fernando/luos
1
0
Fork 0
Code Releases Activity

Conflicts

Browse Source
This commit is contained in:
Paula Quispe
2017-02-10 17:59:06 -04:00
parent 5606c1c565 3e687e6bb3
commit efb1576cb5
15 changed files with 257 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
workflow/engine/src/ProcessMaker/BusinessModel/Cases/InputDocument.php
View File

@@ -971,6 +971,16 @@ class InputDocument
$aFields = array("APP_UID" => $appUid, "DEL_INDEX" => $delIndex, "USR_UID" => $userUid, "DOC_UID" => -1, "APP_DOC_TYPE" => "ATTACHED", "APP_DOC_CREATE_DATE" => date("Y-m-d H:i:s"), "APP_DOC_COMMENT" => "", "APP_DOC_TITLE" => "", "APP_DOC_FILENAME" => $arrayFileName[$i], "APP_DOC_FIELDNAME" => $fieldName);
}
$sExtension = pathinfo($aFields["APP_DOC_FILENAME"]);
if (\Bootstrap::getDisablePhpUploadExecution() === 1 && $sExtension["extension"] === 'php') {
$message = \G::LoadTranslation('THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED');
\Bootstrap::registerMonologPhpUploadExecution('phpUpload', 550, $message, $sFileName);
\G::SendMessageText($message, "ERROR");
$backUrlObj = explode("sys" . SYS_SYS, $_SERVER['HTTP_REFERER']);
\G::header("location: " . "/sys" . SYS_SYS . $backUrlObj[1]);
die();
}
$oAppDocument = new \AppDocument();
$oAppDocument->create($aFields);

5
workflow/engine/src/ProcessMaker/BusinessModel/FilesManager.php
View File

@@ -187,6 +187,11 @@ class FilesManager
if ($extention == '.exe') {
throw new \Exception(\G::LoadTranslation('ID_FILE_UPLOAD_INCORRECT_EXTENSION'));
}
if (\Bootstrap::getDisablePhpUploadExecution() === 1 && $extention === '.php') {
$message = \G::LoadTranslation('THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED');
\Bootstrap::registerMonologPhpUploadExecution('phpUpload', 550, $message, $aData['prf_filename']);
throw new \Exception($message);
}
break;
default:
$sDirectory = PATH_DATA_MAILTEMPLATES . $sProcessUID . PATH_SEP . $sSubDirectory . $aData['prf_filename'];

10
workflow/engine/src/ProcessMaker/BusinessModel/Light.php
View File

@@ -902,6 +902,16 @@ class Light
$response = array();
if (is_array($request_data)) {
foreach ($request_data as $k => $file) {
$ext = pathinfo($file['name'], PATHINFO_EXTENSION);
if (\Bootstrap::getDisablePhpUploadExecution() === 1 && $ext === 'php') {
$message = \G::LoadTranslation('THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED');
\Bootstrap::registerMonologPhpUploadExecution('phpUpload', 550, $message, $file['name']);
$response[$k]['error'] = array(
"code" => "400",
"message" => $message
);
continue;
}
$oCase = new \Cases();
$delIndex = $oCase->getCurrentDelegation($app_uid, $userUid);
$docUid = !empty($file['docUid']) ? $file['docUid'] : -1;