From cbe047b604183d27a77a3e745156cf294c965b8a Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Fri, 25 May 2018 17:24:19 -0400 Subject: [PATCH 1/7] HOR-4573 --- workflow/engine/controllers/InstallerModule.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/workflow/engine/controllers/InstallerModule.php b/workflow/engine/controllers/InstallerModule.php index 4ca644af4..00b6c3f3c 100644 --- a/workflow/engine/controllers/InstallerModule.php +++ b/workflow/engine/controllers/InstallerModule.php @@ -140,7 +140,7 @@ class InstallerModule extends Controller $info->memory = new stdclass(); $info->php->version = phpversion(); - $info->php->result = (version_compare(phpversion(), '5.4', '>=') && version_compare(phpversion(), '7.0', '<')) ? true : false; + $info->php->result = (version_compare(phpversion(), '5.6', '>=') && version_compare(phpversion(), '7.0', '<')) ? true : false; // MYSQL info and verification $info->mysql->result = false; From c71b3f6e6c6a87133d00ca76f989027239c61584 Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Mon, 28 May 2018 09:42:12 -0400 Subject: [PATCH 2/7] HOR-4576 --- .../engine/methods/cases/cases_Resume.php | 40 ++++++------------- 1 file changed, 13 insertions(+), 27 deletions(-) diff --git a/workflow/engine/methods/cases/cases_Resume.php b/workflow/engine/methods/cases/cases_Resume.php index f985b671e..24a772edc 100644 --- a/workflow/engine/methods/cases/cases_Resume.php +++ b/workflow/engine/methods/cases/cases_Resume.php @@ -1,26 +1,7 @@ . - * - * For more information, contact Colosa Inc, 2566 Le Jeune Rd., - * Coral Gables, FL, 33134, USA, or email info@colosa.com. - */ + +use ProcessMaker\BusinessModel\Task as BusinessModelTask; + /* Permissions */ switch ($RBAC->userCanAccess( 'PM_CASES' )) { case - 2: @@ -155,14 +136,19 @@ if ($Fields['APP_STATUS'] != 'COMPLETED') { $FieldsPar = $Fields; foreach ($parallel as $row) { $FieldsPar['TAS_UID'] = $row['TAS_UID']; - $aTask = $objTask->load( $row['TAS_UID'] ); - $FieldsPar['TAS_TITLE'] = $aTask['TAS_TITLE']; + $task = $objTask->load($row['TAS_UID']); + $FieldsPar['TAS_TITLE'] = $task['TAS_TITLE']; $FieldsPar['USR_UID'] = $row['USR_UID']; if (isset($row['USR_UID']) && !empty($row['USR_UID'])) { - $aUser = $objUser->loadDetails ($row['USR_UID']); - $FieldsPar['CURRENT_USER'] = $aUser['USR_FULLNAME']; + $user = $objUser->loadDetails($row['USR_UID']); + $FieldsPar['CURRENT_USER'] = $user['USR_FULLNAME']; } else { - $FieldsPar['CURRENT_USER'] = ''; + $dummyTaskTypes = BusinessModelTask::getDummyTypes(); + if (!in_array($task["TAS_TYPE"], $dummyTaskTypes)) { + $FieldsPar['CURRENT_USER'] = G::LoadTranslation('ID_TITLE_UNASSIGNED'); + } else { + $FieldsPar['CURRENT_USER'] = ''; + } } $FieldsPar['DEL_DELEGATE_DATE'] = $row['DEL_DELEGATE_DATE']; $FieldsPar['DEL_INIT_DATE'] = $row['DEL_INIT_DATE']; From ffd449a9dda3ca678f4a5e1b09f46949c516a623 Mon Sep 17 00:00:00 2001 From: Gustavo Silva Date: Mon, 28 May 2018 15:18:28 -0400 Subject: [PATCH 3/7] HOR-4385: Capture Email credentials in clear text --- .../ProcessMaker/BusinessModel/EmailServer.php | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/EmailServer.php b/workflow/engine/src/ProcessMaker/BusinessModel/EmailServer.php index c4412f906..a4cdece46 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/EmailServer.