', ),
BasePeer::TYPE_NUM => array (0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, ) BasePeer::TYPE_NUM => array (0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, )
); );
/** /**
@@ -124,10 +127,10 @@ abstract class BasePluginsRegistryPeer
* e.g. self::$fieldNames[BasePeer::TYPE_PHPNAME]['Id'] = 0 * e.g. self::$fieldNames[BasePeer::TYPE_PHPNAME]['Id'] = 0
*/ */
private static $fieldKeys = array ( private static $fieldKeys = array (
BasePeer::TYPE_PHPNAME => array ('PrUid' => 0, 'PluginNamespace' => 1, 'PluginDescription' => 2, 'PluginClassName' => 3, 'PluginFriendlyName' => 4, 'PluginFile' => 5, 'PluginFolder' => 6, 'PluginSetupPage' => 7, 'PluginCompanyLogo' => 8, 'PluginWorkspaces' => 9, 'PluginVersion' => 10, 'PluginEnable' => 11, 'PluginPrivate' => 12, 'PluginMenus' => 13, 'PluginFolders' => 14, 'PluginTriggers' => 15, 'PluginPmFunctions' => 16, 'PluginRedirectLogin' => 17, 'PluginSteps' => 18, 'PluginCss' => 19, 'PluginJs' => 20, 'PluginRestService' => 21, 'PluginAttributes' => 22, ), BasePeer::TYPE_PHPNAME => array ('PrUid' => 0, 'PluginNamespace' => 1, 'PluginDescription' => 2, 'PluginClassName' => 3, 'PluginFriendlyName' => 4, 'PluginFile' => 5, 'PluginFolder' => 6, 'PluginSetupPage' => 7, 'PluginCompanyLogo' => 8, 'PluginWorkspaces' => 9, 'PluginVersion' => 10, 'PluginEnable' => 11, 'PluginPrivate' => 12, 'PluginMenus' => 13, 'PluginFolders' => 14, 'PluginTriggers' => 15, 'PluginPmFunctions' => 16, 'PluginRedirectLogin' => 17, 'PluginSteps' => 18, 'PluginCss' => 19, 'PluginJs' => 20, 'PluginRestService' => 21, 'PluginTaskExtendedProperties' => 22, 'PluginAttributes' => 23, ),
BasePeer::TYPE_COLNAME => array (PluginsRegistryPeer::PR_UID => 0, PluginsRegistryPeer::PLUGIN_NAMESPACE => 1, PluginsRegistryPeer::PLUGIN_DESCRIPTION => 2, PluginsRegistryPeer::PLUGIN_CLASS_NAME => 3, PluginsRegistryPeer::PLUGIN_FRIENDLY_NAME => 4, PluginsRegistryPeer::PLUGIN_FILE => 5, PluginsRegistryPeer::PLUGIN_FOLDER => 6, PluginsRegistryPeer::PLUGIN_SETUP_PAGE => 7, PluginsRegistryPeer::PLUGIN_COMPANY_LOGO => 8, PluginsRegistryPeer::PLUGIN_WORKSPACES => 9, PluginsRegistryPeer::PLUGIN_VERSION => 10, PluginsRegistryPeer::PLUGIN_ENABLE => 11, PluginsRegistryPeer::PLUGIN_PRIVATE => 12, PluginsRegistryPeer::PLUGIN_MENUS => 13, PluginsRegistryPeer::PLUGIN_FOLDERS => 14, PluginsRegistryPeer::PLUGIN_TRIGGERS => 15, PluginsRegistryPeer::PLUGIN_PM_FUNCTIONS => 16, PluginsRegistryPeer::PLUGIN_REDIRECT_LOGIN => 17, PluginsRegistryPeer::PLUGIN_STEPS => 18, PluginsRegistryPeer::PLUGIN_CSS => 19, PluginsRegistryPeer::PLUGIN_JS => 20, PluginsRegistryPeer::PLUGIN_REST_SERVICE => 21, PluginsRegistryPeer::PLUGIN_ATTRIBUTES => 22, ), BasePeer::TYPE_COLNAME => array (PluginsRegistryPeer::PR_UID => 0, PluginsRegistryPeer::PLUGIN_NAMESPACE => 1, PluginsRegistryPeer::PLUGIN_DESCRIPTION => 2, PluginsRegistryPeer::PLUGIN_CLASS_NAME => 3, PluginsRegistryPeer::PLUGIN_FRIENDLY_NAME => 4, PluginsRegistryPeer::PLUGIN_FILE => 5, PluginsRegistryPeer::PLUGIN_FOLDER => 6, PluginsRegistryPeer::PLUGIN_SETUP_PAGE => 7, PluginsRegistryPeer::PLUGIN_COMPANY_LOGO => 8, PluginsRegistryPeer::PLUGIN_WORKSPACES => 9, PluginsRegistryPeer::PLUGIN_VERSION => 10, PluginsRegistryPeer::PLUGIN_ENABLE => 11, PluginsRegistryPeer::PLUGIN_PRIVATE => 12, PluginsRegistryPeer::PLUGIN_MENUS => 13, PluginsRegistryPeer::PLUGIN_FOLDERS => 14, PluginsRegistryPeer::PLUGIN_TRIGGERS => 15, PluginsRegistryPeer::PLUGIN_PM_FUNCTIONS => 16, PluginsRegistryPeer::PLUGIN_REDIRECT_LOGIN => 17, PluginsRegistryPeer::PLUGIN_STEPS => 18, PluginsRegistryPeer::PLUGIN_CSS => 19, PluginsRegistryPeer::PLUGIN_JS => 20, PluginsRegistryPeer::PLUGIN_REST_SERVICE => 21, PluginsRegistryPeer::PLUGIN_TASK_EXTENDED_PROPERTIES => 22, PluginsRegistryPeer::PLUGIN_ATTRIBUTES => 23, ),
BasePeer::TYPE_FIELDNAME => array ('PR_UID' => 0, 'PLUGIN_NAMESPACE' => 1, 'PLUGIN_DESCRIPTION' => 2, 'PLUGIN_CLASS_NAME' => 3, 'PLUGIN_FRIENDLY_NAME' => 4, 'PLUGIN_FILE' => 5, 'PLUGIN_FOLDER' => 6, 'PLUGIN_SETUP_PAGE' => 7, 'PLUGIN_COMPANY_LOGO' => 8, 'PLUGIN_WORKSPACES' => 9, 'PLUGIN_VERSION' => 10, 'PLUGIN_ENABLE' => 11, 'PLUGIN_PRIVATE' => 12, 'PLUGIN_MENUS' => 13, 'PLUGIN_FOLDERS' => 14, 'PLUGIN_TRIGGERS' => 15, 'PLUGIN_PM_FUNCTIONS' => 16, 'PLUGIN_REDIRECT_LOGIN' => 17, 'PLUGIN_STEPS' => 18, 'PLUGIN_CSS' => 19, 'PLUGIN_JS' => 20, 'PLUGIN_REST_SERVICE' => 21, 'PLUGIN_ATTRIBUTES' => 22, ), BasePeer::TYPE_FIELDNAME => array ('PR_UID' => 0, 'PLUGIN_NAMESPACE' => 1, 'PLUGIN_DESCRIPTION' => 2, 'PLUGIN_CLASS_NAME' => 3, 'PLUGIN_FRIENDLY_NAME' => 4, 'PLUGIN_FILE' => 5, 'PLUGIN_FOLDER' => 6, 'PLUGIN_SETUP_PAGE' => 7, 'PLUGIN_COMPANY_LOGO' => 8, 'PLUGIN_WORKSPACES' => 9, 'PLUGIN_VERSION' => 10, 'PLUGIN_ENABLE' => 11, 'PLUGIN_PRIVATE' => 12, 'PLUGIN_MENUS' => 13, 'PLUGIN_FOLDERS' => 14, 'PLUGIN_TRIGGERS' => 15, 'PLUGIN_PM_FUNCTIONS' => 16, 'PLUGIN_REDIRECT_LOGIN' => 17, 'PLUGIN_STEPS' => 18, 'PLUGIN_CSS' => 19, 'PLUGIN_JS' => 20, 'PLUGIN_REST_SERVICE' => 21, 'PLUGIN_TASK_EXTENDED_PROPERTIES' => 22, 'PLUGIN_ATTRIBUTES' => 23, ),
BasePeer::TYPE_NUM => array (0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, ) BasePeer::TYPE_NUM => array (0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, )
); );
/** /**
@@ -272,6 +275,8 @@ abstract class BasePluginsRegistryPeer
$criteria->addSelectColumn(PluginsRegistryPeer::PLUGIN_REST_SERVICE); $criteria->addSelectColumn(PluginsRegistryPeer::PLUGIN_REST_SERVICE);
$criteria->addSelectColumn(PluginsRegistryPeer::PLUGIN_TASK_EXTENDED_PROPERTIES);
$criteria->addSelectColumn(PluginsRegistryPeer::PLUGIN_ATTRIBUTES); $criteria->addSelectColumn(PluginsRegistryPeer::PLUGIN_ATTRIBUTES);
} }

