fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

BUG 9477 Problem notifying the next user

Browse Source 
We've detected 2 problems:

1.- The new algorithm to detect if the password is encrypted don't support passwords with a ":" character

2.- When recover the email configuration the system don't decrypt correctly the password of a previous version (without encryption, backwards compatibility)
This commit is contained in:
Julio Cesar Laura
2012-07-25 18:47:13 -04:00
parent 16ce328397
commit f6d90d7ac6
12 changed files with 309 additions and 186 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
gulliver/system/class.g.php
View File

@@ -3387,10 +3387,16 @@ $output = $outputHeader.$output;
$passwd = $setup['MESS_PASSWORD'];
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
if (strpos( $passwdDec, 'hash:' ) !== false) {
list($hash, $pass) = explode(":", $passwdDec);
$setup['MESS_PASSWORD'] = $pass;
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$setup['MESS_PASSWORD'] = $passwd;
$mail = new PHPMailer(true);
$mail->From = $from != '' && $from ? $from : $setup['MESS_ACCOUNT'];
$mail->FromName = $fromName;

13
workflow/engine/classes/class.case.php
View File

@@ -4452,10 +4452,15 @@ class Cases
$aConfiguration = unserialize($aConfiguration["CFG_VALUE"]);
$passwd = $aConfiguration["MESS_PASSWORD"];
$passwdDec = G::decrypt($passwd, "EMAILENCRYPT");
if (strpos($passwdDec, "hash:") !== false) {
list($hash, $pass) = explode(":", $passwdDec);
$passwd = $pass;
}
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$aConfiguration["MESS_PASSWORD"] = $passwd;
} else {
$aConfiguration = array();

59
workflow/engine/classes/class.spool.php
View File

@@ -52,7 +52,7 @@ require_once ('classes/model/AppMessage.php');
class spoolRun {
private $config;
public $config;
private $fileData;
private $spool_id;
public $status;
@@ -332,10 +332,16 @@ class spoolRun {
$oPHPMailer->Username = $this->config['MESS_ACCOUNT'];
$passwd = $this->config['MESS_PASSWORD'];
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
if (strpos( $passwdDec, 'hash:' ) !== false) {
list($hash, $pass) = explode(":", $passwdDec);
$this->config['MESS_PASSWORD'] = $pass;
}
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$this->config['MESS_PASSWORD'] = $passwd;
$oPHPMailer->Password = $this->config['MESS_PASSWORD'];
$oPHPMailer->From = $this->fileData['from_email'];
$oPHPMailer->FromName = utf8_decode($this->fileData['from_name']);
@@ -386,10 +392,16 @@ class spoolRun {
$oPHPMailer->Username = $this->config['MESS_ACCOUNT'];
$passwd = $this->config['MESS_PASSWORD'];
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
if (strpos( $passwdDec, 'hash:' ) !== false) {
list($hash, $pass) = explode(":", $passwdDec);
$this->config['MESS_PASSWORD'] = $pass;
}
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$this->config['MESS_PASSWORD'] = $passwd;
$oPHPMailer->Password = $this->config['MESS_PASSWORD'];
$oPHPMailer->From = $this->fileData['from_email'];
$oPHPMailer->FromName = utf8_decode($this->fileData['from_name']);
@@ -472,10 +484,16 @@ class spoolRun {
$passwd = $this->config['MESS_PASSWORD'];
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
if (strpos( $passwdDec, 'hash:' ) !== false) {
list($hash, $pass) = explode(":", $passwdDec);
$this->config['MESS_PASSWORD'] = $pass;
}
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$this->config['MESS_PASSWORD'] = $passwd;
$send->setPassword($this->config['MESS_PASSWORD']);
$send->setReturnPath($this->fileData['from_email']);
$send->setHeaders($header);
@@ -508,11 +526,16 @@ class spoolRun {
$aConfiguration = unserialize($aConfiguration["CFG_VALUE"]);
$passwd = $aConfiguration["MESS_PASSWORD"];
$passwdDec = G::decrypt($passwd,"EMAILENCRYPT");
if (strpos($passwdDec, "hash:") !== false) {
list($hash, $pass) = explode(":", $passwdDec);
$aConfiguration["MESS_PASSWORD"] = $pass;
}
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$aConfiguration["MESS_PASSWORD"] = $passwd;
if ($aConfiguration["MESS_ENABLED"] == "1") {
$this->setConfig(array(

15
workflow/engine/classes/class.wsBase.php
View File

@@ -710,11 +710,16 @@ class wsBase
$passwd =$aSetup['MESS_PASSWORD'];
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
if (strpos($passwdDec, 'hash:') !== false) {
list($hash, $pass) = explode(":", $passwdDec);
$arrayFrom['MESS_PASSWORD'] = $pass;
}
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$aSetup['MESS_PASSWORD'] = $passwd;
$oSpool = new spoolRun();
$oSpool->setConfig(array(