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/EmailServer.php @@ -1276,22 +1276,6 @@ class EmailServer while ($rsCriteria->next()) { $row = $rsCriteria->getRow(); - - $passwd = $row["MESS_PASSWORD"]; - $passwdDec = G::decrypt($passwd, "EMAILENCRYPT"); - $auxPass = explode("hash:", $passwdDec); - - if (count($auxPass) > 1) { - if (count($auxPass) == 2) { - $passwd = $auxPass[1]; - } else { - array_shift($auxPass); - $passwd = implode("", $auxPass); - } - } - - $row["MESS_PASSWORD"] = $passwd; - $arrayEmailServer[] = $this->getEmailServerDataFromRecord($row); } From 5c2a771954aa284e70ad942b40e50204172449d0 Mon Sep 17 00:00:00 2001 From: Gustavo Silva Date: Tue, 29 May 2018 16:34:42 -0400 Subject: [PATCH 4/7] HOR-4605: Ouput_Document > The documents are not being exported with their extensions --- workflow/engine/methods/cases/cases_ShowOutputDocument.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/workflow/engine/methods/cases/cases_ShowOutputDocument.php b/workflow/engine/methods/cases/cases_ShowOutputDocument.php index b786e3814..4d7927310 100644 --- a/workflow/engine/methods/cases/cases_ShowOutputDocument.php +++ b/workflow/engine/methods/cases/cases_ShowOutputDocument.php @@ -133,7 +133,7 @@ if (!$sw_file_exists) { $res['message'] = $info['basename'] . $ver . '.' . $ext; print G::json_encode( $res ); } else { - $nameFile = $info['basename'] . $ver . '.' . $ext; + $nameFile = G::inflect($info['basename'] . $ver) . '.' . $ext; $licensedFeatures = &PMLicensedFeatures::getSingleton(); $downloadStatus = false; /*----------------------------------********---------------------------------*/ @@ -159,7 +159,7 @@ if (!$sw_file_exists) { } /*----------------------------------********---------------------------------*/ if (!$downloadStatus) { - G::streamFile( $realPath, $download, G::inflect($nameFile)); //download + G::streamFile( $realPath, $download, $nameFile); //download } } } From d9ad9c3d77affd6ea048d49e0e88a00562999a28 Mon Sep 17 00:00:00 2001 From: Roly Rudy Gutierrez Pinto Date: Wed, 30 May 2018 07:58:13 -0400 Subject: [PATCH 5/7] HOR-4599 --- workflow/engine/controllers/pmTablesProxy.php | 139 +++++++++--------- 1 file changed, 67 insertions(+), 72 deletions(-) diff --git a/workflow/engine/controllers/pmTablesProxy.php b/workflow/engine/controllers/pmTablesProxy.php index a0d1582fa..d9a802283 100644 --- a/workflow/engine/controllers/pmTablesProxy.php +++ b/workflow/engine/controllers/pmTablesProxy.php @@ -910,108 +910,103 @@ class pmTablesProxy extends HttpProxyController /** * Export PM tables - * - * @author : Erik Amaru Ortiz + * + * @param object $httpData + * @return object */ - public function export ($httpData) + public function export($httpData) { - require_once 'classes/model/AdditionalTables.php'; - $at = new AdditionalTables(); - $tablesToExport = G::json_decode( stripslashes( $httpData->rows ) ); + $additionalTables = new AdditionalTables(); + $tablesToExport = G::json_decode(stripslashes($httpData->rows)); try { $result = new stdClass(); - $net = new Net( G::getIpAddress() ); - - $META = " \n-----== ProcessMaker Open Source Private Tables ==-----\n" . " @Ver: 1.0 Oct-2009\n" . " @Processmaker version: " . System::getVersion() . "\n" . " -------------------------------------------------------\n" . " @Export Date: " . date( "l jS \of F Y h:i:s A" ) . "\n" . " @Server address: " . getenv( 'SERVER_NAME' ) . " (" . getenv( 'SERVER_ADDR' ) . ")\n" . " @Client address: " . $net->hostname . "\n" . " @Workspace: " . config("system.workspace") . "\n" . " @Export trace