129
workflow/engine/config/mobileios.pem
View File

@@ -1,20 +1,20 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgIIXLYlpPfN6a8wDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV MIIGVTCCBT2gAwIBAgIIC2XzArbAqykwDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV
BAYTAlVTMRMwEQYDVQQKDApBcHBsZSBJbmMuMSwwKgYDVQQLDCNBcHBsZSBXb3Js BAYTAlVTMRMwEQYDVQQKDApBcHBsZSBJbmMuMSwwKgYDVQQLDCNBcHBsZSBXb3Js
ZHdpZGUgRGV2ZWxvcGVyIFJlbGF0aW9uczFEMEIGA1UEAww7QXBwbGUgV29ybGR3 ZHdpZGUgRGV2ZWxvcGVyIFJlbGF0aW9uczFEMEIGA1UEAww7QXBwbGUgV29ybGR3
aWRlIERldmVsb3BlciBSZWxhdGlvbnMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw aWRlIERldmVsb3BlciBSZWxhdGlvbnMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
HhcNMTYwOTIwMTczMTI2WhcNMTcxMDIwMTczMTI2WjCBqTEtMCsGCgmSJomT8ixk HhcNMTcxMDA0MTM0MzMwWhcNMTgxMTAzMTM0MzMwWjCBqTEtMCsGCgmSJomT8ixk
AQEMHWNvbS5wcm9jZXNzbWFrZXIuUHJvY2Vzc01ha2VyMTswOQYDVQQDDDJBcHBs AQEMHWNvbS5wcm9jZXNzbWFrZXIuUHJvY2Vzc01ha2VyMTswOQYDVQQDDDJBcHBs
ZSBQdXNoIFNlcnZpY2VzOiBjb20ucHJvY2Vzc21ha2VyLlByb2Nlc3NNYWtlcjET ZSBQdXNoIFNlcnZpY2VzOiBjb20ucHJvY2Vzc21ha2VyLlByb2Nlc3NNYWtlcjET
MBEGA1UECwwKOTQyUVA3UUpFOTEZMBcGA1UECgwQUHJvY2Vzc01ha2VyIEluYzEL MBEGA1UECwwKOTQyUVA3UUpFOTEZMBcGA1UECgwQUHJvY2Vzc01ha2VyIEluYzEL
MAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsX8rt MAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwQgZG
KIHrXR6KQpCRFVMOPEpPesTAVUQR5tYk1YdJv/b0MwwcfJk2tu7z8raIOnzm7/Su uKp6qEd1Uwgh0qmJLEFlMaIPjxkY+mGjbZyZys73oenLHgPwPukm+64oPdxs7UXl
FEFKzFGZBWwN9/yvSdmCcmhjm4UqKgaHErD+S5QsP0tkIZvBud776sNFkS0k0rx8 ZifbWYU4rHbQDEkmOC4GyQU5n9s4zgNtgTqCpab3BuODA/1ffm2OullK1SHmS0cG
xXYjCHVk7v2M0UEGadVbxmkZawAbbubyVjREGGjBe6kwTzRHEo2OUXtZkwCF8s6W Cm8WC93SDa9nmF5xIaiUBbfOsZGcjUKM+MTn/5ETWoZEBUqlf5PKPGZ63/99Q/pj
dd9SeS653Mn1estlDwqDl38uKF/rcl0Hfav3GP208FdxnPlK4KaCRwdBoTneOLHw UxNftY3LTE3o37GYATxFX/sIFtB98vB5hcTdt4zfXHzwisAtqQpkuWIGd5nULX5w
ndUlRmprM1wW0+7SEte+nNbGW4jnMJUTVEgOlUKsPQhsz0vY4JdYT/m9UOapLiQL JzlAUjq4werqQhg/k/OAw7kL/JP/PDHpgrbCoO9BZTsAD8H21aZDZR1uDSFSa4H/
a4BlP23BEQDm1wBJAgMBAAGjggKQMIICjDAdBgNVHQ4EFgQUjRosATP+9HjdasRI 2FeWj286U6Uu10XfAgMBAAGjggKQMIICjDAdBgNVHQ4EFgQUZtV15ABNLGW8Kjjp
GTumZ1QGXaIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSIJxcJqbYYYIvs67r2 yUaQl6f5eRowDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSIJxcJqbYYYIvs67r2
R1nFUlSjtzCCARwGA1UdIASCARMwggEPMIIBCwYJKoZIhvdjZAUBMIH9MIHDBggr R1nFUlSjtzCCARwGA1UdIASCARMwggEPMIIBCwYJKoZIhvdjZAUBMIH9MIHDBggr
BgEFBQcCAjCBtgyBs1JlbGlhbmNlIG9uIHRoaXMgY2VydGlmaWNhdGUgYnkgYW55 BgEFBQcCAjCBtgyBs1JlbGlhbmNlIG9uIHRoaXMgY2VydGlmaWNhdGUgYnkgYW55
IHBhcnR5IGFzc3VtZXMgYWNjZXB0YW5jZSBvZiB0aGUgdGhlbiBhcHBsaWNhYmxl IHBhcnR5IGFzc3VtZXMgYWNjZXB0YW5jZSBvZiB0aGUgdGhlbiBhcHBsaWNhYmxl
@@ -27,44 +27,85 @@ BgoqhkiG92NkBgMBBAIFADAQBgoqhkiG92NkBgMCBAIFADCBoAYKKoZIhvdjZAYD
BgSBkTCBjgwdY29tLnByb2Nlc3NtYWtlci5Qcm9jZXNzTWFrZXIwBQwDYXBwDCJj BgSBkTCBjgwdY29tLnByb2Nlc3NtYWtlci5Qcm9jZXNzTWFrZXIwBQwDYXBwDCJj
b20ucHJvY2Vzc21ha2VyLlByb2Nlc3NNYWtlci52b2lwMAYMBHZvaXAMKmNvbS5w b20ucHJvY2Vzc21ha2VyLlByb2Nlc3NNYWtlci52b2lwMAYMBHZvaXAMKmNvbS5w
cm9jZXNzbWFrZXIuUHJvY2Vzc01ha2VyLmNvbXBsaWNhdGlvbjAODAxjb21wbGlj cm9jZXNzbWFrZXIuUHJvY2Vzc01ha2VyLmNvbXBsaWNhdGlvbjAODAxjb21wbGlj
YXRpb24wDQYJKoZIhvcNAQELBQADggEBAIkizqjhmF+YyQJJDYGsqa6/mx9xeNAa YXRpb24wDQYJKoZIhvcNAQELBQADggEBADLO70r/cMu7M2A1xNu356IBL4vOtGK7
rUQj5n156drHN7YG579X2seI4NemlOU72jwyqZR4QJUaLukxQiVVA0vT6OUPbRN1 nKaAxnjt7aZB+qGTz9xzjH0sHKIefAtlTTSzUzcR/9+gprKt4cdmwgV0zWBpO0UU
iDBf24UhoYj9pQsluCbHK2bh2h7TrNF5bqU4vJ8d97F9eS0Q4zJUVqHlrxJLCcSU 7Nu0WreMJKKJ1COO26d8WywvaNdWWHH7+lksZBJFiqFcYvECu3CaMoe77PUqKrWy
