function saveAuthSources($params)
 {
     global $RBAC;
     if ($RBAC->userCanAccess('PM_SETUP_ADVANCE') != 1) {
         G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels');
         G::header('location: ../login/login');
         die;
     }
     $aCommonFields = array('AUTH_SOURCE_UID', 'AUTH_SOURCE_NAME', 'AUTH_SOURCE_PROVIDER', 'AUTH_SOURCE_SERVER_NAME', 'AUTH_SOURCE_PORT', 'AUTH_SOURCE_ENABLED_TLS', 'AUTH_ANONYMOUS', 'AUTH_SOURCE_SEARCH_USER', 'AUTH_SOURCE_PASSWORD', 'AUTH_SOURCE_VERSION', 'AUTH_SOURCE_BASE_DN', 'AUTH_SOURCE_OBJECT_CLASSES', 'AUTH_SOURCE_ATTRIBUTES');
     $aFields = $aData = array();
     unset($params->PHPSESSID);
     foreach ($params as $sField => $sValue) {
         if (in_array($sField, $aCommonFields)) {
             $aFields[$sField] = $sField == 'AUTH_SOURCE_ENABLED_TLS' || $sField == 'AUTH_ANONYMOUS' ? $sValue == 'yes' ? 1 : 0 : $sValue;
         } else {
             $aData[$sField] = $sValue;
         }
     }
     $aFields['AUTH_SOURCE_DATA'] = $aData;
     if ($aFields['AUTH_SOURCE_UID'] == '') {
         $RBAC->createAuthSource($aFields);
     } else {
         $RBAC->updateAuthSource($aFields);
     }
     $data = array();
     $data['success'] = true;
     return $data;
 }
 public function __construct()
 {
     $licensedFeatures =& PMLicensedFeatures::getSingleton();
     if (!$licensedFeatures->verifyfeature('7qhYmF1eDJWcEdwcUZpT0k4S0xTRStvdz09')) {
         G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels');
         G::header('location: ../login/login');
         die;
     }
     $this->loadSettings();
 }
if (isset($_SESSION['PROCESS'])) {
    unset($_SESSION['PROCESS']);
}
if (isset($_SESSION['TASK'])) {
    unset($_SESSION['TASK']);
}
if (isset($_SESSION['INDEX'])) {
    unset($_SESSION['INDEX']);
}
if (isset($_SESSION['STEP_POSITION'])) {
    unset($_SESSION['STEP_POSITION']);
}
/* Process */
try {
    $oCase = new Cases();
    $aData = $oCase->startCase($_POST['form']['TAS_UID'], $_SESSION['USER_LOGGED']);
    $_SESSION['APPLICATION'] = $aData['APPLICATION'];
    $_SESSION['INDEX'] = $aData['INDEX'];
    $_SESSION['PROCESS'] = $aData['PROCESS'];
    $_SESSION['TASK'] = $_POST['form']['TAS_UID'];
    $_SESSION['STEP_POSITION'] = 0;
    $_SESSION['CASES_REFRESH'] = true;
    $oCase = new Cases();
    $aNextStep = $oCase->getNextStep($_SESSION['PROCESS'], $_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['STEP_POSITION']);
    $_SESSION['BREAKSTEP']['NEXT_STEP'] = $aNextStep;
    G::header('location: ' . $aNextStep['PAGE']);
} catch (Exception $e) {
    $_SESSION['G_MESSAGE'] = $e->getMessage();
    $_SESSION['G_MESSAGE_TYPE'] = 'error';
    G::header('location: cases_New');
}
/**
 * sysLoginVerify.php
 *  
 * ProcessMaker Open Source Edition
 * Copyright (C) 2004 - 2008 Colosa Inc.23
 * 
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 * 
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 * 
 * For more information, contact Colosa Inc, 2566 Le Jeune Rd., 
 * Coral Gables, FL, 33134, USA, or email info@colosa.com.
 * 
 */
if (!isset($_POST)) {
    G::header('location: /sys/' . $lang . '/' . SYS_SKIN . '/' . 'login/login');
}
if (isset($_SESSION['sysLogin'])) {
    $_POST['form'] = $_SESSION['sysLogin'];
}
require_once 'authentication.php';
<?php