back:\n\n"; - - $EXPORT_TRACEBACK = Array (); - $c = 0; + $net = new Net(G::getIpAddress()); + $metaInfo = " \n-----== ProcessMaker Open Source Private Tables ==-----\n" . " @Ver: 1.0 Oct-2009\n" . " @Processmaker version: " . System::getVersion() . "\n" . " -------------------------------------------------------\n" . " @Export Date: " . date("l jS \of F Y h:i:s A") . "\n" . " @Server address: " . getenv('SERVER_NAME') . " (" . getenv('SERVER_ADDR') . ")\n" . " @Client address: " . $net->hostname . "\n" . " @Workspace: " . config("system.workspace") . "\n" . " @Export trace back:\n\n"; + $exportTraceback = []; + foreach ($tablesToExport as $table) { - $tableRecord = $at->load( $table->ADD_TAB_UID ); - $tableData = $at->getAllData( $table->ADD_TAB_UID, null, null, false ); - $table->ADD_TAB_NAME = $tableRecord['ADD_TAB_NAME']; - $rows = $tableData['rows']; - $count = $tableData['count']; + if ($table->_DATA) { + $tableRecord = $additionalTables->load($table->ADD_TAB_UID); + $tableData = $additionalTables->getAllData($table->ADD_TAB_UID, null, null, false); + $table->ADD_TAB_NAME = $tableRecord['ADD_TAB_NAME']; - array_push( $EXPORT_TRACEBACK, Array ('uid' => $table->ADD_TAB_UID,'name' => $table->ADD_TAB_NAME,'num_regs' => $tableData['count'],'schema' => $table->_SCHEMA ? 'yes' : 'no','data' => $table->_DATA ? 'yes' : 'no' - ) ); + array_push($exportTraceback, [ + 'uid' => $table->ADD_TAB_UID, + 'name' => $table->ADD_TAB_NAME, + 'num_regs' => $tableData['count'], + 'schema' => $table->_SCHEMA ? 'yes' : 'no', + 'data' => $table->_DATA ? 'yes' : 'no' + ]); + } } - $sTrace = "TABLE UID TABLE NAME\tREGS\tSCHEMA\tDATA\n"; - - foreach ($EXPORT_TRACEBACK as $row) { - $sTrace .= "{$row['uid']}\t{$row['name']}\t\t{$row['num_regs']}\t{$row['schema']}\t{$row['data']}\n"; + $trace = "TABLE UID TABLE NAME\tREGS\tSCHEMA\tDATA\n"; + foreach ($exportTraceback as $row) { + $trace .= "{$row['uid']}\t{$row['name']}\t\t{$row['num_regs']}\t{$row['schema']}\t{$row['data']}\n"; } + $metaInfo .= $trace; - $META .= $sTrace; - - ///////////////EXPORT PROCESS - $PUBLIC_ROOT_PATH = PATH_DATA . 'sites' . PATH_SEP . config("system.workspace") . PATH_SEP . 'public' . PATH_SEP; - - $filenameOnly = strtolower( 'SYS-' . config("system.workspace") . "_" . date( "Y-m-d" ) . '_' . date( "Hi" ) . ".pmt" ); - - $filename = $PUBLIC_ROOT_PATH . $filenameOnly; - $fp = fopen( $filename, "wb" ); - + //Export table + $publicPath = PATH_DATA . 'sites' . PATH_SEP . config("system.workspace") . PATH_SEP . 'public' . PATH_SEP; + $filenameOnly = strtolower('SYS-' . config("system.workspace") . "_" . date("Y-m-d") . '_' . date("Hi") . ".pmt"); + $filename = $publicPath . $filenameOnly; + $fp = fopen($filename, "wb"); $bytesSaved = 0; $bufferType = '@META'; - $fsData = sprintf( "%09d", strlen( $META ) ); - $fsbufferType = sprintf( "%09d", strlen( $bufferType ) ); - $bytesSaved += fwrite( $fp, $fsbufferType ); //writing the size of $oData - $bytesSaved += fwrite( $fp, $bufferType ); //writing the $oData - $bytesSaved += fwrite( $fp, $fsData ); //writing the size of $oData - $bytesSaved += fwrite( $fp, $META ); //writing the $oData + $fsData = sprintf("%09d", strlen($metaInfo)); + $fsbufferType = sprintf("%09d", strlen($bufferType)); + $bytesSaved += fwrite($fp, $fsbufferType); //writing the size of $oData + $bytesSaved += fwrite($fp, $bufferType); //writing the $oData + $bytesSaved += fwrite($fp, $fsData); //writing the