28
workflow/engine/classes/model/AppNotes.php
View File

@@ -15,7 +15,7 @@ require_once 'classes/model/om/BaseAppNotes.php';
*/
class AppNotes extends BaseAppNotes {
function getNotesList($appUid, $usrUid='', $start='', $limit='')
function getNotesList($appUid, $usrUid='', $start='', $limit='')
{
require_once ("classes/model/Users.php");
@@ -62,8 +62,8 @@ class AppNotes extends BaseAppNotes {
$oDataset = appNotesPeer::doSelectRS($Criteria);
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$oDataset->next();
while ($aRow = $oDataset->getRow()) {
while ($aRow = $oDataset->getRow()) {
$aRow['NOTE_CONTENT'] = stripslashes($aRow['NOTE_CONTENT']);
$response['notes'][] = $aRow;
$oDataset->next();
@@ -147,12 +147,18 @@ class AppNotes extends BaseAppNotes {
$aConfiguration = $oConfiguration->load('Emails', '', '', '', '');
if ($aConfiguration['CFG_VALUE'] != '') {
$aConfiguration = unserialize($aConfiguration['CFG_VALUE']);
$passwd = $aConfiguration['MESS_PASSWORD'];
$passwd = $aConfiguration['MESS_PASSWORD'];
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
if (strpos( $passwdDec, 'hash:' ) !== false) {
list($hash, $pass) = explode(":", $passwdDec);
$aConfiguration['MESS_PASSWORD'] = $pass;
}
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$aConfiguration['MESS_PASSWORD'] = $passwd;
} else {
$aConfiguration = array();
}
@@ -195,7 +201,7 @@ class AppNotes extends BaseAppNotes {
}
$sSubject = G::replaceDataField($configNoteNotification['subject'], $aFields);
//erik: new behaviour for messages
//G::loadClass('configuration');
@@ -220,7 +226,7 @@ class AppNotes extends BaseAppNotes {
G::LoadClass('spool');
$oUser = new Users();
$recipientsArray=explode(",",$noteRecipients);
foreach($recipientsArray as $recipientUid){
@@ -255,7 +261,7 @@ class AppNotes extends BaseAppNotes {
if (($aConfiguration['MESS_BACKGROUND'] == '') || ($aConfiguration['MESS_TRY_SEND_INMEDIATLY'] == '1')) {
$oSpool->sendMail();
}
}
//Send derivation notification - End

48
workflow/engine/controllers/adminProxy.php
View File

@@ -362,7 +362,7 @@ class adminProxy extends HttpProxyController
$_POST['MESS_PASSWORD'] = '';
$_POST['TO'] = $mail_to;
$_POST['SMTPAuth'] = true;
try {
$resp = $this->sendTestMail();
} catch (Exception $error) {
@@ -372,10 +372,10 @@ class adminProxy extends HttpProxyController
}
$response = array('success' => $resp->status);
if ($resp->status == false)
$response['msg'] = G::LoadTranslation('ID_SENDMAIL_NOT_INSTALLED');
echo G::json_encode($response);
die;
}
@@ -392,11 +392,16 @@ class adminProxy extends HttpProxyController
}
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
if (strpos( $passwdDec, 'hash:' ) !== false) {
list($hash, $pass) = explode(":", $passwdDec);
$_POST['passwd'] = $pass;
}
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$_POST['passwd'] = $passwd;
$port = $_POST['port'];
$auth_required = $_POST['req_auth'];
@@ -654,9 +659,20 @@ class adminProxy extends HttpProxyController
}
$aFields['MESS_PASSWORD_HIDDEN'] = '';
$aPasswd = G::decrypt($aFields['MESS_PASSWORD'],'EMAILENCRYPT');
$passwd = $aFields['MESS_PASSWORD'];
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$aFields['MESS_PASSWORD'] = $passwd;
if ((strpos( $aPasswd, 'hash:') !== true) && ($aFields['MESS_PASSWORD'] != '')) { // for plain text
if ($aFields['MESS_PASSWORD'] != '') { // for plain text
$aFields['MESS_PASSWORD'] = 'hash:'.$aFields['MESS_PASSWORD'];
$aFields['MESS_PASSWORD'] = G::encrypt($aFields['MESS_PASSWORD'],'EMAILENCRYPT');
}
@@ -733,10 +749,16 @@ class adminProxy extends HttpProxyController
$this->success = (count($fields) > 0);
$passwd = $fields['MESS_PASSWORD'];
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
if (strpos( $passwdDec, 'hash:' ) !== false) {
list($hash, $pass) = explode(":", $passwdDec);
$fields['MESS_PASSWORD'] = $pass;
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$fields['MESS_PASSWORD'] = $passwd;
}
$this->data = $fields;
}

