fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in mcuiza/processmaker/veracode_29-04-15 (pull request #2057)

Browse Source 
Validaciones nuevas incidencias reporte veracode 29-04-15
This commit is contained in:
Julio Cesar Laura Avendaño
2015-04-30 21:02:55 -04:00
parent d487089339 c3c0f72aed
commit f7fba3769e
30 changed files with 434 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
workflow/engine/methods/cases/cases_Ajax.php Executable file → Normal file
View File

3
workflow/engine/methods/cases/proxyNewCasesList.php
View File

@@ -147,7 +147,8 @@ try {
$response['data'] = $result;
$filtersData['action'] = $filters["action"];
$response['totalCount'] = $list->countTotal($userUid, $filtersData);
$response = $filter->xssFilterHard($response);
echo G::json_encode($response);
} catch (Exception $e) {
$msg = array("error" => $e->getMessage());

9
workflow/engine/methods/setup/pluginsRemove.php
View File

@@ -41,15 +41,16 @@ switch ($RBAC->userCanAccess('PM_SETUP_ADVANCE'))
G::LoadClass( "plugin" );
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$pluginName = $_REQUEST["pluginUid"];
$pluginName = $_REQUEST['pluginUid'];
$pluginName = $filter->xssFilterHard($pluginName);
if (file_exists( PATH_PLUGINS . $pluginName . ".php" )) {
$pluginRegistry = &PMPluginRegistry::getSingleton();
$pluginRegistry->uninstallPlugin( $pluginName );
$pluginRegistry->unSerializeInstance( file_get_contents( PATH_DATA_SITE . "plugin.singleton" ) );
$path = $filter->validateInput(PATH_DATA_SITE . 'plugin.singleton', 'path');
$pluginRegistry->unSerializeInstance( file_get_contents( $path ) );
}
G::auditLog("RemovePlugin","Plugin Name: ".$pluginName);
echo $pluginName . " " . nl2br( $filter->xssFilterHard(G::LoadTranslation( "ID_MSG_REMOVE_PLUGIN_SUCCESS" )) );
echo $pluginName . ' ' . nl2br( $filter->xssFilterHard(G::LoadTranslation( 'ID_MSG_REMOVE_PLUGIN_SUCCESS' )) );

6
workflow/engine/methods/setup/setup.php
View File

@@ -78,10 +78,10 @@ $G_PUBLISH->AddContent( 'template', '', '', '', $template );
G::RenderPage( 'publish' );
if (isset( $_GET['module'] )) {
$module = $filter->xssFilterHard($_GET['module']);
print "
print '
<script>
admToolsContent.location='" . $module . "';
admToolsContent.location=\''.$module.'\';
</script>
";
';
}