size of $oData + $bytesSaved += fwrite($fp, $metaInfo); //writing the $oData foreach ($tablesToExport as $table) { if ($table->_SCHEMA) { - $oAdditionalTables = new AdditionalTables(); - $aData = $oAdditionalTables->load( $table->ADD_TAB_UID, true ); + //Export Schema + $pmTables = new AdditionalTables(); + $aData = $pmTables->load($table->ADD_TAB_UID, true); $bufferType = '@SCHEMA'; - $SDATA = serialize( $aData ); - $fsUid = sprintf( "%09d", strlen( $table->ADD_TAB_UID ) ); - $fsData = sprintf( "%09d", strlen( $SDATA ) ); - $fsbufferType = sprintf( "%09d", strlen( $bufferType ) ); - - $bytesSaved += fwrite( $fp, $fsbufferType ); //writing the size of $oData - $bytesSaved += fwrite( $fp, $bufferType ); //writing the $oData - $bytesSaved += fwrite( $fp, $fsUid ); //writing the size of xml file - $bytesSaved += fwrite( $fp, $table->ADD_TAB_UID ); //writing the xmlfile - $bytesSaved += fwrite( $fp, $fsData ); //writing the size of xml file - $bytesSaved += fwrite( $fp, $SDATA ); //writing the xmlfile + $dataTable = serialize($aData); + $fsUid = sprintf("%09d", strlen($table->ADD_TAB_UID)); + $fsData = sprintf("%09d", strlen($dataTable)); + $fsbufferType = sprintf("%09d", strlen($bufferType)); + $bytesSaved += fwrite($fp, $fsbufferType); //writing the size of $oData + $bytesSaved += fwrite($fp, $bufferType); //writing the $oData + $bytesSaved += fwrite($fp, $fsUid); //writing the size of xml file + $bytesSaved += fwrite($fp, $table->ADD_TAB_UID); //writing the xmlfile + $bytesSaved += fwrite($fp, $fsData); //writing the size of xml file + $bytesSaved += fwrite($fp, $dataTable); //writing the xmlfile } if ($table->_DATA) { - //export data - $oAdditionalTables = new additionalTables(); - $tableData = $oAdditionalTables->getAllData( $table->ADD_TAB_UID, null, null, false ); + //Export data + $pmTables = new additionalTables(); + $tableData = $pmTables->getAllData($table->ADD_TAB_UID, null, null, false); - $SDATA = serialize( $tableData['rows'] ); + $dataTable = serialize($tableData['rows']); $bufferType = '@DATA'; - - $fsbufferType = sprintf( "%09d", strlen( $bufferType ) ); - $fsTableName = sprintf( "%09d", strlen( $table->ADD_TAB_NAME ) ); - $fsData = sprintf( "%09d", strlen( $SDATA ) ); - - $bytesSaved += fwrite( $fp, $fsbufferType ); //writing type size - $bytesSaved += fwrite( $fp, $bufferType ); //writing type - $bytesSaved += fwrite( $fp, $fsTableName ); //writing the size of xml file - $bytesSaved += fwrite( $fp, $table->ADD_TAB_NAME ); //writing the xmlfile - $bytesSaved += fwrite( $fp, $fsData ); //writing the size of xml file - $bytesSaved += fwrite( $fp, $SDATA ); //writing the xmlfile + $fsbufferType = sprintf("%09d", strlen($bufferType)); + $fsTableName = sprintf("%09d", strlen($table->ADD_TAB_NAME)); + $fsData = sprintf("%09d", strlen($dataTable)); + $bytesSaved += fwrite($fp, $fsbufferType); //writing type size + $bytesSaved += fwrite($fp, $bufferType); //writing type + $bytesSaved += fwrite($fp, $fsTableName); //writing the size of xml file + $bytesSaved += fwrite($fp, $table->ADD_TAB_NAME); //writing the xmlfile + $bytesSaved += fwrite($fp, $fsData); //writing the size of xml file + $bytesSaved += fwrite($fp, $dataTable); //writing the xmlfile } - G::auditLog("ExportTable", $table->ADD_TAB_NAME." (".$table->ADD_TAB_UID.") "); + + G::auditLog("ExportTable", $table->ADD_TAB_NAME . " (" . $table->ADD_TAB_UID . ") "); } - fclose( $fp ); + fclose($fp); $filenameLink = "pmTables/streamExported?f=$filenameOnly"; - $size = round( ($bytesSaved / 1024), 2 ) . " Kb"; - $meta = "