UoAPxLwxXHcU9z2w7l57J+rEKdjs10rPis1kNiFkKAcF/LJy6qg6+IpEWYJH2Pml R/7MhsHtTsMLz/IMATgMU32NTUs3qKElXjHwTOyE2c+n5VYNoDDMUpx//mbZ5K1B
R3sc26uxd9i83q9EjA6seMQIu3dTp3KoMlrvA3XvxXYlgQ0xHWpRmV7/dhF2J16F zA12bA2lg5VLXq4yA9p2Xc2JBg647CXcMQdzPphQ/NZaetcfmE0F01FAF3dfhmmX
nc8/Yh7yz0QI9nlTNBHDKvZbeJqANIyvf0i6GIjGE8B8cw883zIkgE4= jbNoPanngYpPEUVR6kt4MpB/3SeBXgU3HPhBIo7vtfIwI0wT+QlB5bw=
-----END CERTIFICATE----- -----END CERTIFICATE-----
Bag Attributes Bag Attributes
friendlyName: ProcessMaker Production friendlyName: Apple Push Services: com.processmaker.ProcessMaker
localKeyID: 8D 1A 2C 01 33 FE F4 78 DD 6A C4 48 19 3B A6 67 54 06 5D A2 localKeyID: 66 D5 75 E4 00 4D 2C 65 BC 2A 38 E9 C9 46 90 97 A7 F9 79 1A
subject=/UID=com.processmaker.ProcessMaker/CN=Apple Push Services: com.processmaker.ProcessMaker/OU=942QP7QJE9/O=ProcessMaker Inc/C=US
issuer=/C=US/O=Apple Inc./OU=Apple Worldwide Developer Relations/CN=Apple Worldwide Developer Relations Certification Authority
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgIIC2XzArbAqykwDQYJKoZIhvcNAQELBQAwgZYxCzAJBgNV
BAYTAlVTMRMwEQYDVQQKDApBcHBsZSBJbmMuMSwwKgYDVQQLDCNBcHBsZSBXb3Js
ZHdpZGUgRGV2ZWxvcGVyIFJlbGF0aW9uczFEMEIGA1UEAww7QXBwbGUgV29ybGR3
aWRlIERldmVsb3BlciBSZWxhdGlvbnMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
HhcNMTcxMDA0MTM0MzMwWhcNMTgxMTAzMTM0MzMwWjCBqTEtMCsGCgmSJomT8ixk
AQEMHWNvbS5wcm9jZXNzbWFrZXIuUHJvY2Vzc01ha2VyMTswOQYDVQQDDDJBcHBs
ZSBQdXNoIFNlcnZpY2VzOiBjb20ucHJvY2Vzc21ha2VyLlByb2Nlc3NNYWtlcjET
MBEGA1UECwwKOTQyUVA3UUpFOTEZMBcGA1UECgwQUHJvY2Vzc01ha2VyIEluYzEL
MAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwQgZG
uKp6qEd1Uwgh0qmJLEFlMaIPjxkY+mGjbZyZys73oenLHgPwPukm+64oPdxs7UXl
ZifbWYU4rHbQDEkmOC4GyQU5n9s4zgNtgTqCpab3BuODA/1ffm2OullK1SHmS0cG
Cm8WC93SDa9nmF5xIaiUBbfOsZGcjUKM+MTn/5ETWoZEBUqlf5PKPGZ63/99Q/pj
UxNftY3LTE3o37GYATxFX/sIFtB98vB5hcTdt4zfXHzwisAtqQpkuWIGd5nULX5w
JzlAUjq4werqQhg/k/OAw7kL/JP/PDHpgrbCoO9BZTsAD8H21aZDZR1uDSFSa4H/
2FeWj286U6Uu10XfAgMBAAGjggKQMIICjDAdBgNVHQ4EFgQUZtV15ABNLGW8Kjjp
yUaQl6f5eRowDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSIJxcJqbYYYIvs67r2
R1nFUlSjtzCCARwGA1UdIASCARMwggEPMIIBCwYJKoZIhvdjZAUBMIH9MIHDBggr
BgEFBQcCAjCBtgyBs1JlbGlhbmNlIG9uIHRoaXMgY2VydGlmaWNhdGUgYnkgYW55
IHBhcnR5IGFzc3VtZXMgYWNjZXB0YW5jZSBvZiB0aGUgdGhlbiBhcHBsaWNhYmxl
IHN0YW5kYXJkIHRlcm1zIGFuZCBjb25kaXRpb25zIG9mIHVzZSwgY2VydGlmaWNh
dGUgcG9saWN5IGFuZCBjZXJ0aWZpY2F0aW9uIHByYWN0aWNlIHN0YXRlbWVudHMu
MDUGCCsGAQUFBwIBFilodHRwOi8vd3d3LmFwcGxlLmNvbS9jZXJ0aWZpY2F0ZWF1
dGhvcml0eTAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vY3JsLmFwcGxlLmNvbS93
d2RyY2EuY3JsMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAjAQ
BgoqhkiG92NkBgMBBAIFADAQBgoqhkiG92NkBgMCBAIFADCBoAYKKoZIhvdjZAYD
BgSBkTCBjgwdY29tLnByb2Nlc3NtYWtlci5Qcm9jZXNzTWFrZXIwBQwDYXBwDCJj
b20ucHJvY2Vzc21ha2VyLlByb2Nlc3NNYWtlci52b2lwMAYMBHZvaXAMKmNvbS5w
cm9jZXNzbWFrZXIuUHJvY2Vzc01ha2VyLmNvbXBsaWNhdGlvbjAODAxjb21wbGlj
YXRpb24wDQYJKoZIhvcNAQELBQADggEBADLO70r/cMu7M2A1xNu356IBL4vOtGK7
nKaAxnjt7aZB+qGTz9xzjH0sHKIefAtlTTSzUzcR/9+gprKt4cdmwgV0zWBpO0UU
7Nu0WreMJKKJ1COO26d8WywvaNdWWHH7+lksZBJFiqFcYvECu3CaMoe77PUqKrWy
R/7MhsHtTsMLz/IMATgMU32NTUs3qKElXjHwTOyE2c+n5VYNoDDMUpx//mbZ5K1B
zA12bA2lg5VLXq4yA9p2Xc2JBg647CXcMQdzPphQ/NZaetcfmE0F01FAF3dfhmmX
jbNoPanngYpPEUVR6kt4MpB/3SeBXgU3HPhBIo7vtfIwI0wT+QlB5bw=
-----END CERTIFICATE-----
Bag Attributes
friendlyName: ProcessMaker Prod Key
localKeyID: 66 D5 75 E4 00 4D 2C 65 BC 2A 38 E9 C9 46 90 97 A7 F9 79 1A