G::header('Location: ../cases/main');
die;
}
$realPath = PATH_DOCUMENT . G::getPathFromUID($oAppDocument->Fields['APP_UID']) . '/' . $sAppDocUid . '_' . $iDocVersion . '.' . $ext;
$realPath1 = PATH_DOCUMENT . G::getPathFromUID($oAppDocument->Fields['APP_UID']) . '/' . $sAppDocUid . '.' . $ext;
$sw_file_exists = false;
if (file_exists($realPath)) {
    $sw_file_exists = true;
} elseif (file_exists($realPath1)) {
    $sw_file_exists = true;
    $realPath = $realPath1;
}
if (!$sw_file_exists) {
    $error_message = "'" . $oAppDocument->Fields['APP_DOC_FILENAME'] . "' " . G::LoadTranslation('ID_ERROR_STREAMING_FILE');
    if (isset($_POST['request']) && $_POST['request'] == true) {
        $res['success'] = 'failure';
        $res['message'] = $error_message;
        print G::json_encode($res);
    } else {
        G::SendMessageText($error_message, "ERROR");
        $backUrlObj = explode("sys" . SYS_SYS, $_SERVER['HTTP_REFERER']);
        G::header("location: " . "/sys" . SYS_SYS . $backUrlObj[1]);
        die;
    }
} else {
    if (isset($_POST['request']) && $_POST['request'] == true) {
        $res['success'] = 'success';
        $res['message'] = $oAppDocument->Fields['APP_DOC_FILENAME'];
        print G::json_encode($res);
    } else {
        G::streamFile($realPath, $bDownload, $oAppDocument->Fields['APP_DOC_FILENAME']);
    }
}
Exemple #7
0
/*----------------------------------********---------------------------------*/

if (isset ($_POST['form']['USER_ENV'])) {

    @session_destroy();

    session_start();

    $_SESSION['sysLogin'] = $_POST['form'];

    $data = base64_encode(serialize($_POST));

    $url = sprintf('/sys%s/%s/%s/login/sysLoginVerify?d=%s', $_POST['form']['USER_ENV'], SYS_LANG, SYS_SKIN, $data);

    G::header("location: $url");

    die();

}



//Save session variables

$arraySession = array();



if (isset($_SESSION["G_MESSAGE"])) {
    die;
}
// database and workspace definition
// if SYS_TEMP exists, the URL has a workspace, now we need to verify if exists their db.php file
if (defined('SYS_TEMP') && SYS_TEMP != '') {
    //this is the default, the workspace db.php file is in /shared/workflow/sites/SYS_SYS
    if (file_exists(PATH_DB . SYS_TEMP . '/db.php')) {
        require_once PATH_DB . SYS_TEMP . '/db.php';
        define('SYS_SYS', SYS_TEMP);
        // defining constant for workspace shared directory
        define('PATH_WORKSPACE', PATH_DB . SYS_SYS . PATH_SEP);
        // including workspace shared classes -> particularlly for pmTables
        set_include_path(get_include_path() . PATH_SEPARATOR . PATH_WORKSPACE);
    } else {
        G::SendTemporalMessage('ID_NOT_WORKSPACE', "error");
        G::header('location: /sys/' . SYS_LANG . '/' . SYS_SKIN . '/main/sysLogin?errno=2');
        die;
    }
} else {
    //when we are in global pages, outside any valid workspace
    if (SYS_TARGET === 'newSite') {
        $phpFile = G::ExpandPath('methods') . SYS_COLLECTION . "/" . SYS_TARGET . '.php';
        require_once $phpFile;
        die;
    } else {
        if (SYS_TARGET == "dbInfo") {
            //Show dbInfo when no SYS_SYS
            require_once PATH_METHODS . "login/dbInfo.php";
        } else {
            if (substr(SYS_SKIN, 0, 2) === 'ux' && SYS_TARGET != 'sysLoginVerify') {
                // new ux sysLogin - extjs based form
            $aNextStep = $case->getNextStep($_SESSION["PROCESS"], $_SESSION["APPLICATION"], $_SESSION["INDEX"], $_SESSION["STEP_POSITION"] - 1);
            $_SESSION['STEP_POSITION'] = $aNextStep['POSITION'];
            if ($_SESSION['TRIGGER_DEBUG']['ISSET']) {
                $_SESSION['TRIGGER_DEBUG']['BREAKPAGE'] = $aNextStep['PAGE'];
                G::header('location: ' . $aNextStep['PAGE'] . '&breakpoint=triggerdebug');
                die;
            }
            G::header('location: ' . $aNextStep['PAGE']);
            die;
        }
    } else {
        $aNextStep = $case->getNextStep($_SESSION["PROCESS"], $_SESSION["APPLICATION"], $_SESSION["INDEX"], $_SESSION["STEP_POSITION"] - 1);
        $_SESSION['STEP_POSITION'] = $aNextStep['POSITION'];
        if ($_SESSION['TRIGGER_DEBUG']['ISSET']) {
            $_SESSION['TRIGGER_DEBUG']['BREAKPAGE'] = $aNextStep['PAGE'];
            G::header('location: ' . $aNextStep['PAGE'] . '&breakpoint=triggerdebug');
            die;
        }
        G::header('location: ' . $aNextStep['PAGE']);
        die;
    }
}
$_SESSION['BREAKSTEP']['NEXT_STEP'] = $aNextStep;
/*
  } catch ( Exception $e ) {