" . $META . "
"; - $filename = $filenameOnly; + $size = round(($bytesSaved / 1024), 2) . " Kb"; $link = $filenameLink; $result->success = true; From 223dd0e0026d0043cd21829e8e175cf17fdcd79c Mon Sep 17 00:00:00 2001 From: Gustavo Silva Date: Wed, 30 May 2018 10:06:07 -0400 Subject: [PATCH 6/7] HOR-4606: Does check the permission PM_SETUP_EMAIL from GET endpoint --- .../ProcessMaker/Services/Api/EmailServer.php | 23 +++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/workflow/engine/src/ProcessMaker/Services/Api/EmailServer.php b/workflow/engine/src/ProcessMaker/Services/Api/EmailServer.php index 1e60496da..3e1842dc8 100644 --- a/workflow/engine/src/ProcessMaker/Services/Api/EmailServer.php +++ b/workflow/engine/src/ProcessMaker/Services/Api/EmailServer.php @@ -30,12 +30,19 @@ class EmailServer extends Api } /** + * Get List of Emails Servers + * * @url GET * * @param string $filter - * @param int $start - * @param int $limit + * @param int $start + * @param int $limit * + * @return + * @throws RestException + * + * @access protected + * @class AccessControl {@permission PM_SETUP_EMAIL} */ public function index($filter = null, $start = null, $limit = null) { @@ -67,11 +74,19 @@ class EmailServer extends Api } /** + * Get List of Emails Servers + * * @url GET /paged * * @param string $filter - * @param int $start - * @param int $limit + * @param int $start + * @param int $limit + * + * @return array + * @throws RestException + * + * @access protected + * @class AccessControl {@permission PM_SETUP_EMAIL} */ public function doGetPaged($filter = null, $start = null, $limit = null) { From 0dc59aa9191f50845887bc09e002e503f4b8eb0d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julio=20Cesar=20Laura=20Avenda=C3=B1o?= Date: Mon, 4 Jun 2018 14:39:57 -0400 Subject: [PATCH 7/7] HOR-4609 --- .../engine/methods/login/authentication.php | 48 +--------------- .../methods/login/authenticationSso.php | 49 +---------------- workflow/engine/methods/login/login.php | 55 ------------------- workflow/engine/methods/login/sysLogin.php | 3 - .../engine/methods/login/sysLoginVerify.php | 30 ---------- .../engine/methods/login/updateTimezone.php | 15 +++++ .../engine/skinEngine/neoclassic/layout.html | 4 +- workflow/engine/skinEngine/skinEngine.php | 1 + .../engine/xmlform/login/TimeZoneAlert.html | 7 --- .../engine/xmlform/login/TimeZoneAlert.xml | 6 -- workflow/public_html/sysGeneric.php | 41 ++++++++++++-- 11 files changed, 57 insertions(+), 202 deletions(-) create mode 100644 workflow/engine/methods/login/updateTimezone.php diff --git a/workflow/engine/methods/login/authentication.php b/workflow/engine/methods/login/authentication.php index 2ca7b693b..c0a488d1e 100644 --- a/workflow/engine/methods/login/authentication.php +++ b/workflow/engine/methods/login/authentication.php @@ -1,27 +1,4 @@ . - * - * For more information, contact Colosa Inc, 2566 Le Jeune Rd., - * Coral Gables, FL, 33134, USA, or email info@colosa.com. - * - */ use ProcessMaker\Core\System; use ProcessMaker\Plugins\PluginRegistry; @@ -229,16 +206,6 @@ try { } } - /*----------------------------------********---------------------------------*/ - if (PMLicensedFeatures::getSingleton()->verifyfeature('oq3S29xemxEZXJpZEIzN01qenJUaStSekY4cTdJVm5vbWtVM0d4S2lJSS9qUT0=')) { - //Update User Time Zone - if (isset($_POST['form']['BROWSER_TIME_ZONE'])) { - $user = new Users(); - $user->update(['USR_UID' => $_SESSION['USER_LOGGED'], 'USR_TIME_ZONE' => $_POST['form']['BROWSER_TIME_ZONE']]); - } - } - /*----------------------------------********---------------------------------*/ - //Set User Time Zone $user = UsersPeer::retrieveByPK($_SESSION['USER_LOGGED']); @@ -263,20 +230,7 @@ try { if ($timeZoneOffset === false || $timeZoneOffset != (int)($_POST['form']['BROWSER_TIME_ZONE_OFFSET'])) { $_SESSION['__TIME_ZONE_FAILED__'] = true; - $_SESSION['USR_USERNAME'] = $usr; - $_SESSION['USR_PASSWORD'] = $pwd; - - $_SESSION['BROWSER_TIME_ZONE'] = $dateTime->getTimeZoneIdByTimeZoneOffset((int)($_POST['form']['BROWSER_TIME_ZONE_OFFSET']), false); - $_SESSION['URL'] = (isset($_POST['form']['URL']))? $_POST['form']['URL'] : ((isset($_REQUEST['u']))? $_REQUEST['u'] : ''); - $_SESSION['USER_LANG'] = $lang; - - if (strpos($_SERVER['HTTP_REFERER'], 'home/login') !== false) { - $d = serialize(['u' => $usr, 'p' => $pwd, 'm' => '', 'timeZoneFailed' => 1, 'userTimeZone' => $_SESSION['USR_TIME_ZONE'], 'browserTimeZone' => $_SESSION['BROWSER_TIME_ZONE'],'USER_LANG' => $lang]); - $urlLogin = $urlLogin . '?d=' . base64_encode($d); - } - - G::header('Location: ' . $urlLogin); - exit(0); + $_SESSION['BROWSER_TIME_ZONE'] = $dateTime->getTimeZoneIdByTimeZoneOffset((int)$_POST['form']['BROWSER_TIME_ZONE_OFFSET'], false); } } } diff --git a/workflow/engine/methods/login/authenticationSso.php b/workflow/engine/methods/login/authenticationSso.php index 9ca668a9b..10a7b3c14 100644 --- a/workflow/engine/methods/login/authenticationSso.php +++ b/workflow/engine/methods/login/authenticationSso.php @@ -30,16 +30,6 @@ try { $userUid = (isset($_SESSION['USER_LOGGED']))? $_SESSION['USER_LOGGED'] : ((isset($_SESSION['__USER_LOGGED_SSO__']))? $_SESSION['__USER_LOGGED_SSO__'] : ''); - /*----------------------------------********---------------------------------*/ - if (PMLicensedFeatures::getSingleton()->verifyfeature('oq3S29xemxEZXJpZEIzN01qenJUaStSekY4cTdJVm5vbWtVM0d4S2lJSS9qUT0=')) { - //Update User Time Zone - if (isset($_POST['form']['BROWSER_TIME_ZONE'])) { - $user = new Users(); - $user->update(['USR_UID' => $userUid, 'USR_TIME_ZONE' => $_POST['form']['BROWSER_TIME_ZONE']]); - } - } - /*----------------------------------********---------------------------------*/ - $arraySystemConfiguration = System::getSystemConfiguration('', '', config("system.workspace")); //Set User Time Zone @@ -85,43 +75,8 @@ try { } if ($timeZoneOffset === false || $timeZoneOffset != $browserTimeZoneOffset) { - $userUtcOffset = $dateTime->getUtcOffsetByTimeZoneOffset($timeZoneOffset); - $browserUtcOffset = $dateTime->getUtcOffsetByTimeZoneOffset($browserTimeZoneOffset); - - $arrayTimeZoneId = $dateTime->getTimeZoneIdByTimeZoneOffset($browserTimeZoneOffset); - - array_unshift($arrayTimeZoneId, 'false'); - array_walk( - $arrayTimeZoneId, - function (&$value, $key, $parameter) - { - $value = ['TZ_UID' => $value, 'TZ_NAME' => '(UTC ' . $parameter . ') ' . $value]; - }, - $browserUtcOffset - ); - - $_SESSION['_DBArray'] = ['TIME_ZONE' => $arrayTimeZoneId]; - - $arrayData = [ - 'USR_USERNAME' => '', - 'USR_PASSWORD' => '', - 'USR_TIME_ZONE' => '(UTC ' . $userUtcOffset . ') ' . $_SESSION['USR_TIME_ZONE'], - 'BROWSER_TIME_ZONE' => $dateTime->getTimeZoneIdByTimeZoneOffset($browserTimeZoneOffset, false), - 'USER_LANG' => SYS_LANG, - 'URL' => $location - ]; - - $G_PUBLISH = new Publisher(); - $G_PUBLISH->AddContent( - 'xmlform', - 'xmlform', - 'login' . PATH_SEP . 