fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
40250a0f6710fb797e8dda58ce89577ce765ac7f
luos/workflow/engine/methods/processes/processes_doUpload.php
Marco Antonio Nina ba8368fb00 BUG-FILES Upload files templates IMPROVEMENT 
Al subir los templates no se valida el tipo.

Se agrego la validacion del PRO_UID, ademas de tener el permiso PM_FACTORY y se quita cualquier tipo de codigo que no sea html en los archivos processes_doUpload.php, processes_Ajax.php, processes_Upload
2013-12-19 15:55:17 -04:00

39 lines
1.5 KiB
PHP
Executable File
Raw Blame History

<?php
sleep( 1 );
global $RBAC;
if ( $RBAC->userCanAccess('PM_FACTORY') == 1) {
if (isset( $_SESSION['processes_upload'] )) {
$form = $_SESSION['processes_upload'];
G::LoadClass('processes');
$app = new Processes();
if (!$app->processExists($form['PRO_UID'])) {
$result = 0;
$msg = G::LoadTranslation('ID_PROCESS_UID_NOT_DEFINED');
echo "{'result': $result, 'msg':'$msg'}";
die;
}
switch ($form['MAIN_DIRECTORY']) {
case 'mailTemplates':
$sDirectory = PATH_DATA_MAILTEMPLATES . $form['PRO_UID'] . PATH_SEP . ($form['CURRENT_DIRECTORY'] != '' ? $form['CURRENT_DIRECTORY'] . PATH_SEP : '');
break;
case 'public':
$sDirectory = PATH_DATA_PUBLIC . $form['PRO_UID'] . PATH_SEP . ($form['CURRENT_DIRECTORY'] != '' ? $form['CURRENT_DIRECTORY'] . PATH_SEP : '');
break;
default:
die();
break;
}
}
if ($_FILES['form']['error'] == "0") {
G::uploadFile( $_FILES['form']['tmp_name'], $sDirectory, $_FILES['form']['name'] );
$msg = "Uploaded (" . (round( (filesize( $sDirectory . $_FILES['form']['name'] ) / 1024) * 10 ) / 10) . " kb)";
$result = 1;
//echo $sDirectory.$_FILES['form']['name'];
} else {
$msg = "Failed";
$result = 0;
}
echo "{'result': $result, 'msg':'$msg'}";
}
Reference in New Issue View Git Blame Copy Permalink