fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

BY-2846 [Notice] Undefined index: v in cases_ShowDocument.php

Browse Source 
Add validation load variable "v".
This commit is contained in:
Marco A. Nina Mena
2017-03-13 13:01:46 -04:00
parent 4c07012e19
commit f34d8fc0d4
1 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
workflow/engine/methods/cases/cases_ShowDocument.php
View File

@@ -48,23 +48,29 @@ if (isset($_REQUEST['actionAjax']) && $_REQUEST['actionAjax'] == "verifySession"
require_once ("classes/model/AppDocumentPeer.php"); require_once ("classes/model/AppDocumentPeer.php");
$oAppDocument = new AppDocument(); $oAppDocument = new AppDocument();
if (empty($_GET['a'])) {
G::header('Location: /errors/error403.php');
die();
}
if (empty($_GET['v'])) {
//Load last version of the document
$docVersion = $oAppDocument->getLastAppDocVersion($_GET['a']);
} else {
$docVersion = $_GET['v'];
}
//Check if the user can be download the input Document //Check if the user can be download the input Document
//Send the parameter v = Version //Send the parameter v = Version
//Send the parameter a = Case UID //Send the parameter a = Case UID
if (defined('DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION') && DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION == 0) { if (defined('DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION') && DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION == 0) {
if (!$oAppDocument->canDownloadInput($_SESSION['USER_LOGGED'], $_GET['a'], $_GET['v'])) {
if (!$oAppDocument->canDownloadInput($_SESSION['USER_LOGGED'], $_GET['a'], $docVersion)) {
G::header('Location: /errors/error403.php'); G::header('Location: /errors/error403.php');
die(); die();
} }
} }
if (! isset( $_GET['v'] )) {
//Load last version of the document
$docVersion = $oAppDocument->getLastAppDocVersion( $_GET['a'] );
} else {
$docVersion = $_GET['v'];
}
$oAppDocument->Fields = $oAppDocument->load( $_GET['a'], $docVersion ); $oAppDocument->Fields = $oAppDocument->load( $_GET['a'], $docVersion );
$sAppDocUid = $oAppDocument->getAppDocUid(); $sAppDocUid = $oAppDocument->getAppDocUid();