112
workflow/engine/methods/cases/caseMessageHistory_Ajax.php
View File

@@ -24,113 +24,113 @@
*/
$actionAjax = isset($_REQUEST['actionAjax'])?$_REQUEST['actionAjax']: null;
if($actionAjax=='messageHistoryGridList_JXP'){
G::LoadClass('case');
G::LoadClass("BasePeer" );
global $G_PUBLISH;
global $G_PUBLISH;
$oCase = new Cases();
$appMessageArray = $oCase->getHistoryMessagesTrackerExt($_SESSION['APPLICATION']);
$result = new stdClass();
$aProcesses = Array();
$totalCount = 0;
foreach( $appMessageArray as $index => $value){
$appMessageArray[$index]['ID_MESSAGE'] = $appMessageArray[$index]['APP_UID'].'_'.$appMessageArray[$index]['APP_MSG_UID'];
foreach( $appMessageArray as $index => $value){
$appMessageArray[$index]['ID_MESSAGE'] = $appMessageArray[$index]['APP_UID'].'_'.$appMessageArray[$index]['APP_MSG_UID'];
$aProcesses[] = $appMessageArray[$index];
$totalCount++;
}
$newDir = '/tmp/test/directory';
$r = G::verifyPath ( $newDir );
$r->data = $aProcesses;
$r->totalCount = $totalCount;
echo G::json_encode($r);
}
if($actionAjax=='showHistoryMessage'){
?>
<link rel="stylesheet" type="text/css" href="/css/classic.css" />
<style type="text/css">
html{
color:black !important;
color:black !important;
}
body{
color:black !important;
color:black !important;
}
</style>
<script language="Javascript">
//!Code that simulated reload library javascript maborak
var leimnud = {};
var leimnud = {};
leimnud.exec = "";
leimnud.fix = {};
leimnud.fix.memoryLeak = "";
leimnud.browser = {};
leimnud.browser.isIphone = "";
leimnud.iphone = {};
leimnud.iphone.make = function(){};
function ajax_function(ajax_server, funcion, parameters, method){
leimnud.iphone.make = function(){};
function ajax_function(ajax_server, funcion, parameters, method){
}
//!
</script>
<?php
G::LoadClass('case');
$oCase = new Cases();
$_POST["APP_UID"] = $_REQUEST["APP_UID"];
$_POST['APP_MSG_UID'] = $_REQUEST["APP_MSG_UID"];
$G_PUBLISH = new Publisher();
$oCase = new Cases();
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'cases/cases_MessagesView', '', $oCase->getHistoryMessagesTrackerView($_POST['APP_UID'], $_POST['APP_MSG_UID']));
?>
?>
<script language="javascript">
<?php
global $G_FORM;
?>
function loadForm_<?php echo $G_FORM->id;?>(parametro1){
function loadForm_<?php echo $G_FORM->id;?>(parametro1){
}
</script>
<?php
G::RenderPage('publish', 'raw');
G::RenderPage('publish', 'raw');
}
if($actionAjax=='sendMailMessage_JXP'){
//!dataSystem
$errorMessage = "";
try{
$errorMessage = "";
try{
//!dataInput
$_POST['APP_UID'] = $_REQUEST['APP_UID'];
$_POST['APP_MSG_UID'] = $_REQUEST['APP_MSG_UID'];
G::LoadClass('case');
$oCase = new Cases();
require_once 'classes/model/Configuration.php';
G::LoadClass('spool');
$oCase = new Cases();
$data = $oCase->getHistoryMessagesTrackerView($_POST['APP_UID'], $_POST['APP_MSG_UID']);
//print_r($data);
$oConfiguration = new Configuration();
$sDelimiter = DBAdapter::getStringDelimiter();
$oCriteria = new Criteria('workflow');
@@ -151,13 +151,19 @@
}
}
$passwd = $aConfiguration['MESS_PASSWORD'];
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
if (strpos( $passwdDec, 'hash:' ) !== false) {
list($hash, $pass) = explode(":", $passwdDec);
$aConfiguration['MESS_PASSWORD'] = $pass;
}
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$aConfiguration['MESS_PASSWORD'] = $passwd;
$oSpool = new spoolRun();
$oSpool->setConfig(array(
'MESS_ENGINE' => $aConfiguration['MESS_ENGINE'],
@@ -167,7 +173,7 @@
'MESS_PASSWORD' => $passwd,
'SMTPAuth' => $aConfiguration['MESS_RAUTH']
));
$oSpool->create(array(
'msg_uid' => $data['MSG_UID'],
'app_uid' => $data['APP_UID'],
@@ -184,16 +190,16 @@
'app_msg_status'=> 'pending'
));
$oSpool->sendMail();
}
catch(Exception $e){
$errorMessage = $e->getMessage();
}
echo $errorMessage;
}
echo $errorMessage;
}

