fernando/luos
1
0
Fork 0
Code Releases Activity

Conflicts

Browse Source
This commit is contained in:
Paula Quispe
2017-02-10 17:59:06 -04:00
parent 5606c1c565 3e687e6bb3
commit efb1576cb5
15 changed files with 257 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
workflow/engine/methods/appFolder/appFolderAjax.php
View File

@@ -1534,6 +1534,18 @@ function uploadExternalDocument()
//Read. Instance Document classes
if (!empty($quequeUpload)) {
foreach ($quequeUpload as $key => $fileObj) {
$extension = pathinfo($fileObj['fileName'], PATHINFO_EXTENSION);
if (\Bootstrap::getDisablePhpUploadExecution() === 1 && $extension === 'php') {
$message = \G::LoadTranslation('THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED');
\Bootstrap::registerMonologPhpUploadExecution('phpUpload', 550, $message, $fileObj['fileName']);
$response['error'] = $message;
$response['message'] = $message;
$response['success'] = false;
print_r(G::json_encode($response));
exit();
}
}
$docUid=$_POST['docUid'];
$appDocUid=isset($_POST['APP_DOC_UID'])?$_POST['APP_DOC_UID']:"";
$docVersion=isset($_POST['docVersion'])?$_POST['docVersion']:"";

4
workflow/engine/methods/cases/proxyNewCasesList.php
View File

@@ -10,9 +10,6 @@ if (!isset($_SESSION['USER_LOGGED'])) {
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$_GET = $filter->xssFilterHard($_GET);
$_REQUEST = $filter->xssFilterHard($_REQUEST);
$_SESSION['USER_LOGGED'] = $filter->xssFilterHard($_SESSION['USER_LOGGED']);
try {
$userUid = $_SESSION['USER_LOGGED'];
@@ -187,6 +184,7 @@ try {
);
$response = array();
$response['filters'] = $filters;
$response['totalCount'] = $list->getCountList($userUid, $filters);
$response = $filter->xssFilterHard($response);