      $aMessage['MESSAGE'] = $e->getMessage();
      $G_PUBLISH          = new Publisher;
      $G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/showMessage', '', $aMessage );
      G::RenderPage( 'publish' );
  }*/
    /**

     * Jump to the determinated case by its Application number

     *

     * @param interger $APP_NUMBER

     */

    public function jumpToCase($APP_NUMBER)

    {

        $_GET['APP_UID'] = $oCase->getApplicationUIDByNumber($_GET['APP_NUMBER']);

        $_GET['DEL_INDEX'] = $oCase->getCurrentDelegation($_GET['APP_UID'], $_SESSION['USER_LOGGED']);

        if (is_null($_GET['DEL_INDEX'])) {

            $participated = $oCase->userParticipatedInCase($_GET['APP_UID'], $_SESSION['USER_LOGGED']);

            if ($participated == 0) {

                if (is_null($_GET['APP_UID'])) {

                    G::SendMessageText(G::LoadTranslation('ID_CASE_DOES_NOT_EXISTS'), 'info');

                } else {

                    G::SendMessageText(G::LoadTranslation('ID_CASE_IS_CURRENTLY_WITH_ANOTHER_USER'), 'info');

                }

                G::header('location: cases_List');

            }

        }

    }
    if (!empty($_POST['form']['SCH_REPEAT_TASK_CHK'])) {
        $nOptEvery = $_POST['form']['SCH_REPEAT_EVERY_OPT'];
        if ($nOptEvery == 2) {
            $aData['SCH_REPEAT_EVERY'] = $_POST['form']['SCH_REPEAT_EVERY'] * 60;
        } else {
            $aData['SCH_REPEAT_EVERY'] = $_POST['form']['SCH_REPEAT_EVERY'];
        }
    }
    //	 	var_dump ($aData['SCH_TIME_NEXT_RUN']);
    //                die;
    $oCaseScheduler->Update($aData);
    if (isset($_POST['form']['CASE_SH_PLUGIN_UID']) && $_POST['form']['CASE_SH_PLUGIN_UID'] != "") {
        $params = explode("--", $_REQUEST['form']['CASE_SH_PLUGIN_UID']);
        $oPluginRegistry =& PMPluginRegistry::getSingleton();
        $activePluginsForCaseScheduler = $oPluginRegistry->getCaseSchedulerPlugins();
        foreach ($activePluginsForCaseScheduler as $key => $caseSchedulerPluginDetail) {
            if ($caseSchedulerPluginDetail->sNamespace == $params[0] && $caseSchedulerPluginDetail->sActionId == $params[1]) {
                $caseSchedulerSelected = $caseSchedulerPluginDetail;
            }
        }
        if (isset($caseSchedulerSelected) && is_object($caseSchedulerSelected)) {
            //Save the form
            $oData = $_POST['pluginFields'];
            $oData['SCH_UID'] = $aData['SCH_UID'];
            $oPluginRegistry->executeMethod($caseSchedulerPluginDetail->sNamespace, $caseSchedulerPluginDetail->sActionSave, $oData);
        }
    }
    G::header('location: cases_Scheduler_List?PRO_UID=' . $_POST['form']['PRO_UID']);
} catch (Exception $oException) {
    die($oException->getMessage());
}
<?php