20
workflow/engine/methods/cases/cases_Ajax.php
View File

@@ -86,7 +86,7 @@ switch (($_POST['action'])?$_POST['action']:$_REQUEST['action']) {
$oHeadPublisher->addScriptCode('
var pb=leimnud.dom.capture("tag.body 0");
Pm=new processmap();
var params = "{\"uid\":\"' . $_SESSION['PROCESS'] . '\",\"mode\":false,\"ct\":false}";
// maximun x and y position
var xPos = 0;
@@ -99,7 +99,7 @@ switch (($_POST['action'])?$_POST['action']:$_REQUEST['action']) {
method: "POST",
args : "action=load&data="+params
});
// make the ajax call
oRPC.make();
var response = eval(\'(\' + oRPC.xmlhttp.responseText + \')\');
@@ -849,12 +849,18 @@ switch (($_POST['action'])?$_POST['action']:$_REQUEST['action']) {
'MESS_PASSWORD' => $aConfiguration['MESS_PASSWORD'],
'SMTPAuth' => $aConfiguration['MESS_RAUTH']
));
$passwd = $oSpool['MESS_PASSWORD'];
$passwd = $oSpool->config['MESS_PASSWORD'];
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
if (strpos( $passwdDec, 'hash:' ) !== false) {
list($hash, $pass) = explode(":", $passwdDec);
$oSpool['MESS_PASSWORD'] = $pass;
}
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$oSpool->config['MESS_PASSWORD'] = $passwd;
$oSpool->create(array(
'msg_uid' => $data['MSG_UID'],
'app_uid' => $data['APP_UID'],

19
workflow/engine/methods/login/retrivePassword.php
View File

@@ -18,9 +18,9 @@ if($userData['USR_EMAIL'] != '' && $userData['USR_EMAIL'] === $data['USR_EMAIL']
G::header('location: forgotPassword');
die;
}
$newPass = G::generate_password();
$aData['USR_UID'] = $userData['USR_UID'];
$aData['USR_PASSWORD'] = md5($newPass);
/* **Save after sending the mail
@@ -66,6 +66,19 @@ if($userData['USR_EMAIL'] != '' && $userData['USR_EMAIL'] === $data['USR_EMAIL']
'SMTPSecure' => $aSetup['SMTPSecure']
));
$passwd = $oSpool->config['MESS_PASSWORD'];
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$oSpool->config['MESS_PASSWORD'] = $passwd;
$oSpool->create(array(
'msg_uid' => '',
'app_uid' => '',
@@ -80,7 +93,7 @@ if($userData['USR_EMAIL'] != '' && $userData['USR_EMAIL'] === $data['USR_EMAIL']
'app_msg_attach' => '',
'app_msg_template' => '',
'app_msg_status' => 'pending',
'app_msg_attach'=>''
'app_msg_attach'=>''
));
try {