Key Attributes: <No Attributes> Key Attributes: <No Attributes>
-----BEGIN RSA PRIVATE KEY----- -----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,BC1E17B433FB3A98 DEK-Info: DES-EDE3-CBC,6D70077A389A3A8C
lSsYwz/4sOIm/By9K4RfK7EpoyDRBvC9T58UJKgKS9vuwhNusNb1snPU+Bu+Xk/k bziMWwK5LMeP0dIM2wHeO6juXqzmtH/U9FW5GAZuJEKt0zYAyv1DmEJFfyMMZmob
/lIxq5Dvrg64ZtIvqSK67Pj+KQ6RkUmNE/bcHnewV/pTZIqpOdhI3jW2r63KdVPZ 4j+LfvfdZVium6cIEkC+JMPFwW0dSRQNgA6I44E2AT73MTQr6u7pZi/QiQ09CJCQ
/xo663ujEgDIEytPWMP1/bMygfXOAgl5xk3Z6omqV0AvVjxlabvz5uftlEuHI1wy JjFJ2Q08ZgHQXrJMy62PeHO+uWOQW6YuI5aNC/K+AdvIwNyzlCj/HNWcf7IeSaeE
Hws6q8D5sk7vtSheqYwq+J9hqHONqU1UOKaLSr+x2oQIEcqcVl38NdSqNqwoN9KN urH5/dL1cVSfpeBXMsqfYSAcfTZOXgAb8BRwngi+RSGNQ6SawEl53vm94gDSH3Mi
rv18hNuhW3RUnkX+FLSGkPzbNfsHvtoHqnlFafEzELd5dwmHEfLUHORgTQCI6Tew 3tzCsDcw0Gw5Wu1d/755Zzakl48LOqxLzptbOr5QbJK5BeGhE0y3Db+rYNpG3fzw
1qYvzXIzqFKbUrkcAf0RPcciIUn0dfsndMBb9DkF0iw0iJmJ9kt7TbtZD8oj7Hbj I3YdZTMhkzaigG4xp/BLyLL2tgGzSIGg8BARMHF/GkXcdKBJyQrweXMkhhoeYxr2
gJKVO55ob5xdNqiXXIPoQmhOWV29n15q7jLJgUpu40McMbYQ+L9xIYRjRB5l0E3j dzWurOd0Bkw3DJXONE9uPNQb/i33TYmflQMhWJFlHkKhkHlIgAu5cIzTwRNbHCF7
evymHbXeZB4HqBExZVDPtS/Ue/ewOzSL6O/bdZLbnzQ4dC6sH+rvBJdPzcPBD1rL aRKiHz5uL+/WufgVlw62JZp9JZ1mPsmJINba4BAT9i9zkUnPvxYN/GB5Z2Ttz1nj
4bwArf1gfHgLgsgHkmUg10cjgsbDgtc6NklyNV542iDOSUeYtE4zau7sU+u7yCjb ylyGiAtdAZ7l05OWd7I9gEUTce8dsojThIun3QQ1UFCRJUmg38Dp/XxMzWP5IpTb
WoJPWS95zDK/4sDQB3moUOxxUUs79dyElsiDtVbjh8PuPLhpw4KLX7gf+7Cj2RC2 E2McM90jyN+M8gII2KU6U5uqTXDiMMFiXFa9WlTc4xIkHNQLINDASBgUQr7pIqth
vLgk2O/xfZRH2OiJxdh+eNVjSFrZGdhQ7ovlV5N+K6/hAtiH4dFBiuN6ptRB9HrI UTvU4YoST6wma9BNYAuGX9ga6uEg94kmVXrUEBZWI13T56bSpw4cyvzSJvNwcH8m
CQaHwuzqpAWxMAQcCTnTIl+UcGjmKtR7PC3wc2zotH0alRESMbOKcAZuFLgOlCHq nClVXMIrysoGgQ1Gxs6G2xWTduXysK5E26bY6Gypk9VPMUyo6oVENnY3EQs3Cj/R
c9TYSHuueNO62b09XAUROHgxS7zpoNYwz3jsgLtLRSeKKWa6cP2i/NsAbBxgkyxJ W2vyz1t05xPonPxmun2mFTQQvgSbbkfUbuL02tBQXxkWNoo5rCAVuRMFlVjFzIEF
h0+cXYI9uMZ1QSojRP05k0TfJ3m0aTfI9r4zipuPPIWMZTfKDpmtBGSK6xJ5TGwH qZ3uiU8ui5Nj1Tc5SAosuoTu53vLp4ynn9A5WVmLXdE1DucCXTumN8teISF69cUU
KQijKqV37/L5uVUHfWqOWdcgy22/pa0VFigSB10oCalEF4CJY600S3MYd5e8JWC3 XYVy2Ch39LxUGumWTSVZNDJBJgSFtiNxCmpwS4jQsNRF9piK/T+t3INSXRcRB9mF
B9c86m36BI7/7/V/gn9UmPqWRZNIKMVLb8fHiSMLAtdvdwNkN8bvEpHCxa6dT8aS f3DYOrjor6TTu0hEppZosIUfoo7EDgplfMK5x9ZjL8JWSWEqA2U2JoRbe9ucMkGy
gnRqOgaqSU8r6kIjaHH3wsu5vwfKygHUMlpaXntDyUC8jNm2AEMjc79cVdxFGZV+ wbFTsbyg9NNSdF1jEZUEKWKr7dT3ShPHhut/F9HOi5KvbMAgUf0HnYgUsCTYhZru
eu89Tu9iQFTE3L1y9aUFRDQernmyxqPj6ehrqkb4bPjhkYm5Zl5WJKK+Xu8y81em UbVf8cWnfYPyVUW3Doa12/uSpqwrHzOduexb1LzO0mukdfyR7UhY/rRv5w4KkTXJ
N+o12ewdsv6JJhQ7Q4+198DA2YuArLetlJiaxgtJw5xgySfm7gFRztKaH7XEdtfT +zlNncWiSZQiDJq053i8UYhDj0U7+YzmpxE/BUU5HwMcZ8wtl0MDac66Z1YXkqgs
kIampxWmoG/Ymcw0UBdEDAIi4kKkOjMpB6tO9sQ+1GZ0op8mjyrvYUefcejRqOyD bO2dK71tNQ1D5msmDDP+Cw0W4wLdRiJn8FNF5oBl2QYMyTyclduhrlCMp8VgnMmT
EE5ACaUUvK8e6qEcpe9R/v4RBJu+V0h+Bj/JzMx27iu9T5RuCZSsw8ll3SfgTrpp mDrygATrWoaToSiR+Mc6D7rOLyHt+29HMtFx1Lgs3jpgzLQ4nBWBtLN5uxkxTclH
Z7P1yoR1WWkSMCmlHUFAyMW1PhD1EIiZZ1c5Lr/OcmHAYXbG5YusULRvD1XBd9uv W35sMR2eDYiM7nEO9TJSBlC8lkFiGsv4xYYK8gLEZ2h7OMPrO/9L9CmHk/v3Ts8I
TtYo1CBznMAa+tI1TgAb1j61asYLREmER11R9hBYgnDei2/xTO4N0VDIkBaY7GEz wSt0FiVZNP4JEL0NZ5nSZMnDT0R47CuFkEgf271Um4lNPPRV7mPA0fWkKXt59FeK
KJVCEAxR/7VxHGosAji5gP78J/2hUMmkQSxQeRj4G/mCBrbibU+SPlv4oWMpgQoj LoBZYkGes/QliAUWdY44tVKgg6oIM6IqubsO92Hru5o36Px7ucVoqiNHnSy1lo/v
La5yGDm+HsVb3sXGCCPyGGajxIwoiYRubdwIiJ72BCLrBkUnH7TXrgptY657nDHK KAfvW9/40XJ+z1JUTYwreaLoO+Wlk0Irkvv4Fro0KTA8rXDNFm/JL2gkgknEae4i
-----END RSA PRIVATE KEY----- -----END RSA PRIVATE KEY-----