unset($_SESSION['WS_SESSION_ID']);
if ($_POST['form']['WS_PROTOCOL'] != '' && $_POST['form']['WS_WORKSPACE'] != '') {
    if ($_POST['form']['WS_PORT'] != '') {
        $_SESSION['END_POINT'] = $_POST['form']['WS_PROTOCOL'] . '://' . $_POST['form']['WS_HOST'] . ':' . $_POST['form']['WS_PORT'] . '/sys' . $_POST['form']['WS_WORKSPACE'] . '/en/classic/services/wsdl2';
        G::header('location: webServices?x=1');
    } else {
        $_SESSION['END_POINT'] = $_POST['form']['WS_PROTOCOL'] . '://' . $_POST['form']['WS_HOST'] . '/sys' . $_POST['form']['WS_WORKSPACE'] . '/en/classic/services/wsdl2';
        G::header('location: webServices?x=1');
    }
    $_SESSION['WS_WORKSPACE'] = $_POST['form']['WS_WORKSPACE'];
} else {
    G::header('location: webServices?x=0');
}
        G::LoadClass('processMap');
        $oProcessMap = new ProcessMap();
        if (!isset($_POST['form']['PRO_UID'])) {
            $_POST['form']['USR_UID'] = $_SESSION['USER_LOGGED'];
            $oJSON = new Services_JSON();
            require_once 'classes/model/Task.php';
            $sProUid = $oProcessMap->createProcess($_POST['form']);
            //call plugins
            $oData['PRO_UID'] = $sProUid;
            $oData['PRO_TEMPLATE'] = isset($_POST['form']['PRO_TEMPLATE']) && $_POST['form']['PRO_TEMPLATE'] != '' ? $_POST['form']['PRO_TEMPLATE'] : '';
            $oData['PROCESSMAP'] = $oProcessMap;
            $oPluginRegistry =& PMPluginRegistry::getSingleton();
            $oPluginRegistry->executeTriggers(PM_NEW_PROCESS_SAVE, $oData);
            G::header('location: processes_Map?PRO_UID=' . $sProUid);
            die;
        } else {
            $_POST['form']['PRO_DYNAFORMS'] = array();
            $_POST['form']['PRO_DYNAFORMS']['PROCESS'] = isset($_POST['form']['PRO_SUMMARY_DYNAFORM']) ? $_POST['form']['PRO_SUMMARY_DYNAFORM'] : '';
            unset($_POST['form']['PRO_SUMMARY_DYNAFORM']);
            $oProcessMap->updateProcess($_POST['form']);
            $sProUid = $_POST['form']['PRO_UID'];
        }
        //Save Calendar ID for this process
        G::LoadClass("calendar");
        $calendarObj = new Calendar();
        $calendarObj->assignCalendarTo($sProUid, $_POST['form']['PRO_CALENDAR'], 'PROCESS');
        if ($_POST['form']['THETYPE'] == '') {
            G::header('location: main');
        }
        break;
}
    $passwd = $oSpool->config['MESS_PASSWORD'];
    $passwdDec = G::decrypt($passwd, 'EMAILENCRYPT');
    $auxPass = explode('hash:', $passwdDec);
    if (count($auxPass) > 1) {
        if (count($auxPass) == 2) {
            $passwd = $auxPass[1];
        } else {
            array_shift($auxPass);
            $passwd = implode('', $auxPass);
        }
    }
    $oSpool->config['MESS_PASSWORD'] = $passwd;
    $oSpool->create(array('msg_uid' => '', 'app_uid' => '', 'del_index' => 0, 'app_msg_type' => 'TEST', 'app_msg_subject' => $sSubject, 'app_msg_from' => $sFrom, 'app_msg_to' => $data['USR_EMAIL'], 'app_msg_body' => $sBody, 'app_msg_cc' => '', 'app_msg_bcc' => '', 'app_msg_attach' => '', 'app_msg_template' => '', 'app_msg_status' => 'pending', 'app_msg_attach' => ''));
    try {
        $oSpool->sendMail();
        $rbacUser->update($aData);
        $user->update($aData);
        G::header("location: login.html");
        G::SendTemporalMessage('ID_NEW_PASSWORD_SENT', "info");
    } catch (phpmailerException $e) {
        G::header("location: login.html");
        G::SendTemporalMessage(G::LoadTranslation('MISSING_OR_NOT_CONFIGURED_SMTP'), "warning", 'string');
    } catch (Exception $e) {
        G::header("location: login.html");
