fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote branch 'upstream/master' into PM-2633

Browse Source
This commit is contained in:
dheeyi
2015-05-19 14:03:35 -04:00
parent 0827480828 1bce228197
commit e31956cf23
8 changed files with 103 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
gulliver/system/class.g.php
View File

@@ -463,10 +463,17 @@ class G
* @return void * @return void
*/ */
public static function LoadSystem ($strClass) public static function LoadSystem ($strClass)
{ require_once (PATH_GULLIVER . 'class.inputfilter.php'); {
$filter = new InputFilter();
$path = PATH_GULLIVER . 'class.' . $strClass . '.php'; $path = PATH_GULLIVER . 'class.' . $strClass . '.php';
$path = $filter->validateInput($path, 'path'); if(file_exists(PATH_GULLIVER . 'class.inputfilter.php')) {
require_once (PATH_GULLIVER . 'class.inputfilter.php');
$filter = new InputFilter();
$path = $filter->validateInput($path, 'path');
} else {
if(!file_exists($path)) {
$path = '';
}
}
require_once ($path); require_once ($path);
} }
@@ -2656,6 +2663,7 @@ class G
$path = $filter->validateInput($path, "path"); $path = $filter->validateInput($path, "path");
move_uploaded_file( $file, $path . "/" . $nameToSave ); move_uploaded_file( $file, $path . "/" . $nameToSave );
$nameToSave = $filter->validateInput($nameToSave, "path");
@chmod( $path . "/" . $nameToSave, $permission ); @chmod( $path . "/" . $nameToSave, $permission );
umask( $oldumask ); umask( $oldumask );

18
gulliver/thirdparty/pear/HTTP/WebDAV/Server/Filesystem.php vendored
View File

@@ -634,15 +634,29 @@
$dir = dirname($path)."/"; $dir = dirname($path)."/";
$base = basename($path); $base = basename($path);
if (!class_exists('G')) {
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( '/', $realdocuroot );
array_pop( $docuroot );
$pathhome = implode( '/', $docuroot ) . '/';
array_pop( $docuroot );
$pathTrunk = implode( '/', $docuroot ) . '/';
require_once($pathTrunk.'gulliver/system/class.g.php');
}
G::LoadSystem('inputfilter');
$filter = new InputFilter();
foreach($options["props"] as $key => $prop) { foreach($options["props"] as $key => $prop) {
if ($prop["ns"] == "DAV:") { if ($prop["ns"] == "DAV:") {
$options["props"][$key]['status'] = "403 Forbidden"; $options["props"][$key]['status'] = "403 Forbidden";
} else { } else {
if (isset($prop["val"])) { if (isset($prop["val"])) {
$query = "REPLACE INTO properties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'"; $query = "REPLACE INTO properties SET path = '%s', name = '%s', ns= '%s', value = '%s'";
$query = $filter->preventSqlInjection($query, Array($options['path'],$prop['name'],$prop['ns'],$prop['val']));
error_log($query); error_log($query);
} else { } else {
$query = "DELETE FROM properties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'"; $query = "DELETE FROM properties WHERE path = '%s' AND name = '%s' AND ns = '%s'";
$query = $filter->preventSqlInjection($query, Array($options['path'],$prop['name'],$prop['ns']));
} }
mysql_query($query); mysql_query($query);
} }

12
workflow/engine/classes/class.processes.php
View File

@@ -969,6 +969,18 @@ class Processes
} }
} }
if (isset($oData->taskExtraProperties)) {
foreach ($oData->taskExtraProperties as $key => $value) {
$record = $value;
if (isset($map[$record["OBJ_UID"]])) {
$newUid = $map[$record["OBJ_UID"]];
$oData->taskExtraProperties[$key]["OBJ_UID"] = $newUid;
}
}
}
if (isset($oData->webEntry)) { if (isset($oData->webEntry)) {
foreach ($oData->webEntry as $key => $value) { foreach ($oData->webEntry as $key => $value) {
$record = $value; $record = $value;