1
workflow/engine/config/schema.xml
View File

@@ -5673,6 +5673,7 @@
<column name="PLUGIN_CSS" type="LONGVARCHAR"/> <column name="PLUGIN_CSS" type="LONGVARCHAR"/>
<column name="PLUGIN_JS" type="LONGVARCHAR"/> <column name="PLUGIN_JS" type="LONGVARCHAR"/>
<column name="PLUGIN_REST_SERVICE" type="LONGVARCHAR"/> <column name="PLUGIN_REST_SERVICE" type="LONGVARCHAR"/>
<column name="PLUGIN_TASK_EXTENDED_PROPERTIES" type="LONGVARCHAR"/>
<column name="PLUGIN_ATTRIBUTES" type="LONGVARCHAR"/> <column name="PLUGIN_ATTRIBUTES" type="LONGVARCHAR"/>
</table> </table>
</database> </database>

19
workflow/engine/controllers/admin.php
View File

@@ -196,15 +196,20 @@ class Admin extends Controller
$this->render('extJs'); $this->render('extJs');
} }
function getSystemInfo () public function getSystemInfo()
{ {
$this->setResponseType( 'json' ); global $RBAC;
$infoList = $this->_getSystemInfo(); $RBAC->requirePermissions('PM_SETUP_ADVANCE');
$data = array ();
foreach ($infoList as $row) { $this->setResponseType('json');
$data[] = array ('label' => $row[0],'value' => $row[1],'section' => $row[2] $data = [];
);
foreach ($this->_getSystemInfo() as $row) {
$data[] = [
'label' => $row[0],
'value' => $row[1],
'section' => $row[2]
];
} }
return $data; return $data;
} }

1
workflow/engine/data/mysql/schema.sql
View File

@@ -3177,6 +3177,7 @@ CREATE TABLE `PLUGINS_REGISTRY`
`PLUGIN_CSS` MEDIUMTEXT, `PLUGIN_CSS` MEDIUMTEXT,
`PLUGIN_JS` MEDIUMTEXT, `PLUGIN_JS` MEDIUMTEXT,
`PLUGIN_REST_SERVICE` MEDIUMTEXT, `PLUGIN_REST_SERVICE` MEDIUMTEXT,
`PLUGIN_TASK_EXTENDED_PROPERTIES` MEDIUMTEXT,
`PLUGIN_ATTRIBUTES` MEDIUMTEXT, `PLUGIN_ATTRIBUTES` MEDIUMTEXT,
PRIMARY KEY (`PR_UID`) PRIMARY KEY (`PR_UID`)
)ENGINE=InnoDB ; )ENGINE=InnoDB ;

6
workflow/engine/methods/login/authentication.php
View File

@@ -182,14 +182,12 @@ try {
$oPluginRegistry->executeTriggers ( PM_LOGIN , $loginInfo ); $oPluginRegistry->executeTriggers ( PM_LOGIN , $loginInfo );
} }
EnterpriseClass::enterpriseSystemUpdate($loginInfo); EnterpriseClass::enterpriseSystemUpdate($loginInfo);
$_SESSION['USER_LOGGED'] = $uid; initUserSession($uid, $usr);
$_SESSION['USR_USERNAME'] = $usr;
} else { } else {
setcookie("singleSignOn", '1', time() + (24 * 60 * 60), '/'); setcookie("singleSignOn", '1', time() + (24 * 60 * 60), '/');
$uid = $RBAC->userObj->fields['USR_UID']; $uid = $RBAC->userObj->fields['USR_UID'];
$usr = $RBAC->userObj->fields['USR_USERNAME']; $usr = $RBAC->userObj->fields['USR_USERNAME'];
$_SESSION['USER_LOGGED'] = $uid; initUserSession($uid, $usr);
$_SESSION['USR_USERNAME'] = $usr;
} }
//Set default Languaje //Set default Languaje

7
workflow/engine/methods/login/authenticationSso.php
View File

@@ -129,9 +129,10 @@ try {
setcookie('singleSignOn', '1', time() + (24 * 60 * 60), '/'); setcookie('singleSignOn', '1', time() + (24 * 60 * 60), '/');
$_SESSION['USER_LOGGED'] = $_SESSION['__USER_LOGGED_SSO__']; initUserSession(
$_SESSION['USR_USERNAME'] = $_SESSION['__USR_USERNAME_SSO__']; $_SESSION['__USER_LOGGED_SSO__'],
$_SESSION['__USR_USERNAME_SSO__']
);
unset($_SESSION['__USER_LOGGED_SSO__'], $_SESSION['__USR_USERNAME_SSO__']); unset($_SESSION['__USER_LOGGED_SSO__'], $_SESSION['__USR_USERNAME_SSO__']);
G::header('Location: ' . $location); G::header('Location: ' . $location);

1
workflow/engine/methods/processes/processes_Import_Bpmn.php
View File

@@ -4,7 +4,6 @@ ini_set("max_execution_time", 0);
$filter = new InputFilter(); $filter = new InputFilter();
$_FILES = $filter->xssFilterHard($_FILES); $_FILES = $filter->xssFilterHard($_FILES);
$_SESSION['USER_LOGGED'] = $filter->xssFilterHard($_SESSION['USER_LOGGED']);
if (isset($_FILES["PROCESS_FILENAME"]) && if (isset($_FILES["PROCESS_FILENAME"]) &&
pathinfo($_FILES["PROCESS_FILENAME"]["name"], PATHINFO_EXTENSION) == "bpmn" pathinfo($_FILES["PROCESS_FILENAME"]["name"], PATHINFO_EXTENSION) == "bpmn"

3
workflow/engine/methods/services/webentry/anonymousLogin.php
View File

@@ -24,8 +24,7 @@ try {
throw new \Exception('WebEntry User not found'); throw new \Exception('WebEntry User not found');
} }
$_SESSION['USER_LOGGED'] = $userUid; initUserSession($userUid, $userInfo['username']);
$_SESSION['USR_USERNAME'] = $userInfo['username'];
$result = [ $result = [
'user_logged' => $userUid, 'user_logged' => $userUid,

1
workflow/engine/methods/users/usersAjax.php
View File

@@ -129,6 +129,7 @@ switch ($_POST['action']) {
case 'saveUser': case 'saveUser':
case 'savePersonalInfo': case 'savePersonalInfo':
try { try {
verifyCsrfToken($_POST);
$user = new \ProcessMaker\BusinessModel\User(); $user = new \ProcessMaker\BusinessModel\User();
$form = $_POST; $form = $_POST;
$permissionsToSaveData = $user->getPermissionsForEdit(); $permissionsToSaveData = $user->getPermissionsForEdit();

3
workflow/engine/skinEngine/skinEngine.php
View File

@@ -261,9 +261,11 @@ class SkinEngine
$template = new TemplatePower($templateFile); $template = new TemplatePower($templateFile);
$template->prepare(); $template->prepare();
$header = '<meta name="csrf-token" content="' . csrfToken() . '" />' . "\n" . $header;
$template->assign('header', $header); $template->assign('header', $header);
$template->assign('styles', $styles); $template->assign('styles', $styles);
$template->assign('bodyTemplate', $body); $template->assign('bodyTemplate', $body);
$template->assign('csrf_token', csrfToken());
$doctype = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">"; $doctype = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">";
$meta = null; $meta = null;
@@ -569,6 +571,7 @@ class SkinEngine
$smarty->cache_dir = PATH_SMARTY_CACHE; $smarty->cache_dir = PATH_SMARTY_CACHE;
$smarty->config_dir = PATH_THIRDPARTY . 'smarty/configs'; $smarty->config_dir = PATH_THIRDPARTY . 'smarty/configs';
$smarty->register_function('translate', 'translate'); $smarty->register_function('translate', 'translate');
$smarty->register_function('csrf_token', 'csrfToken');
$viewVars = $oHeadPublisher->getVars(); $viewVars = $oHeadPublisher->getVars();