        G::SendTemporalMessage($e->getMessage(), "warning", 'string');
    }
} else {
    $msg = G::LoadTranslation('ID_USER') . ' ' . htmlentities($data['USR_USERNAME'], ENT_QUOTES, 'UTF-8') . ' ' . G::LoadTranslation('ID_IS_NOT_REGISTERED');
    G::SendTemporalMessage($msg, "warning", 'string');
    G::header('location: forgotPassword');
}
            }
            $oDirectory->close();
        }
        $sNewProUid = $sProUid;
    }
    //Disable current Process and create a new version of the Process
    if ($option == 2) {
        $oProcess->disablePreviousProcesses($sProUid);
        $sNewProUid = $oProcess->getUnusedProcessGUID();
        $oProcess->setProcessGuid($oData, $sNewProUid);
        $oProcess->setProcessParent($oData, $sProUid);
        $oData->process['PRO_TITLE'] = "New - " . $oData->process['PRO_TITLE'] . ' - ' . date('M d, H:i');
        $oProcess->renewAll($oData);
        $oProcess->createProcessFromDataXpdl($oData, $tasks);
    }
    //Create a completely new Process without change the current Process
    if ($option == 3) {
        //krumo ($oData); die;
        $sNewProUid = $oProcess->getUnusedProcessGUID();
        $oProcess->setProcessGuid($oData, $sNewProUid);
        $oData->process['PRO_TITLE'] = "Copy of  - " . $oData->process['PRO_TITLE'] . ' - ' . date('M d, H:i');
        $oProcess->renewAll($oData);
        $oProcess->createProcessFromDataXpdl($oData, $tasks);
    }
    G::header('Location: processes_Map?PRO_UID=' . $sNewProUid);
} catch (Exception $e) {
    $G_PUBLISH = new Publisher();
    $aMessage['MESSAGE'] = $e->getMessage();
    $G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/showMessage', '', $aMessage);
    G::RenderPage('publish', "blank");
}
function handleFatalErrors($buffer)
{
    G::LoadClass('case');
    $oCase = new Cases();
    if (preg_match('/(error<\\/b>:)(.+)(<br)/', $buffer, $regs)) {
        $err = preg_replace('/<.*?>/', '', $regs[2]);
        $aAux = explode(' in ', $err);
        $sCode = $_SESSION['_CODE_'];
        unset($_SESSION['_CODE_']);
        registerError(2, $aAux[0], 0, $sCode);
        if (strpos($_SERVER['REQUEST_URI'], '/cases/cases_Step') !== false) {
            if (strpos($_SERVER['REQUEST_URI'], '&ACTION=GENERATE') !== false) {
                $aNextStep = $oCase->getNextStep($_SESSION['PROCESS'], $_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['STEP_POSITION']);
                if ($_SESSION['TRIGGER_DEBUG']['ISSET']) {
                    $_SESSION['TRIGGER_DEBUG']['TIME'] = 'AFTER';
                    $_SESSION['TRIGGER_DEBUG']['BREAKPAGE'] = $aNextStep['PAGE'];
                    $aNextStep['PAGE'] = $aNextStep['PAGE'] . '&breakpoint=triggerdebug';
                }
                global $oPMScript;
                if (isset($oPMScript) && isset($_SESSION['APPLICATION'])) {
                    $oPMScript->aFields['__ERROR__'] = $aAux[0];
                    $oCase->updateCase($_SESSION['APPLICATION'], array('APP_DATA' => $oPMScript->aFields));
                }
                G::header('Location: ' . $aNextStep['PAGE']);
                die;
            }
            $_SESSION['_NO_EXECUTE_TRIGGERS_'] = 1;
            global $oPMScript;
            if (isset($oPMScript) && isset($_SESSION['APPLICATION'])) {
                $oPMScript->aFields['__ERROR__'] = $aAux[0];
                $oCase->updateCase($_SESSION['APPLICATION'], array('APP_DATA' => $oPMScript->aFields));
            }
            G::header('Location: ' . $_SERVER['REQUEST_URI']);
            die;
        } else {
            $aNextStep = $oCase->getNextStep($_SESSION['PROCESS'], $_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['STEP_POSITION']);