46
workflow/engine/methods/setup/emails_Ajax.php
View File

@@ -66,7 +66,7 @@ switch ($request) {
define("FAILED", 'FAILED');
$varaux = preg_match("([^//]*$)", $_POST['srv'], $regs);
if($regs)
$srv = $regs[0];
$srv = $regs[0];
else
$srv = $_POST['srv'];
@@ -74,10 +74,16 @@ switch ($request) {
$user = $_POST['account'];
$passwd = $_POST['passwd'];
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
if (strpos( $passwdDec, 'hash:' ) !== false) {
list($hash, $pass) = explode(":", $passwdDec);
$_POST['passwd'] = $pass;
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$_POST['passwd'] = $passwd;
$step = $_POST['step'];
$auth_required = $_POST['auth_required'];
$send_test_mail = $_POST['send_test_mail'];
@@ -87,7 +93,7 @@ switch ($request) {
$Server = new NET($srv);
$smtp = new SMTP;
switch ($step) {
case 1:
if ($Server->getErrno() == 0) {
@@ -112,7 +118,7 @@ switch ($request) {
#try to connect to host
case 3:
$hostinfo = array();
if (preg_match('/^(.+):([0-9]+)$/', $srv, $hostinfo)) {
$host = $hostinfo[1];
$port = $hostinfo[2];
@@ -122,23 +128,23 @@ switch ($request) {
$tls = ($SMTPSecure == 'tls');
$ssl = ($SMTPSecure == 'ssl');
$resp = $smtp->Connect(($ssl ? 'ssl://':'').$host, $port, $timeout);
if ($resp) {
print(SUCCESSFUL.','.$smtp->status);
} else {
print(FAILED.','.$smtp->error['error']);
}
break;
#try login to host
case 4:
if($auth_required == 'yes') {
if($auth_required == 'yes') {
try {
$hostinfo = array();
if (preg_match('/^(.+):([0-9]+)$/', $srv, $hostinfo)) {
$host = $hostinfo[1];
$port = $hostinfo[2];
@@ -148,7 +154,7 @@ switch ($request) {
$tls = ($SMTPSecure == 'tls');
$ssl = ($SMTPSecure == 'ssl');
$resp = $smtp->Connect(($ssl ? 'ssl://':'').$host, $port, $timeout);
if ($resp) {
@@ -163,13 +169,13 @@ switch ($request) {
//We must resend HELO after tls negotiation
$smtp->Hello($hello);
}
if( $smtp->Authenticate($user, $passwd ) ) {
print(SUCCESSFUL.','.$smtp->status);
} else {
print(FAILED.','.$smtp->error['error']);
}
} else {
print(FAILED.','.$smtp->error['error']);
}
@@ -209,7 +215,7 @@ switch ($request) {
} catch (Exception $e) {
print(FAILED.','.$e->getMessage());
}
} else {
print('jump this step');
}
@@ -251,6 +257,18 @@ function sendTestMail() {
G::LoadClass('spool');
$oSpool = new spoolRun();
$passwd = $_POST['MESS_PASSWORD'];
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$_POST['MESS_PASSWORD'] = $passwd;
$oSpool->setConfig( array(
'MESS_ENGINE' => $_POST['MESS_ENGINE'],

18
workflow/engine/methods/setup/emails_Save.php
View File

@@ -38,10 +38,22 @@ if ($aFields['MESS_PASSWORD_HIDDEN'] !='') {
}
$aFields['MESS_PASSWORD_HIDDEN'] = '';
$aPasswd = G::decrypt($aFields['MESS_PASSWORD'],'EMAILENCRYPT');
if ((strpos( $aPasswd, 'hash:') !== true) && ($aFields['MESS_PASSWORD'] != '')) { // for plain text
$passwd = $aFields['MESS_PASSWORD'];
$passwdDec = G::decrypt($passwd,'EMAILENCRYPT');
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
if (count($auxPass) == 2) {
$passwd = $auxPass[1];
} else {
array_shift($auxPass);
$passwd = implode('', $auxPass);
}
}
$aFields['MESS_PASSWORD'] = $passwd;
if ($aFields['MESS_PASSWORD'] != '') { // for plain text
$aFields['MESS_PASSWORD'] = 'hash:'.$aFields['MESS_PASSWORD'];
$aFields['MESS_PASSWORD'] = G::encrypt($aFields['MESS_PASSWORD'],'EMAILENCRYPT');
}
$aFields['MESS_PASSWORD'] = G::encrypt($aFields['MESS_PASSWORD'],'EMAILENCRYPT');
}
$aFields['MESS_BACKGROUND'] = isset($_POST['form']['MESS_ENABLED']) ?isset($_POST['form']['MESS_BACKGROUND']) ? $_POST['form']['MESS_BACKGROUND'] : '': '';
$aFields['MESS_EXECUTE_EVERY'] = isset($_POST['form']['MESS_ENABLED']) ?$_POST['form']['MESS_EXECUTE_EVERY']: '';
$aFields['MESS_SEND_MAX'] = isset($_POST['form']['MESS_ENABLED']) ?$_POST['form']['MESS_SEND_MAX']: '';