1
workflow/engine/src/ProcessMaker/Plugins/Adapters/PluginAdapter.php
View File

@@ -90,6 +90,7 @@ class PluginAdapter
'_aJavascripts' => ['name' => 'PLUGIN_JS', 'type' => 'array'], '_aJavascripts' => ['name' => 'PLUGIN_JS', 'type' => 'array'],
'_aJs' => ['name' => 'PLUGIN_JS', 'type' => 'array'], '_aJs' => ['name' => 'PLUGIN_JS', 'type' => 'array'],
'_restServices' => ['name' => 'PLUGIN_REST_SERVICE', 'type' => 'array'], '_restServices' => ['name' => 'PLUGIN_REST_SERVICE', 'type' => 'array'],
'_aTaskExtendedProperties' => ['name' => 'PLUGIN_TASK_EXTENDED_PROPERTIES', 'type' => 'array'],
]; ];
/** /**

11
workflow/engine/src/ProcessMaker/Plugins/PluginRegistry.php
View File

@@ -854,12 +854,19 @@ class PluginRegistry
} }
if ($found) { if ($found) {
require_once($classFile); require_once($classFile);
$sClassName = substr($this->_aPluginDetails[$trigger->getNamespace()]->getClassName(), 0, 1) . $sClassNameA = substr($this->_aPluginDetails[$trigger->getNamespace()]->getClassName(), 0, 1) .
str_replace( str_replace(
'plugin', ['Plugin','plugin'],
'Class',
substr($this->_aPluginDetails[$trigger->getNamespace()]->getClassName(), 1)
);
$sClassNameB = substr($this->_aPluginDetails[$trigger->getNamespace()]->getClassName(), 0, 1) .
str_replace(
['Plugin','plugin'],
'class', 'class',
substr($this->_aPluginDetails[$trigger->getNamespace()]->getClassName(), 1) substr($this->_aPluginDetails[$trigger->getNamespace()]->getClassName(), 1)
); );
$sClassName = class_exists($sClassNameA) ? $sClassNameA : $sClassNameB;
$obj = new $sClassName(); $obj = new $sClassName();
$methodName = $trigger->getTriggerName(); $methodName = $trigger->getTriggerName();
$response = $obj->{$methodName}($oData); $response = $obj->{$methodName}($oData);

32
workflow/engine/src/ProcessMaker/Services/Api/Project.php
View File

@@ -16,12 +16,10 @@ use ProcessMaker\Project\Adapter\BpmnWorkflow;
use Exception; use Exception;
/** /**
* Class Project
*
* @package Services\Api\ProcessMaker * @package Services\Api\ProcessMaker
* @author Erik Amaru Ortiz <aortiz.erik@gmail.com, erik@colosa.com>
*
* @protected * @protected
* @access protected
* @class AccessControl {@permission PM_FACTORY}
*/ */
class Project extends Api class Project extends Api
{ {
@@ -53,7 +51,6 @@ class Project extends Api
/** /**
* @url GET /:prj_uid * @url GET /:prj_uid
*
* @param string $prj_uid {@min 32}{@max 32} * @param string $prj_uid {@min 32}{@max 32}
*/ */
public function doGetProject($prj_uid) public function doGetProject($prj_uid)
@@ -75,10 +72,6 @@ class Project extends Api
* *
* @param string $prj_name * @param string $prj_name
* @param array $request_data * @param array $request_data
*
* @author Brayan Pereyra (Cochalo) <brayan@colosa.com>
* @copyright Colosa - Bolivia
*
* @url POST * @url POST
* @status 201 * @status 201
*/ */
@@ -97,7 +90,6 @@ class Project extends Api
/** /**
* @url PUT /:prj_uid * @url PUT /:prj_uid
*
* @param string $prj_uid {@min 32}{@max 32} * @param string $prj_uid {@min 32}{@max 32}
*/ */
public function doPutProject($prj_uid, $request_data) public function doPutProject($prj_uid, $request_data)
@@ -141,11 +133,10 @@ class Project extends Api
/** /**
* Bulk actions * Bulk actions
*
* @url POST /bulk * @url POST /bulk
*
* @access protected * @access protected
* @class AccessControl {@permission PM_FACTORY} * @class AccessControl {@permission PM_FACTORY}
*
* @param array $request_data * @param array $request_data
* @return array $response * @return array $response
* @throws Exception * @throws Exception
@@ -162,7 +153,6 @@ class Project extends Api
/** /**
* @url GET /:prj_uid/export/listObjects * @url GET /:prj_uid/export/listObjects
*
* @param string $prj_uid {@min 32}{@max 32} * @param string $prj_uid {@min 32}{@max 32}
* @return mixed|string * @return mixed|string
* @throws RestException * @throws RestException
@@ -180,7 +170,6 @@ class Project extends Api
/** /**
* @url GET /:prj_uid/export-granular * @url GET /:prj_uid/export-granular
*
* @param string $prj_uid {@min 32}{@max 32} * @param string $prj_uid {@min 32}{@max 32}
* @param string $objects * @param string $objects
*/ */
@@ -203,7 +192,6 @@ class Project extends Api
/** /**
* @url GET /:prj_uid/export * @url GET /:prj_uid/export
*
* @param string $prj_uid {@min 32}{@max 32} * @param string $prj_uid {@min 32}{@max 32}
*/ */
public function export($prj_uid) public function export($prj_uid)
@@ -230,9 +218,7 @@ class Project extends Api
/** /**
* @url POST /import * @url POST /import
*
* @param array $request_data * @param array $request_data
*
* @status 201 * @status 201
*/ */
public function doPostImport(array $request_data, $option = null, $option_group = null) public function doPostImport(array $request_data, $option = null, $option_group = null)
@@ -260,7 +246,6 @@ class Project extends Api
/** /**
* @url POST /save-as * @url POST /save-as
*
* @param string $prj_uid {@from body} * @param string $prj_uid {@from body}
* @param string $prj_name {@from body} * @param string $prj_name {@from body}
* @param string $prj_description {@from body} * @param string $prj_description {@from body}
@@ -274,7 +259,6 @@ class Project extends Api
/** /**
* @url GET /:prj_uid/process * @url GET /:prj_uid/process
*
* @param string $prj_uid {@min 32}{@max 32} * @param string $prj_uid {@min 32}{@max 32}
*/ */
public function doGetProcess($prj_uid) public function doGetProcess($prj_uid)
@@ -295,7 +279,6 @@ class Project extends Api
/** /**
* @url PUT /:prj_uid/process * @url PUT /:prj_uid/process
*
* @param string $prj_uid {@min 32}{@max 32} * @param string $prj_uid {@min 32}{@max 32}
* @param array $request_data * @param array $request_data
*/ */
@@ -315,9 +298,7 @@ class Project extends Api
/** /**
* @url POST /generate-bpmn * @url POST /generate-bpmn
*
* @param array $request_data * @param array $request_data
*
* @status 201 * @status 201
*/ */
public function doPostGenerateBpmn(array $request_data) public function doPostGenerateBpmn(array $request_data)
@@ -353,7 +334,6 @@ class Project extends Api
/** /**
* @url GET /:prj_uid/dynaforms * @url GET /:prj_uid/dynaforms
*
* @param string $prj_uid {@min 32}{@max 32} * @param string $prj_uid {@min 32}{@max 32}
*/ */
public function doGetDynaForms($prj_uid) public function doGetDynaForms($prj_uid)
@@ -373,7 +353,6 @@ class Project extends Api
/** /**
* @url GET /:prj_uid/input-documents * @url GET /:prj_uid/input-documents
*
* @param string $prj_uid {@min 32}{@max 32} * @param string $prj_uid {@min 32}{@max 32}
*/ */
public function doGetInputDocuments($prj_uid) public function doGetInputDocuments($prj_uid)
@@ -393,7 +372,6 @@ class Project extends Api
/** /**
* @url GET /:prj_uid/variables * @url GET /:prj_uid/variables
*
* @param string $prj_uid {@min 32}{@max 32} * @param string $prj_uid {@min 32}{@max 32}
*/ */
public function doGetVariables($prj_uid) public function doGetVariables($prj_uid)
@@ -414,7 +392,6 @@ class Project extends Api
/** /**
* @url GET /:prj_uid/grid/variables * @url GET /:prj_uid/grid/variables
* @url GET /:prj_uid/grid/:grid_uid/variables * @url GET /:prj_uid/grid/:grid_uid/variables
*
* @param string $prj_uid {@min 32}{@max 32} * @param string $prj_uid {@min 32}{@max 32}
* @param string $grid_uid * @param string $grid_uid
*/ */
@@ -435,7 +412,6 @@ class Project extends Api
/** /**
* @url GET /:prj_uid/trigger-wizards * @url GET /:prj_uid/trigger-wizards
*
* @param string $prj_uid {@min 32}{@max 32} * @param string $prj_uid {@min 32}{@max 32}
*/ */
public function doGetTriggerWizards($prj_uid) public function doGetTriggerWizards($prj_uid)
@@ -455,7 +431,6 @@ class Project extends Api
/** /**
* @url PUT /:prj_uid/update-route-order * @url PUT /:prj_uid/update-route-order
*
* @param string $prj_uid {@min 32}{@max 32} * @param string $prj_uid {@min 32}{@max 32}
*/ */
public function doPutUpdateRouteOrder($prj_uid, $request_data) public function doPutUpdateRouteOrder($prj_uid, $request_data)
@@ -471,7 +446,6 @@ class Project extends Api
/** /**
* @url PUT /:prj_uid/update-route-order-from-project * @url PUT /:prj_uid/update-route-order-from-project
*
* @param string $prj_uid {@min 32}{@max 32} * @param string $prj_uid {@min 32}{@max 32}
*/ */
public function doPutUpdateRouteOrderFromProject($prj_uid) public function doPutUpdateRouteOrderFromProject($prj_uid)