            if ($_SESSION['TRIGGER_DEBUG']['ISSET']) {
                $_SESSION['TRIGGER_DEBUG']['TIME'] = 'AFTER';
                $_SESSION['TRIGGER_DEBUG']['BREAKPAGE'] = $aNextStep['PAGE'];
                $aNextStep['PAGE'] = $aNextStep['PAGE'] . '&breakpoint=triggerdebug';
            }
            if (strpos($aNextStep['PAGE'], 'TYPE=ASSIGN_TASK&UID=-1') !== false) {
                G::SendMessageText('Fatal error in trigger', 'error');
            }
            global $oPMScript;
            if (isset($oPMScript) && isset($_SESSION['APPLICATION'])) {
                $oPMScript->aFields['__ERROR__'] = $aAux[0];
                $oCase->updateCase($_SESSION['APPLICATION'], array('APP_DATA' => $oPMScript->aFields));
            }
            G::header('Location: ' . $aNextStep['PAGE']);
            die;
        }
    }
    return $buffer;
}
Exemple #17
0
 public function requirePermissions($permissions)
 {
     $numPerms = func_num_args();
     $permissions = func_get_args();
     $access = -1;
     if ($numPerms == 1) {
         $access = $this->userCanAccess($permissions[0]);
     } elseif ($numPerms > 0) {
         foreach ($permissions as $perm) {
             $access = $this->userCanAccess($perm);
             if ($access == 1) {
                 $access = 1;
                 break;
             }
         }
     } else {
         throw new Exception('function requirePermissions() ->ERROR: Parameters missing!');
     }
     if ($access == 1) {
         return true;
     } else {
         switch ($access) {
             case -2:
                 G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels');
                 G::header('location: ../login/login');
                 break;
             case -1:
             default:
                 G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels');
                 G::header('location: ../login/login');
                 break;
         }
         exit(0);
     }
 }
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 *
 * For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
 * Coral Gables, FL, 33134, USA, or email info@colosa.com.
 */
global $RBAC;
if ($RBAC->userCanAccess('PM_SETUP_ADVANCE') != 1) {
    G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels');
    G::header('location: ../login/login');
    die;
}
$aData = $RBAC->load($_POST['form']['USR_UID']);
unset($aData['USR_ROLE']);
if ($_POST['form']['UID_AUTH_SOURCE'] == 'MYSQL') {
    $aData['USR_AUTH_TYPE'] = 'MYSQL';
    $aData['UID_AUTH_SOURCE'] = '';
} else {
    $aFields = $RBAC->getAuthSource($_POST['form']['UID_AUTH_SOURCE']);
    $aData['USR_AUTH_TYPE'] = $aFields['AUTH_SOURCE_PROVIDER'];
    $aData['UID_AUTH_SOURCE'] = $_POST['form']['UID_AUTH_SOURCE'];
}
$aData['USR_AUTH_USER_DN'] = $_POST['form']['USR_AUTH_USER_DN'];
$RBAC->updateUser($aData);
G::header('location: users_List');
Exemple #19
0
 /**
  * Get data of Cases InputDocument
  *
  * @param string $applicationUid
  * @param string $taskUid
  * @param string $appDocComment
  * @param string $inputDocumentUid
  * @param string $userUid
  *
  * return array Return an array with data of an InputDocument
  */
 public function addCasesInputDocument($applicationUid, $taskUid, $appDocComment, $inputDocumentUid, $userUid)
 {
     try {
         if ((isset( $_FILES['form'] )) && ($_FILES['form']['error'] != 0)) {
             $code = $_FILES['form']['error'];
             switch ($code) {
                 case UPLOAD_ERR_INI_SIZE:
                     $message = \G::LoadTranslation( 'ID_UPLOAD_ERR_INI_SIZE' );
                     break;
                 case UPLOAD_ERR_FORM_SIZE:
                     $message = \G::LoadTranslation( 'ID_UPLOAD_ERR_FORM_SIZE' );
                     break;
                 case UPLOAD_ERR_PARTIAL:
                     $message = \G::LoadTranslation( 'ID_UPLOAD_ERR_PARTIAL' );
                     break;
                 case UPLOAD_ERR_NO_FILE:
                     $message = \G::LoadTranslation( 'ID_UPLOAD_ERR_NO_FILE' );
                     break;
                 case UPLOAD_ERR_NO_TMP_DIR:
                     $message = \G::LoadTranslation( 'ID_UPLOAD_ERR_NO_TMP_DIR' );
                     break;
                 case UPLOAD_ERR_CANT_WRITE:
                     $message = \G::LoadTranslation( 'ID_UPLOAD_ERR_CANT_WRITE' );
                     break;
                 case UPLOAD_ERR_EXTENSION:
                     $message = \G::LoadTranslation( 'ID_UPLOAD_ERR_EXTENSION' );
                     break;
                 default:
                     $message = \G::LoadTranslation( 'ID_UPLOAD_ERR_UNKNOWN' );
                     break;
             }
             \G::SendMessageText( $message, "ERROR" );
             $backUrlObj = explode( "sys" . SYS_SYS, $_SERVER['HTTP_REFERER'] );
             \G::header( "location: " . "/sys" . SYS_SYS . $backUrlObj[1] );
             die();
         }
         \G::LoadClass("case");
         $appDocUid = \G::generateUniqueID();
         $docVersion = '';
         $appDocType = 'INPUT';
         $case = new \Cases();
         $delIndex = \AppDelegation::getCurrentIndex($applicationUid);
         $case->thisIsTheCurrentUser($applicationUid, $delIndex, $userUid, "REDIRECT", "casesListExtJs");
         //Load the fields
         $arrayField = $case->loadCase($applicationUid);
         $arrayField["APP_DATA"] = array_merge($arrayField["APP_DATA"], \G::getSystemConstants());
         //Triggers
         $arrayTrigger = $case->loadTriggers($taskUid, "INPUT_DOCUMENT", $inputDocumentUid, "AFTER");
         //Add Input Document
         if (empty($_FILES)) {
             throw new \Exception(\G::LoadTranslation("ID_CASES_INPUT_FILENAME_DOES_NOT_EXIST"));
         }
         if (!$_FILES["form"]["error"]) {
             $_FILES["form"]["error"] = 0;
         }
         if (isset($_FILES) && isset($_FILES["form"]) && count($_FILES["form"]) > 0) {
             $appDocUid = $case->addInputDocument($inputDocumentUid,
                 $appDocUid,
                 $docVersion,
                 $appDocType,
                 $appDocComment,
                 '',
                 $applicationUid,
                 $delIndex,
                 $taskUid,
                 $userUid,
                 "xmlform",
                 $_FILES["form"]["name"],
                 $_FILES["form"]["error"],
                 $_FILES["form"]["tmp_name"]);
         }
         //Trigger - Execute after - Start
         $arrayField["APP_DATA"] = $case->executeTriggers ($taskUid,
             "INPUT_DOCUMENT",
             $inputDocumentUid,
             "AFTER",
             $arrayField["APP_DATA"]);
         //Trigger - Execute after - End
         //Save data
         $arrayData = array();
         $arrayData["APP_NUMBER"] = $arrayField["APP_NUMBER"];
         //$arrayData["APP_PROC_STATUS"] = $arrayField["APP_PROC_STATUS"];
         $arrayData["APP_DATA"]  = $arrayField["APP_DATA"];
         $arrayData["DEL_INDEX"] = $delIndex;
         $arrayData["TAS_UID"]   = $taskUid;
         $case->updateCase($applicationUid, $arrayData);
         return($this->getCasesInputDocument($applicationUid, $userUid, $appDocUid));
     } catch (\Exception $e) {
         throw $e;
     }
 }
Exemple #20
0
    /**

