fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HOR-3290 improvement

Browse Source
This commit is contained in:
Roly Rudy Gutierrez Pinto
2017-05-30 10:57:29 -04:00
parent ccc3552e12
commit f1e9e1e492
2 changed files with 44 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
gulliver/system/class.g.php
View File

@@ -2950,6 +2950,16 @@ class G
{ {
return (bool) preg_match( '/^[0-9A-Za-z]{14,}/', $uid ); return (bool) preg_match( '/^[0-9A-Za-z]{14,}/', $uid );
} }
/**
* Verify if the input string is a valid UID of size 32
* @param string $uid
* @return boolean
*/
public static function verifyUniqueID32($uid)
{
return (bool) preg_match('/^[0-9A-Za-z]{32,32}$/', $uid);
}
/** /**
* is_utf8 * is_utf8

68
workflow/engine/methods/services/ActionsByEmailDataFormPost.php
View File

@@ -1,8 +1,8 @@
<?php <?php
if (PMLicensedFeatures if (PMLicensedFeatures
::getSingleton() ::getSingleton()
->verifyfeature('zLhSk5TeEQrNFI2RXFEVktyUGpnczV1WEJNWVp6cjYxbTU3R29mVXVZNWhZQT0=')) { ->verifyfeature('zLhSk5TeEQrNFI2RXFEVktyUGpnczV1WEJNWVp6cjYxbTU3R29mVXVZNWhZQT0=')) {
$G_PUBLISH = new Publisher(); $G_PUBLISH = new Publisher();
try { try {
/** /**
@@ -28,46 +28,46 @@ if (PMLicensedFeatures
* In 'b' is reflected the output of 'a'. * In 'b' is reflected the output of 'a'.
*/ */
$backupSession = serialize($_SESSION); $backupSession = serialize($_SESSION);
if ($_REQUEST['APP_UID'] == '') { if (empty($_GET['APP_UID'])) {
if($_GET['APP_UID'] == ''){ $sw = empty($_REQUEST['APP_UID']);
throw new Exception('The parameter APP_UID is empty.'); if (!$sw && !G::verifyUniqueID32($_REQUEST['APP_UID'])) {
} else { $_GET['APP_UID'] = $_REQUEST['APP_UID'];
$_REQUEST['APP_UID'] = $_GET['APP_UID']; }
if ($sw) {
throw new Exception('The parameter APP_UID is empty.');
} }
} }
if ($_REQUEST['DEL_INDEX'] == '') { if (empty($_REQUEST['DEL_INDEX'])) {
throw new Exception('The parameter DEL_INDEX is empty.'); throw new Exception('The parameter DEL_INDEX is empty.');
} }
if ($_REQUEST['ABER'] == '') { if (empty($_REQUEST['ABER'])) {
throw new Exception('The parameter ABER is empty.'); throw new Exception('The parameter ABER is empty.');
} }
if (!isset($_REQUEST['form'])) { $appUid = G::decrypt($_GET['APP_UID'], URL_KEY);
$_REQUEST['form'] = array(); $delIndex = G::decrypt($_REQUEST['DEL_INDEX'], URL_KEY);
} $aber = G::decrypt($_REQUEST['ABER'], URL_KEY);
$forms = isset($_REQUEST['form']) ? $_REQUEST['form'] : [];
$_REQUEST['APP_UID'] = G::decrypt($_REQUEST['APP_UID'], URL_KEY);
$_REQUEST['DEL_INDEX'] = G::decrypt($_REQUEST['DEL_INDEX'], URL_KEY);
$_REQUEST['ABER'] = G::decrypt($_REQUEST['ABER'], URL_KEY);
G::LoadClass('case'); G::LoadClass('case');
$case = new Cases(); $case = new Cases();
$casesFields = $case->loadCase($_REQUEST['APP_UID'], $_REQUEST['DEL_INDEX']); $casesFields = $case->loadCase($appUid, $delIndex);
$casesFields['APP_DATA'] = array_merge($casesFields['APP_DATA'], $_REQUEST['form']); $casesFields['APP_DATA'] = array_merge($casesFields['APP_DATA'], $forms);
//Get user info //Get user info
$current_user_uid = null; $current_user_uid = null;
$currentUsrName = null; $currentUsrName = null;
$criteria = new Criteria("workflow"); $criteria = new Criteria("workflow");
$criteria->addSelectColumn(AppDelegationPeer::USR_UID); $criteria->addSelectColumn(AppDelegationPeer::USR_UID);
$criteria->add(AppDelegationPeer::APP_UID, $_REQUEST["APP_UID"]); $criteria->add(AppDelegationPeer::APP_UID, $appUid);
$criteria->add(AppDelegationPeer::DEL_INDEX, $_REQUEST["DEL_INDEX"]); $criteria->add(AppDelegationPeer::DEL_INDEX, $delIndex);
$rsSQL = AppDelegationPeer::doSelectRS($criteria); $rsSQL = AppDelegationPeer::doSelectRS($criteria);
$rsSQL->setFetchmode(ResultSet::FETCHMODE_ASSOC); $rsSQL->setFetchmode(ResultSet::FETCHMODE_ASSOC);
@@ -92,7 +92,7 @@ if (PMLicensedFeatures
$row = $rsSQL->getRow(); $row = $rsSQL->getRow();
$currentUsrName = $row["USR_USERNAME"]; $currentUsrName = $row["USR_USERNAME"];
$casesFields["APP_DATA"]["USER_LOGGED"] = $current_user_uid; $casesFields["APP_DATA"]["USER_LOGGED"] = $current_user_uid;
$casesFields["APP_DATA"]["USR_USERNAME"] = $currentUsrName; $casesFields["APP_DATA"]["USR_USERNAME"] = $currentUsrName;
} }
@@ -101,18 +101,18 @@ if (PMLicensedFeatures
} }
//Update case info //Update case info
$case->updateCase($_REQUEST['APP_UID'], $casesFields); $case->updateCase($appUid, $casesFields);