47
workflow/engine/src/ProcessMaker/Util/helpers.php
View File

@@ -1,4 +1,8 @@
<?php <?php
use Illuminate\Session\TokenMismatchException;
use Illuminate\Support\Str;
/** /**
* We will send a case note in the actions by email * We will send a case note in the actions by email
* @param object $httpData * @param object $httpData
@@ -361,3 +365,46 @@ function eprintln ($s = "", $c = null)
print "$s\n"; print "$s\n";
} }
} }
/**
* Initialize the user logged session
*/
function initUserSession($usrUid, $usrName)
{
$_SESSION['USER_LOGGED'] = $usrUid;
$_SESSION['USR_USERNAME'] = $usrName;
$_SESSION['USR_CSRF_TOKEN'] = Str::random(40);
}
/**
* Verify token for an incoming request.
*
* @param type $request
* @throws TokenMismatchException
*/
function verifyCsrfToken($request)
{
$headers = getallheaders();
$token = isset($request['_token'])
? $request['_token']
: (isset($headers['X-CSRF-TOKEN'])
? $headers['X-CSRF-TOKEN']
: null);
$match = is_string($_SESSION['USR_CSRF_TOKEN'])
&& is_string($token)
&& !empty($_SESSION['USR_CSRF_TOKEN'])
&& hash_equals($_SESSION['USR_CSRF_TOKEN'], $token);
if (!$match) {
throw new TokenMismatchException();
}
}
/**
* Get the current user CSRF token.
*
* @return string
*/
function csrfToken()
{
return isset($_SESSION['USR_CSRF_TOKEN']) ? $_SESSION['USR_CSRF_TOKEN'] : '';
}

7
workflow/engine/templates/users/users.js
View File

@@ -809,6 +809,12 @@ Ext.onReady(function () {
comboDefaultCasesMenuOption comboDefaultCasesMenuOption
] ]
}); });
var csrfToken = {
xtype : 'hidden',
name : '_token',
value : document.querySelector('meta[name="csrf-token"]').content
};
frmDetails = new Ext.FormPanel({ frmDetails = new Ext.FormPanel({
id : 'frmDetails', id : 'frmDetails',
@@ -828,6 +834,7 @@ Ext.onReady(function () {
align : 'center' align : 'center'
}, },
items : [ items : [
csrfToken,
informationFields, informationFields,
/*----------------------------------********---------------------------------*/ /*----------------------------------********---------------------------------*/
costByHour, costByHour,

3
workflow/public_html/bootstrap.php
View File

@@ -644,8 +644,7 @@ use ProcessMaker\Plugins\PluginRegistry;
require_once 'classes/model/Users.php'; require_once 'classes/model/Users.php';
$oUser = new Users(); $oUser = new Users();
$aUser = $oUser->load($aSession['USR_UID']); $aUser = $oUser->load($aSession['USR_UID']);
$_SESSION['USER_LOGGED'] = $aUser['USR_UID']; initUserSession($aUser['USR_UID'], $aUser['USR_USERNAME']);
$_SESSION['USR_USERNAME'] = $aUser['USR_USERNAME'];
$bRedirect = false; $bRedirect = false;
if (PHP_VERSION < 5.2) { if (PHP_VERSION < 5.2) {
setcookie(session_name(), session_id(), time() + $timelife, '/', '; HttpOnly'); setcookie(session_name(), session_id(), time() + $timelife, '/', '; HttpOnly');