21
workflow/engine/classes/class.tasks.php
View File

@@ -391,12 +391,23 @@ class Tasks
$oCriteria = new Criteria('workflow'); $oCriteria = new Criteria('workflow');
$oCriteria->add(ObjectPermissionPeer::OP_TASK_SOURCE, $sTaskUID); $oCriteria->add(ObjectPermissionPeer::OP_TASK_SOURCE, $sTaskUID);
ObjectPermissionPeer::doDelete($oCriteria); ObjectPermissionPeer::doDelete($oCriteria);
//Delete Cases Schedulers
$criteria = new Criteria("workflow");
$criteria->add(CaseSchedulerPeer::TAS_UID, $sTaskUID, Criteria::EQUAL);
$result = CaseSchedulerPeer::doDelete($criteria);
//Delete Configuration
$criteria = new Criteria("workflow");
$criteria->add(ConfigurationPeer::OBJ_UID, $sTaskUID, Criteria::EQUAL);
$result = ConfigurationPeer::doDelete($criteria);
//Delete task //Delete task
$oTask->remove($sTaskUID); $oTask->remove($sTaskUID);
//Delete cases schedulers added by krlos
$oCriteria = new Criteria('workflow');
$oCriteria->add(CaseSchedulerPeer::TAS_UID, $sTaskUID);
CaseSchedulerPeer::doDelete($oCriteria);
} catch (Exception $oError) { } catch (Exception $oError) {
throw ($oError); throw ($oError);
} }
@@ -855,4 +866,4 @@ class Tasks
} }
} }
} }

9
workflow/engine/classes/class.webdav.php
View File

@@ -902,16 +902,21 @@ class ProcessMakerWebDav extends HTTP_WebDAV_Server
$dir = dirname($path) . "/"; $dir = dirname($path) . "/";
$base = basename($path); $base = basename($path);
G::LoadSystem('inputfilter');
$filter = new InputFilter();
foreach ($options["props"] as $key => $prop) { foreach ($options["props"] as $key => $prop) {
if ($prop["ns"] == "DAV:") { if ($prop["ns"] == "DAV:") {
$options["props"][$key]['status'] = "403 Forbidden"; $options["props"][$key]['status'] = "403 Forbidden";
} else { } else {
if (isset($prop["val"])) { if (isset($prop["val"])) {
$query = "REPLACE INTO properties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'"; $query = "REPLACE INTO properties SET path = '%s', name = '%s', ns= '%s', value = '%s'";
$query = $filter->preventSqlInjection($query, Array($options['path'],$prop['name'],$prop['ns'],$prop['val']));
error_log($query); error_log($query);
} else { } else {
$query = "DELETE FROM properties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'"; $query = "DELETE FROM properties WHERE path = '%s' AND name = '%s' AND ns = '%s'";
$query = $filter->preventSqlInjection($query, Array($options['path'],$prop['name'],$prop['ns']));
} }
mysql_query($query); mysql_query($query);
} }