105
workflow/engine/methods/users/usersAjax.php
View File

@@ -4,29 +4,29 @@ global $RBAC;
switch($_POST['action'])
{
case 'countryList' :
case 'countryList' :
require_once ("classes/model/IsoCountry.php");
$c = new Criteria();
$c->add(IsoCountryPeer::IC_UID, NULL, Criteria::ISNOTNULL);
$c->add(IsoCountryPeer::IC_UID, NULL, Criteria::ISNOTNULL);
$countries = IsoCountryPeer::doSelect($c);
foreach ( $countries as $rowid => $row ) {
$oData[] = Array('IC_UID'=>$row->getICUid(),'IC_NAME'=>$row->getICName());
$oData[] = Array('IC_UID'=>$row->getICUid(),'IC_NAME'=>$row->getICName());
}
print(G::json_encode($oData));
break;
case 'stateList' :
require_once ("classes/model/IsoSubdivision.php");
$c = new Criteria();
$country = $_POST['IC_UID'];
$c->add(IsoSubdivisionPeer::IC_UID, $country, Criteria::EQUAL);
$country = $_POST['IC_UID'];
$c->add(IsoSubdivisionPeer::IC_UID, $country, Criteria::EQUAL);
$locations = IsoSubdivisionPeer::doSelect($c);
$oData = Array();
foreach( $locations as $rowid => $row ) {
if (($row->getISUid() != '') && ($row->getISName() != ''))
$oData[] = Array('IS_UID' => $row->getISUid(), 'IS_NAME' => $row->getISName());
$oData[] = Array('IS_UID' => $row->getISUid(), 'IS_NAME' => $row->getISName());
}
print(G::json_encode($oData));
break;
@@ -37,13 +37,13 @@ switch($_POST['action'])
$country = $_POST['IC_UID'];
$state = $_POST['IS_UID'];
$c->add(IsoLocationPeer::IC_UID, $country, Criteria::EQUAL);
$c->add(IsoLocationPeer::IS_UID, $state, Criteria::EQUAL);
$c->add(IsoLocationPeer::IS_UID, $state, Criteria::EQUAL);
$locations = IsoLocationPeer::doSelect($c);
$oData = Array();
foreach ( $locations as $rowid => $row ) {
if (($row->getILUid() != '') && ($row->getILName() != ''))
$oData[] = Array('IL_UID' => $row->getILUid(), 'IL_NAME' => $row->getILName());
$oData[] = Array('IL_UID' => $row->getILUid(), 'IL_NAME' => $row->getILName());
}
print(G::json_encode($oData));
break;
@@ -55,7 +55,7 @@ switch($_POST['action'])
$oCriteria->addSelectColumn(UsersPeer::USR_FIRSTNAME);
$oCriteria->addSelectColumn(UsersPeer::USR_LASTNAME);
$oCriteria->addSelectColumn(UsersPeer::USR_EMAIL);
$oCriteria->add(UsersPeer::USR_STATUS,'ACTIVE');
$oCriteria->add(UsersPeer::USR_STATUS,'ACTIVE');
$oDataset = UsersPeer::doSelectRS($oCriteria);
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
@@ -85,7 +85,7 @@ switch($_POST['action'])
$calendarObj = $calendar->getCalendarList ( true, true );
$oData[] = array('CALENDAR_UID' => '', 'CALENDAR_NAME' => '- None -');
foreach ( $calendarObj ['array'] as $rowid => $row ) {
if ($rowid > 0)
if ($rowid > 0)
$oData[] = array('CALENDAR_UID' => $row['CALENDAR_UID'], 'CALENDAR_NAME' => $row['CALENDAR_NAME']);
}
print(G::json_encode($oData));
@@ -96,7 +96,7 @@ switch($_POST['action'])
$rolesData = $roles->getAllRoles();
foreach( $rolesData as $rowid => $row ) {
$oData[] = array('ROL_UID' => $row['ROL_CODE'],'ROL_CODE' => $row['ROL_CODE']);
}
}
print(G::json_encode($oData));
break;
case 'saveUser' :
@@ -109,7 +109,7 @@ switch($_POST['action'])
else {
$form['USR_UID'] = '';
}
/*
/*
if ( isset($_FILES['USR_RESUME']['name']) ) {
if ($_FILES['USR_RESUME']['tmp_name'] != '') {
$form['USR_RESUME'] = $_FILES['USR_RESUME']['name'];
@@ -134,7 +134,7 @@ switch($_POST['action'])
if (!isset($form['USR_AUTH_USER_DN'])) {
$form['USR_AUTH_USER_DN'] = '';
}
if ($form['USR_UID'] == '') {
$aData['USR_USERNAME'] = $form['USR_USERNAME'];
$aData['USR_PASSWORD'] = $form['USR_PASSWORD'];
@@ -170,7 +170,7 @@ switch($_POST['action'])
if ($_FILES['USR_PHOTO']['error'] != 1) {
//print (PATH_IMAGES_ENVIRONMENT_USERS);
if ($_FILES['USR_PHOTO']['tmp_name'] != '') {