G::LoadClass('wsBase'); G::LoadClass('wsBase');
$wsBaseInstance = new wsBase(); $wsBaseInstance = new wsBase();
$result = $wsBaseInstance->derivateCase($casesFields['CURRENT_USER_UID'], $_REQUEST['APP_UID'], $_REQUEST ['DEL_INDEX'], true); $result = $wsBaseInstance->derivateCase($casesFields['CURRENT_USER_UID'], $appUid, $delIndex, true);
$code = (is_array($result) ? $result['status_code'] : $result->status_code); $code = (is_array($result) ? $result['status_code'] : $result->status_code);
$dataResponses = array(); $dataResponses = array();
$dataResponses['ABE_REQ_UID'] = $_REQUEST['ABER']; $dataResponses['ABE_REQ_UID'] = $aber;
$dataResponses['ABE_RES_CLIENT_IP'] = $_SERVER['REMOTE_ADDR']; $dataResponses['ABE_RES_CLIENT_IP'] = $_SERVER['REMOTE_ADDR'];
$dataResponses['ABE_RES_DATA'] = serialize($_REQUEST['form']); $dataResponses['ABE_RES_DATA'] = serialize($forms);
$dataResponses['ABE_RES_STATUS'] = 'PENDING'; $dataResponses['ABE_RES_STATUS'] = 'PENDING';
$dataResponses['ABE_RES_MESSAGE'] = ''; $dataResponses['ABE_RES_MESSAGE'] = '';
@@ -129,13 +129,13 @@ if (PMLicensedFeatures
//Save Cases Notes //Save Cases Notes
include_once 'utils.php'; include_once 'utils.php';
$dataAbeRequests = loadAbeRequest($_REQUEST['ABER']); $dataAbeRequests = loadAbeRequest($aber);
$dataAbeConfiguration = loadAbeConfiguration($dataAbeRequests['ABE_UID']); $dataAbeConfiguration = loadAbeConfiguration($dataAbeRequests['ABE_UID']);
if ($dataAbeConfiguration['ABE_CASE_NOTE_IN_RESPONSE'] == 1) { if ($dataAbeConfiguration['ABE_CASE_NOTE_IN_RESPONSE'] == 1) {
$response = new stdclass(); $response = new stdclass();
$response->usrUid = $casesFields['APP_DATA']['USER_LOGGED']; $response->usrUid = $casesFields['APP_DATA']['USER_LOGGED'];
$response->appUid = $_REQUEST['APP_UID']; $response->appUid = $appUid;
$response->noteText = "Check the information that was sent for the receiver: " . $dataAbeRequests['ABE_REQ_SENT_TO']; $response->noteText = "Check the information that was sent for the receiver: " . $dataAbeRequests['ABE_REQ_SENT_TO'];
postNote($response); postNote($response);
@@ -144,10 +144,10 @@ if (PMLicensedFeatures
$dataAbeRequests['ABE_REQ_ANSWERED'] = 1; $dataAbeRequests['ABE_REQ_ANSWERED'] = 1;
$code == 0 ? uploadAbeRequest($dataAbeRequests) : ''; $code == 0 ? uploadAbeRequest($dataAbeRequests) : '';
if (isset ( $_FILES ['form'] )) { if (isset($_FILES ['form'])) {
if (isset( $_FILES["form"]["name"] ) && count( $_FILES["form"]["name"] ) > 0) { if (isset($_FILES["form"]["name"]) && count($_FILES["form"]["name"]) > 0) {
$oInputDocument = new \ProcessMaker\BusinessModel\Cases\InputDocument(); $oInputDocument = new \ProcessMaker\BusinessModel\Cases\InputDocument();
$oInputDocument->uploadFileCase($_FILES, $case, $casesFields, $current_user_uid, $_REQUEST['APP_UID'], $_REQUEST["DEL_INDEX"]); $oInputDocument->uploadFileCase($_FILES, $case, $casesFields, $current_user_uid, $appUid, $delIndex);
} }
} }
@@ -155,8 +155,8 @@ if (PMLicensedFeatures
$aMessage['MESSAGE'] = '<strong>The information was submitted. Thank you.</strong>'; $aMessage['MESSAGE'] = '<strong>The information was submitted. Thank you.</strong>';
} else { } else {
throw new Exception('An error occurred while the application was being processed.<br /><br /> throw new Exception('An error occurred while the application was being processed.<br /><br />
Error code: '.$result->status_code.'<br /> Error code: ' . $result->status_code . '<br />
Error message: '.$result->message.'<br /><br />'); Error message: ' . $result->message . '<br /><br />');
} }
// Update // Update
@@ -173,7 +173,7 @@ if (PMLicensedFeatures
$_SESSION = unserialize($backupSession); $_SESSION = unserialize($backupSession);
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/showInfo', '', $aMessage); $G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/showInfo', '', $aMessage);
} catch (Exception $error) { } catch (Exception $error) {
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/showMessage', '', array('MESSAGE' => $error->getMessage().' Please contact to your system administrator.')); $G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/showMessage', '', array('MESSAGE' => $error->getMessage() . ' Please contact to your system administrator.'));
} }
$_SESSION = unserialize($backupSession); $_SESSION = unserialize($backupSession);
G::RenderPage('publish', 'blank'); G::RenderPage('publish', 'blank');