46
workflow/engine/classes/model/Configuration.php
View File

@@ -1,28 +1,42 @@
<?php <?php
class Configuration extends BaseConfiguration class Configuration extends BaseConfiguration
{ {
public function create($aData) public function create(array $arrayData)
{ {
$con = Propel::getConnection(ConfigurationPeer::DATABASE_NAME); $cnn = Propel::getConnection(ConfigurationPeer::DATABASE_NAME);
try { try {
$con->begin(); $configuration = new Configuration();
$this->setCfgUid($aData['CFG_UID']);
$this->setObjUid($aData['OBJ_UID']); $configuration->setCfgUid($arrayData["CFG_UID"]);
$this->setCfgValue(isset($aData['CFG_VALUE'])?$aData['CFG_VALUE']:''); $configuration->setObjUid($arrayData["OBJ_UID"]);
$this->setProUid($aData['PRO_UID']); $configuration->setCfgValue((isset($arrayData["CFG_VALUE"]))? $arrayData["CFG_VALUE"] : "");
$this->setUsrUid($aData['USR_UID']); $configuration->setProUid($arrayData["PRO_UID"]);
$this->setAppUid($aData['APP_UID']); $configuration->setUsrUid($arrayData["USR_UID"]);
if ($this->validate()) { $configuration->setAppUid($arrayData["APP_UID"]);
$result=$this->save();
$con->commit(); if ($configuration->validate()) {
$cnn->begin();
$result = $configuration->save();
$cnn->commit();
//Return
return $result; return $result;
} else { } else {
$con->rollback(); $msg = "";
throw(new Exception("Failed Validation in class ".get_class($this)."."));
foreach ($configuration->getValidationFailures() as $validationFailure) {
$msg = $msg . (($msg != "")? "\n" : "") . $validationFailure->getMessage();
}
throw new Exception(G::LoadTranslation("ID_RECORD_CANNOT_BE_CREATED") . (($msg != "")? "\n" . $msg : ""));
} }
} catch (Exception $e) { } catch (Exception $e) {
$con->rollback(); $cnn->rollback();
throw($e);
throw $e;
} }
} }

12
workflow/engine/controllers/installer.php
View File

@@ -315,6 +315,10 @@ class Installer extends Controller
$info->success = false; $info->success = false;
} }
} }
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$pathShared = $filter->validateInput($_REQUEST['pathShared'], 'path');
if ($info->pathShared->result) { if ($info->pathShared->result) {
$aux = pathinfo( $_REQUEST['pathLogFile'] ); $aux = pathinfo( $_REQUEST['pathLogFile'] );
@@ -322,7 +326,7 @@ class Installer extends Controller
if (is_dir( $aux['dirname'] )) { if (is_dir( $aux['dirname'] )) {
if (! file_exists( $_REQUEST['pathLogFile'] )) { if (! file_exists( $_REQUEST['pathLogFile'] )) {
@file_put_contents( $_REQUEST['pathLogFile'], '' ); @file_put_contents( $_REQUEST['pathLogFile'], '' );
@chmod($_REQUEST['pathShared'], 0770); @chmod($pathShared , 0770);
} }
} }
} }
@@ -388,7 +392,11 @@ class Installer extends Controller
return $false; return $false;
} }
} }
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$logFile = $filter->validateInput($logFile, 'path');
$fpt = fopen( $logFile, 'a' ); $fpt = fopen( $logFile, 'a' );
fwrite( $fpt, sprintf( "%s %s\n", date( 'Y:m:d H:i:s' ), trim( $text ) ) ); fwrite( $fpt, sprintf( "%s %s\n", date( 'Y:m:d H:i:s' ), trim( $text ) ) );
fclose( $fpt ); fclose( $fpt );

4
workflow/engine/src/ProcessMaker/BusinessModel/CaseScheduler.php
View File

@@ -1005,9 +1005,7 @@ class CaseScheduler
case "UPD": case "UPD":
$arrayDataAux = $caseScheduler->load($caseSchedulerUid); $arrayDataAux = $caseScheduler->load($caseSchedulerUid);
if ($arrayData["SCH_END_DATE"] != "") { $arrayCaseSchedulerData["SCH_END_DATE"] = $arrayData["SCH_END_DATE"];
$arrayCaseSchedulerData["SCH_END_DATE"] = $arrayData["SCH_END_DATE"];
}
//If the start date has changed then recalculate the next run time //If the start date has changed then recalculate the next run time
$recalculateDate = ($arrayData["SCH_START_DATE"] == $arrayData["PREV_SCH_START_DATE"])? false : true; $recalculateDate = ($arrayData["SCH_START_DATE"] == $arrayData["PREV_SCH_START_DATE"])? false : true;