106
workflow/public_html/pmGmail/sso.php
View File

@@ -15,7 +15,7 @@ $server = isset($_GET['server']) ? $_GET['server'] : '';
//We do need the server to continue. //We do need the server to continue.
if( !isset($_GET['server']) || $server == "" ){ if( !isset($_GET['server']) || $server == "" ){
throw new \Exception(Bootstrap::LoadTranslation( 'ID_GMAIL_NEED_SERVER' )); throw new \Exception(Bootstrap::LoadTranslation( 'ID_GMAIL_NEED_SERVER' ));
} }
//First check if the feature is enabled in the license. //First check if the feature is enabled in the license.
@@ -53,75 +53,77 @@ curl_close($curl);
$decodedResp = G::json_decode($curl_response); $decodedResp = G::json_decode($curl_response);
if(!is_object($decodedResp) || property_exists($decodedResp,'error')) { if(!is_object($decodedResp) || property_exists($decodedResp,'error')) {
die($decodedResp->error->message); die($decodedResp->error->message);
} }
//getting the enviroment //getting the enviroment
$enviroment = $decodedResp->enviroment; $enviroment = $decodedResp->enviroment;
if(count($decodedResp->user) > 1){ if(count($decodedResp->user) > 1){
echo Bootstrap::LoadTranslation( 'ID_EMAIL_MORE_THAN_ONE_USER' ); echo Bootstrap::LoadTranslation( 'ID_EMAIL_MORE_THAN_ONE_USER' );
die; die;
} else if(count($decodedResp->user) < 1){ } else if(count($decodedResp->user) < 1){
echo Bootstrap::LoadTranslation( 'ID_USER_NOT_FOUND' ); echo Bootstrap::LoadTranslation( 'ID_USER_NOT_FOUND' );
die; die;
} }
//validationg if there is an actual PM session //validationg if there is an actual PM session
if( !isset($_SESSION['USER_LOGGED']) || $_SESSION['USER_LOGGED'] != $decodedResp->user['0']->USR_UID){ if( !isset($_SESSION['USER_LOGGED']) || $_SESSION['USER_LOGGED'] != $decodedResp->user['0']->USR_UID){
$url = 'https://www.googleapis.com/oauth2/v1/tokeninfo?access_token='.$gmailToken; $url = 'https://www.googleapis.com/oauth2/v1/tokeninfo?access_token='.$gmailToken;
// init curl object // init curl object
$ch = curl_init(); $ch = curl_init();
// define options // define options
$optArray = array( $optArray = array(
CURLOPT_URL => $url, CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true, CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false CURLOPT_SSL_VERIFYHOST => false
); );
// apply those options // apply those options
curl_setopt_array($ch, $optArray); curl_setopt_array($ch, $optArray);
// execute request and get response // execute request and get response
$result = curl_exec($ch); $result = curl_exec($ch);
$response = (G::json_decode($result)); $response = (G::json_decode($result));
curl_close($ch); curl_close($ch);
//First validate if this user (mail) corresponds to a PM user //First validate if this user (mail) corresponds to a PM user
if(isset($response->email) && ($gmail == $response->email)){ if(isset($response->email) && ($gmail == $response->email)){
//If the email corresponds I get the username and with the gmail user_id the session is created. //If the email corresponds I get the username and with the gmail user_id the session is created.
if($decodedResp->user['0']->USR_STATUS == "ACTIVE"){ if($decodedResp->user['0']->USR_STATUS == "ACTIVE"){
//User Active! lets create the Session //User Active! lets create the Session
@session_destroy(); @session_destroy();
session_start(); session_start();
session_regenerate_id(); session_regenerate_id();
if (PHP_VERSION < 5.2) {
setcookie("workspaceSkin", $enviroment, time() + (24 * 60 * 60), "/sys" . $enviroment, "; HttpOnly");
} else {
setcookie("workspaceSkin", $enviroment, time() + (24 * 60 * 60), "/sys" . $enviroment, null, false, true);
}
$_SESSION = array(); if (PHP_VERSION < 5.2) {
$_SESSION['__EE_INSTALLATION__'] = 2; setcookie("workspaceSkin", $enviroment, time() + (24 * 60 * 60), "/sys" . $enviroment, "; HttpOnly");
$_SESSION['__EE_SW_PMLICENSEMANAGER__'] = 1; } else {
$_SESSION['phpLastFileFound'] = ''; setcookie("workspaceSkin", $enviroment, time() + (24 * 60 * 60), "/sys" . $enviroment, null, false, true);
$_SESSION['USERNAME_PREVIOUS1'] = $decodedResp->user['0']->USR_USERNAME; }
$_SESSION['USERNAME_PREVIOUS2'] = $decodedResp->user['0']->USR_USERNAME;
$_SESSION['WORKSPACE'] = $pmws; $_SESSION = array();
$_SESSION['USER_LOGGED'] = $decodedResp->user['0']->USR_UID; $_SESSION['__EE_INSTALLATION__'] = 2;
$_SESSION['USR_USERNAME'] = $decodedResp->user['0']->USR_USERNAME; $_SESSION['__EE_SW_PMLICENSEMANAGER__'] = 1;
$_SESSION['USR_FULLNAME'] = $decodedResp->user['0']->USR_FIRSTNAME. ' ' .$decodedResp->user['0']->USR_LASTNAME; $_SESSION['phpLastFileFound'] = '';
$_SESSION['__sw__'] = 1; $_SESSION['USERNAME_PREVIOUS1'] = $decodedResp->user['0']->USR_USERNAME;
//session created $_SESSION['USERNAME_PREVIOUS2'] = $decodedResp->user['0']->USR_USERNAME;
} else { $_SESSION['WORKSPACE'] = $pmws;
echo Bootstrap::LoadTranslation( 'ID_USER_NOT_ACTIVE' ); $_SESSION['USR_FULLNAME'] = $decodedResp->user['0']->USR_FIRSTNAME. ' ' .$decodedResp->user['0']->USR_LASTNAME;
die; $_SESSION['__sw__'] = 1;
} initUserSession(
} else { $decodedResp->user['0']->USR_UID,
echo Bootstrap::LoadTranslation( 'ID_USER_DOES_NOT_CORRESPOND' ); $decodedResp->user['0']->USR_USERNAME
die; );
} //session created
} else {
echo Bootstrap::LoadTranslation( 'ID_USER_NOT_ACTIVE' );
die;
}
} else {
echo Bootstrap::LoadTranslation( 'ID_USER_DOES_NOT_CORRESPOND' );
die;
}
} }
$_SESSION['server'] = 'https://' . $server . '/sys'. $pmws .'/en/'.$enviroment.'/'; $_SESSION['server'] = 'https://' . $server . '/sys'. $pmws .'/en/'.$enviroment.'/';

24
workflow/public_html/sysGeneric.php
View File

@@ -980,8 +980,10 @@ if (! defined( 'EXECUTE_BY_CRON' )) {
require_once 'classes/model/Users.php'; require_once 'classes/model/Users.php';
$oUser = new Users(); $oUser = new Users();
$aUser = $oUser->load( $aSession['USR_UID'] ); $aUser = $oUser->load( $aSession['USR_UID'] );
$_SESSION['USER_LOGGED'] = $aUser['USR_UID']; initUserSession(
$_SESSION['USR_USERNAME'] = $aUser['USR_USERNAME']; $_SESSION['USER_LOGGED'],
$aUser['USR_USERNAME']
);
$bRedirect = false; $bRedirect = false;
if ((preg_match("/msie/i", $_SERVER ['HTTP_USER_AGENT']) != 1 || if ((preg_match("/msie/i", $_SERVER ['HTTP_USER_AGENT']) != 1 ||
$config['ie_cookie_lifetime'] == 1) && $config['ie_cookie_lifetime'] == 1) &&
@@ -1000,23 +1002,27 @@ if (! defined( 'EXECUTE_BY_CRON' )) {
} }
} }
if ($bRedirect && !isset($_GET["tracker_designer"])) { if (isset($_GET['tracker_designer']) && intval($_GET['tracker_designer']) !== 1) {
if (substr( SYS_SKIN, 0, 2 ) == 'ux' && SYS_SKIN != 'uxs') { // verify if the current skin is a 'ux' variant unset($_GET['tracker_designer']);
}
if ($bRedirect && (!isset($_GET['tracker_designer']) || (!isset($_SESSION['CASE']) && !isset($_SESSION['PIN'])))) {
if (substr(SYS_SKIN, 0, 2) === 'ux' && SYS_SKIN !== 'uxs') { // verify if the current skin is a 'ux' variant
$loginUrl = 'main/login'; $loginUrl = 'main/login';
} else if (strpos( $_SERVER['REQUEST_URI'], '/home' ) !== false) { //verify is it is using the uxs skin for simplified interface } else if (strpos($_SERVER['REQUEST_URI'], '/home') !== false) { //verify is it is using the uxs skin for simplified interface
$loginUrl = 'home/login'; $loginUrl = 'home/login';
} else { } else {
$loginUrl = 'login/login'; // just set up the classic login $loginUrl = 'login/login'; // just set up the classic login
} }
if (empty( $_POST )) { if (empty($_POST)) {
header( 'location: ' . SYS_URI . $loginUrl . '?u=' . urlencode( $_SERVER['REQUEST_URI'] ) ); header('location: ' . SYS_URI . $loginUrl . '?u=' . urlencode($_SERVER['REQUEST_URI']));
} else { } else {
if ($isControllerCall) { if ($isControllerCall) {
header( "HTTP/1.0 302 session lost in controller" ); header("HTTP/1.0 302 session lost in controller");
} else { } else {
header( 'location: ' . SYS_URI . $loginUrl ); header('location: ' . SYS_URI . $loginUrl);
} }
} }
die(); die();