'TimeZoneAlert', - '', - $arrayData, SYS_URI . 'login/authenticationSso.php' - ); - - G::RenderPage('publish'); - exit(0); + $_SESSION['__TIME_ZONE_FAILED__'] = true; + $_SESSION['BROWSER_TIME_ZONE'] = $dateTime->getTimeZoneIdByTimeZoneOffset((int)$_POST['form']['BROWSER_TIME_ZONE_OFFSET'], false); } } } diff --git a/workflow/engine/methods/login/login.php b/workflow/engine/methods/login/login.php index 24f3cf217..726e70369 100644 --- a/workflow/engine/methods/login/login.php +++ b/workflow/engine/methods/login/login.php @@ -163,25 +163,6 @@ if (isset ($_SESSION['USER_LOGGED'])) { } //end log -/*----------------------------------********---------------------------------*/ -$timeZoneFailed = false; - -if (isset($_SESSION['__TIME_ZONE_FAILED__']) && $_SESSION['__TIME_ZONE_FAILED__']) { - $timeZoneFailed = true; - $userUsername = $_SESSION['USR_USERNAME']; - $userPassword = $_SESSION['USR_PASSWORD']; - $userTimeZone = $_SESSION['USR_TIME_ZONE']; - $browserTimeZone = $_SESSION['BROWSER_TIME_ZONE']; - $url = $_SESSION['URL']; - - if(isset($_SESSION['USER_LANG'])){ - $lang = $_SESSION['USER_LANG']; - }else{ - $lang = SYS_LANG; - } -} -/*----------------------------------********---------------------------------*/ - //start new session @session_destroy(); session_start(); @@ -223,42 +204,6 @@ if (in_array(G::encryptOld($licenseManager->result), array('38afd7ae34bd5e3e6fc1 die(); } -if ($timeZoneFailed) { - $dateTime = new \ProcessMaker\Util\DateTime(); - - $userTimeZoneOffset = $dateTime->getTimeZoneOffsetByTimeZoneId($userTimeZone); - $browserTimeZoneOffset = $dateTime->getTimeZoneOffsetByTimeZoneId($browserTimeZone); - - $userUtcOffset = $dateTime->getUtcOffsetByTimeZoneOffset($userTimeZoneOffset); - $browserUtcOffset = $dateTime->getUtcOffsetByTimeZoneOffset($browserTimeZoneOffset); - - $arrayTimeZoneId = $dateTime->getTimeZoneIdByTimeZoneOffset($browserTimeZoneOffset); - - array_unshift($arrayTimeZoneId, 'false'); - array_walk($arrayTimeZoneId, function (&$value, $key, $parameter) { $value = ['TZ_UID' => $value, 'TZ_NAME' => '(UTC ' . $parameter . ') ' . $value]; }, $browserUtcOffset); - - $_SESSION['_DBArray'] = ['TIME_ZONE' => $arrayTimeZoneId]; - - $arrayData = [ - 'USR_USERNAME' => $userUsername, - 'USR_PASSWORD' => $userPassword, - 'USR_TIME_ZONE' => '(UTC ' . $userUtcOffset . ') ' . $userTimeZone, - 'BROWSER_TIME_ZONE' => $browserTimeZone, - 'USER_LANG' => $lang, - 'URL' => $url - ]; - - $G_PUBLISH = new Publisher(); - $G_PUBLISH->AddContent('xmlform', 'xmlform', 'login' . PATH_SEP . 'TimeZoneAlert', '', $arrayData, SYS_URI . 'login/authentication.php'); - - G::RenderPage('publish'); - - // Destroy a significant value in session - global $G_FORM; - unset($_SESSION[$G_FORM->id]['USR_PASSWORD']); - - exit(0); -} /*----------------------------------********---------------------------------*/ //translation diff --git a/workflow/engine/methods/login/sysLogin.php b/workflow/engine/methods/login/sysLogin.php index 8fd4cd5c3..a26d082f3 100644 --- a/workflow/engine/methods/login/sysLogin.php +++ b/workflow/engine/methods/login/sysLogin.php @@ -32,9 +32,6 @@ if ($browserSupported==false){ } /*----------------------------------********---------------------------------*/ if (isset ($_POST['form']['USER_ENV'])) { - @session_destroy(); - session_start(); - $_SESSION['sysLogin'] = $_POST['form']; $data = base64_encode(serialize($_POST)); $url = sprintf('/sys%s/%s/%s/login/sysLoginVerify?d=%s', $_POST['form']['USER_ENV'], SYS_LANG, SYS_SKIN, $data); G::header("location: $url"); diff --git a/workflow/engine/methods/login/sysLoginVerify.php b/workflow/engine/methods/login/sysLoginVerify.php index e12cf1fcf..5627854cb 100644 --- a/workflow/engine/methods/login/sysLoginVerify.php +++ b/workflow/engine/methods/login/sysLoginVerify.php @@ -1,29 +1,5 @@ . - * - * For more information, contact Colosa Inc, 2566 Le Jeune Rd., - * Coral Gables, FL, 33134, USA, or email info@colosa.com. - * - */ - if (array_key_exists("d", $_GET)) { $str = base64_decode($_GET["d"]); if (preg_match('/^a:[0-9]+:{/', $str) && !preg_match('/(^|;|{|})O:\+?[0-9]+:"/', $str)) { @@ -34,11 +10,5 @@ if (array_key_exists("d", $_GET)) { if (!isset($_POST)) { G::header('location: /sys/' . $lang . '/' . SYS_SKIN . '/' . 'login/login'); } -if (isset($_SESSION['sysLogin'])) { - $_POST['form'] = $_SESSION['sysLogin']; - // Destroy variables already assigned to the global variable $_POST - unset($_SESSION['sysLogin']); -} require_once 'authentication.php'; - diff --git a/workflow/engine/methods/login/updateTimezone.php b/workflow/engine/methods/login/updateTimezone.php new file mode 100644 index 000000000..e83c65bd3 --- /dev/null +++ b/workflow/engine/methods/login/updateTimezone.php @@ -0,0 +1,15 @@ +verifyfeature('oq3S29xemxEZXJpZEIzN01qenJUaStSekY4cTdJVm5vbWtVM0d4S2lJSS9qUT0=')) { + // Update User Time Zone + if (isset($_POST['form']['BROWSER_TIME_ZONE'])) { + $user = new Users(); + $user->update(['USR_UID' => $_SESSION['USER_LOGGED'], 'USR_TIME_ZONE' => $_POST['form']['BROWSER_TIME_ZONE']]); + $_SESSION['USR_TIME_ZONE'] = $_POST['form']['BROWSER_TIME_ZONE']; + unset($_SESSION['__TIME_ZONE_FAILED__'], $_SESSION['BROWSER_TIME_ZONE']); + } + + // Redirect to origin page + G::header('Location: ' . $_SERVER['HTTP_REFERER']); +} diff --git a/workflow/engine/skinEngine/neoclassic/layout.html b/workflow/engine/skinEngine/neoclassic/layout.html index 658930ed8..8dee3a8e9 100644 --- a/workflow/engine/skinEngine/neoclassic/layout.html +++ b/workflow/engine/skinEngine/neoclassic/layout.html @@ -7,8 +7,8 @@ {$header} - {if $user_logged neq '' or $tracker neq ''} - + {if ($user_logged neq '' or $tracker neq '') and $timezone_status neq 'failed'} +
diff --git a/workflow/engine/skinEngine/skinEngine.php b/workflow/engine/skinEngine/skinEngine.php index a299596fe..5fc27857f 100644 --- a/workflow/engine/skinEngine/skinEngine.php +++ b/workflow/engine/skinEngine/skinEngine.php @@ -763,6 +763,7 @@ class SkinEngine $smarty->assign('tracker', (SYS_COLLECTION == 'tracker') ? (($G_PUBLISH->Parts[0]['File'] != 'tracker/login') ? true : '') : ''); } + $smarty->assign('timezone_status', (isset($_SESSION['__TIME_ZONE_FAILED__']) && $_SESSION['__TIME_ZONE_FAILED__']) ? 'failed' : 'ok'); $smarty->assign('switch_interface', $switch_interface); $smarty->assign('switch_interface_label', G::LoadTranslation('ID_SWITCH_INTERFACE')); $smarty->assign('rolename', isset($_SESSION['USR_ROLENAME']) ? $_SESSION['USR_ROLENAME'] . '' : ''); diff --git a/workflow/engine/xmlform/login/TimeZoneAlert.html b/workflow/engine/xmlform/login/TimeZoneAlert.html index f27a6d979..1893d3943 100644 --- a/workflow/engine/xmlform/login/TimeZoneAlert.html +++ b/workflow/engine/xmlform/login/TimeZoneAlert.html @@ -8,13 +8,7 @@