if ($_FILES['USR_PHOTO']['tmp_name'] != '') {
G::uploadFile($_FILES['USR_PHOTO']['tmp_name'], PATH_IMAGES_ENVIRONMENT_USERS, $sUserUID . '.gif');
}
}
@@ -200,25 +200,25 @@ switch($_POST['action'])
$aData['USR_USERNAME'] = $form['USR_USERNAME'];
if (isset($form['USR_PASSWORD'])) {
if ($form['USR_PASSWORD'] != '') {
$aData['USR_PASSWORD'] = $form['USR_PASSWORD'];
require_once 'classes/model/UsersProperties.php';
$oUserProperty = new UsersProperties();
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($form['USR_UID'], array('USR_PASSWORD_HISTORY' => serialize(array(md5($form['USR_PASSWORD'])))));
$memKey = 'rbacSession' . session_id();
$memcache = & PMmemcached::getSingleton(defined('SYS_SYS') ? SYS_SYS : '');
$memcache = & PMmemcached::getSingleton(defined('SYS_SYS') ? SYS_SYS : '');
if ( ($RBAC->aUserInfo = $memcache->get($memKey)) === false ) {
$RBAC->loadUserRolePermission($RBAC->sSystem, $_SESSION['USER_LOGGED'] );
$memcache->set( $memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS );
$memcache->set( $memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS );
}
if( $RBAC->aUserInfo[ 'PROCESSMAKER' ]['ROLE']['ROL_CODE']=='PROCESSMAKER_ADMIN'){
$aUserProperty['USR_LAST_UPDATE_DATE'] = date('Y-m-d H:i:s');
$aUserProperty['USR_LOGGED_NEXT_TIME'] = 1;
$oUserProperty->update($aUserProperty);
}
$aErrors = $oUserProperty->validatePassword($form['USR_NEW_PASS'], $aUserProperty['USR_LAST_UPDATE_DATE'], 0);
@@ -269,9 +269,10 @@ switch($_POST['action'])
$sDescription = G::LoadTranslation('ID_POLICY_ALERT').':<br /><br />';
$sDescription .= ' - ' . G::LoadTranslation('PASSWORD_HISTORY').': ' . PPP_PASSWORD_HISTORY . '<br />';
$sDescription .= '<br />' . G::LoadTranslation('ID_PLEASE_CHANGE_PASSWORD_POLICY').'';
G::SendMessageText($sDescription, 'warning');
G::header('Location: ' . $_SERVER['HTTP_REFERER']);
die;
$result->success = false;
$result->msg = $sDescription;
print(G::json_encode($result));
die();
}
if (count($aHistory) >= PPP_PASSWORD_HISTORY) {
@@ -336,7 +337,7 @@ switch($_POST['action'])
$result->success = false;
$result->fileError = true;
print(G::json_encode($result));
die;
die;
}
/*
if ($_FILES['USR_RESUME']['error'] != 1) {
@@ -367,7 +368,7 @@ switch($_POST['action'])
/*UPDATING SESSION VARIABLES*/
$aUser = $RBAC->userObj->load($_SESSION['USER_LOGGED']);
//$_SESSION['USR_FULLNAME'] = $aUser['USR_FIRSTNAME'] . ' ' . $aUser['USR_LASTNAME'];
//$_SESSION['USR_FULLNAME'] = $aUser['USR_FIRSTNAME'] . ' ' . $aUser['USR_LASTNAME'];
$oConf->aConfig = $aConf;
$oConf->saveConfig('USER_PREFERENCES', '', '',$_SESSION['USER_LOGGED']);
@@ -379,16 +380,16 @@ switch($_POST['action'])
$aUser = $RBAC->userObj->load($_SESSION['USER_LOGGED']);
$_SESSION['USR_FULLNAME'] = $aUser['USR_FIRSTNAME'] . ' ' . $aUser['USR_LASTNAME'];
}
//Save Calendar assigment
if ((isset($form['USR_CALENDAR']))) {
//Save Calendar ID for this user
G::LoadClass("calendar");
//Save Calendar ID for this user
G::LoadClass("calendar");
$calendarObj = new Calendar();
$calendarObj->assignCalendarTo($aData['USR_UID'], $form['USR_CALENDAR'], 'USER');
}
$result->success = true;
$result->success = true;
print(G::json_encode($result));
}catch (Exception $e) {
$result->success = false;
@@ -396,7 +397,7 @@ switch($_POST['action'])
print(G::json_encode($result));
}
break;
case 'userData':
require_once 'classes/model/Users.php';
$_SESSION['CURRENT_USER'] = $_POST['USR_UID'];
@@ -412,7 +413,7 @@ switch($_POST['action'])
#verifying if it has any preferences on the configurations table
G::loadClass('configuration');
$oConf = new Configurations;
$oConf = new Configurations;
$oConf->loadConfig($x, 'USER_PREFERENCES', '', '', $_SESSION['USER_LOGGED'], '');
$aFields['PREF_DEFAULT_MENUSELECTED']='';
@@ -442,7 +443,7 @@ switch($_POST['action'])
}else{
$replaced_by = '';
}
$aFields['REPLACED_NAME'] = $replaced_by;
$aFields['REPLACED_NAME'] = $replaced_by;
if ($aFields['PREF_DEFAULT_MENUSELECTED'] != ''){
$menuSelected = '';
foreach ( $RBAC->aUserInfo['PROCESSMAKER']['PERMISSIONS'] as $permission ) {
@@ -454,7 +455,7 @@ switch($_POST['action'])
$menuSelected = strtoupper(G::LoadTranslation('ID_SETUP'));
break;
case 'PM_CASES' :
$menuSelected = strtoupper(G::LoadTranslation('ID_CASES'));
$menuSelected = strtoupper(G::LoadTranslation('ID_CASES'));
break;
case 'PM_FACTORY' :
$menuSelected = strtoupper(G::LoadTranslation('ID_APPLICATIONS'));
@@ -463,12 +464,12 @@ switch($_POST['action'])
}
}
}
$aFields['MENUSELECTED_NAME'] = $menuSelected;
$aFields['MENUSELECTED_NAME'] = $menuSelected;
$oMenu = new Menu();
$oMenu->load('cases');
if ($aFields['PREF_DEFAULT_CASES_MENUSELECTED'] != ''){
foreach($oMenu->Id as $i => $item){
if ($aFields['PREF_DEFAULT_CASES_MENUSELECTED'] == $item)
$casesMenuSelected =$oMenu->Labels[$i];
}
@@ -484,18 +485,18 @@ switch($_POST['action'])
print(G::json_encode($result));
break;
case 'defaultMainMenuOptionList';
foreach($RBAC->aUserInfo['PROCESSMAKER']['PERMISSIONS'] as $permission){
case 'defaultMainMenuOptionList';
foreach($RBAC->aUserInfo['PROCESSMAKER']['PERMISSIONS'] as $permission){
switch($permission['PER_CODE']){
case 'PM_USERS':
case 'PM_SETUP':
$rows[] = Array('id'=>'PM_SETUP', 'name'=>strtoupper(G::LoadTranslation('ID_SETUP')));
case 'PM_USERS':
case 'PM_SETUP':
$rows[] = Array('id'=>'PM_SETUP', 'name'=>strtoupper(G::LoadTranslation('ID_SETUP')));
break;
case 'PM_CASES':
$rows[] = Array('id'=>'PM_CASES', 'name'=>strtoupper(G::LoadTranslation('ID_CASES')));
case 'PM_CASES':
$rows[] = Array('id'=>'PM_CASES', 'name'=>strtoupper(G::LoadTranslation('ID_CASES')));
break;
case 'PM_FACTORY':
$rows[] = Array('id'=>'PM_FACTORY', 'name'=>strtoupper(G::LoadTranslation('ID_APPLICATIONS')));
case 'PM_FACTORY':
$rows[] = Array('id'=>'PM_FACTORY', 'name'=>strtoupper(G::LoadTranslation('ID_APPLICATIONS')));
break;
}
}
@@ -505,7 +506,7 @@ switch($_POST['action'])
$oMenu = new Menu();
$oMenu->load('cases');
foreach($oMenu->Id as $i=>$item){
if( $oMenu->Types[$i] != 'blockHeader' ){
$rowsCasesMenu[] = Array('id'=>$item, 'name' => $oMenu->Labels[$i]);
@@ -531,7 +532,7 @@ switch($_POST['action'])
}
$aFields = array();
$aFields['DESCRIPTION'] = G::LoadTranslation('ID_POLICY_ALERT').':<br />';
foreach ($aErrors as $sError) {
switch ($sError) {
case 'ID_PPP_MINIMUM_LENGTH':
@@ -559,13 +560,13 @@ switch($_POST['action'])
$color = 'green';
$img = '/images/dialog-ok-apply.png';
$aFields['DESCRIPTION'] = G::LoadTranslation('ID_PASSWORD_COMPLIES_POLICIES') . '</span>';
$aFields['STATUS'] = true;
$aFields['STATUS'] = true;
}
$span = '<span style="color: ' . $color . '; font: 9px tahoma,arial,helvetica,sans-serif;">';
$gif = '<img width="13" height="13" border="0" src="' . $img . '">';
$aFields['DESCRIPTION'] = $span . $gif . $aFields['DESCRIPTION'];
$aFields['DESCRIPTION'] = $span . $gif . $aFields['DESCRIPTION'];
print(G::json_encode($aFields));
break;
break;
case 'testUsername';
require_once 'classes/model/Users.php';
$_POST['NEW_USERNAME'] = trim($_POST['NEW_USERNAME']);
@@ -599,7 +600,7 @@ switch($_POST['action'])
$response['exists'] = false;
}
$span = '<span style="color: ' . $color . '; font: 9px tahoma,arial,helvetica,sans-serif;">';
$gif = '<img width="13" height="13" border="0" src="' . $img . '">';
$response['descriptionText'] = $span . $gif . $text . '</span>';