     * download a File

     *

     * @param $file file to download

     * @param $local_path path of the file

     * @param $newfilename

     * @return $errorMsg process list.

     */

    public function downloadFile ($file, $local_path, $newfilename)

    {

        $err_msg = '';

        $out = fopen( $local_path . $newfilename, 'wb' );

        if ($out == false) {

            throw (new Exception( "File $newfilename not opened" ));

        }



        if (! function_exists( 'curl_init' )) {

            G::SendTemporalMessage( 'ID_CURLFUN_ISUNDEFINED', "warning", 'LABEL', '', '100%', '' );

            G::header( 'location: ../processes/processes_Library' );

            die();

        }

        $ch = curl_init();



        curl_setopt( $ch, CURLOPT_FILE, $out );

        curl_setopt( $ch, CURLOPT_HEADER, 0 );

        curl_setopt( $ch, CURLOPT_URL, $file );



        curl_exec( $ch );

        $errorMsg = curl_error( $ch );

        fclose( $out );



        curl_close( $ch );

        return $errorMsg;



    } //end function
 */
global $RBAC;
if ($RBAC->userCanAccess('PM_SETUP_ADVANCE') != 1) {
    G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels');
    G::header('location: ../login/login');
    die;
}
unset($_POST['form']['btnSave']);
$aCommonFields = array('AUTH_SOURCE_UID', 'AUTH_SOURCE_NAME', 'AUTH_SOURCE_PROVIDER', 'AUTH_SOURCE_SERVER_NAME', 'AUTH_SOURCE_PORT', 'AUTH_SOURCE_ENABLED_TLS', 'AUTH_ANONYMOUS', 'AUTH_SOURCE_SEARCH_USER', 'AUTH_SOURCE_PASSWORD', 'AUTH_SOURCE_VERSION', 'AUTH_SOURCE_BASE_DN', 'AUTH_SOURCE_OBJECT_CLASSES', 'AUTH_SOURCE_ATTRIBUTES');
$aFields = $aData = array();
foreach ($_POST['form'] as $sField => $sValue) {
    if (in_array($sField, $aCommonFields)) {
        $aFields[$sField] = $sValue;
    } else {
        $aData[$sField] = $sValue;
    }
}
unset($aData['AUTH_SOURCE_ATTRIBUTE_IDS']);
unset($aData['AUTH_SOURCE_SHOWGRID_FLAG']);
unset($aData['AUTH_SOURCE_GRID_TEXT']);
if (!isset($aData['AUTH_SOURCE_SHOWGRID']) || $aData['AUTH_SOURCE_SHOWGRID'] == 'off') {
    unset($aData['AUTH_SOURCE_GRID_ATTRIBUTE']);
}
$aFields['AUTH_SOURCE_DATA'] = $aData;
if ($aFields['AUTH_SOURCE_UID'] == '') {
    $RBAC->createAuthSource($aFields);
} else {
    $RBAC->updateAuthSource($aFields);
}
G::header('location: authSources_List');
    }
    $sAppDocUid = $oAppDocument->getAppDocUid();
    $iDocVersion = $oAppDocument->getDocVersion();
    $info = pathinfo($oAppDocument->getAppDocFilename());
    $ext = isset($info['extension']) ? $info['extension'] : '';
    //save the file
    if (!empty($_FILES['form'])) {
        if ($_FILES['form']['error']['APP_DOC_FILENAME'] == 0) {
            $sPathName = PATH_DOCUMENT . $appId . PATH_SEP;
            $sFileName = $sAppDocUid . "_" . $iDocVersion . '.' . $ext;
            G::uploadFile($_FILES['form']['tmp_name']['APP_DOC_FILENAME'], $sPathName, $sFileName);
            //Plugin Hook PM_UPLOAD_DOCUMENT for upload document
            $oPluginRegistry =& PMPluginRegistry::getSingleton();
            if ($oPluginRegistry->existsTrigger(PM_UPLOAD_DOCUMENT) && class_exists('uploadDocumentData')) {
                $oData['APP_UID'] = $appId;
                $documentData = new uploadDocumentData($appId, $_SESSION['USER_LOGGED'], $sPathName . $sFileName, $aFields['APP_DOC_FILENAME'], $sAppDocUid);
                $oPluginRegistry->executeTriggers(PM_UPLOAD_DOCUMENT, $documentData);
                unlink($sPathName . $sFileName);
            }
            //end plugin
        }
    }
    G::header('location: appFolderList');
    die;
} catch (Exception $e) {
    /* Render Error page */
    $aMessage['MESSAGE'] = $e->getMessage();
    $G_PUBLISH = new Publisher();
    $G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/showMessage', '', $aMessage);
    G::RenderPage('publish');
}
Exemple #23
0
 /**
  * streaming a file
  *
  * @author Fernando Ontiveros Lira <*****@*****.**>
  * @access public
  * @param string $file
  * @param boolean $download
  * @param string $downloadFileName
  * @return string
  */
 public static function streamFile($file, $download = false, $downloadFileName = '')
 {
     G::LoadSystem('inputfilter');
     $filter = new InputFilter();
     $file = $filter->xssFilterHard($file);
     if (isset($_SERVER['REQUEST_URI'])) {
         $_SERVER['REQUEST_URI'] = $filter->xssFilterHard($_SERVER['REQUEST_URI'], "url");
     }
     require_once PATH_THIRDPARTY . 'jsmin/jsmin.php';
     $folderarray = explode('/', $file);
     $typearray = explode('.', basename($file));
     $typefile = $typearray[count($typearray) - 1];
     $filename = $file;
     //trick to generate the translation.language.js file , merging two files
     if (strtolower($typefile) == 'js' && $typearray[0] == 'translation') {
         $download = $filter->xssFilterHard($download);
         $downloadFileName = $filter->xssFilterHard($downloadFileName);
         G::sendHeaders($filename, 'text/javascript', $download, $downloadFileName);
         $output = G::streamJSTranslationFile($filename, $typearray[1]);
         $output = $filter->xssFilterHard($output);
         print $output;
         return;
     }
     //trick to generate the big css file for ext style .
     if (strtolower($typefile) == 'css' && $folderarray[count($folderarray) - 2] == 'css') {
         G::sendHeaders($filename, 'text/css', $download, $downloadFileName);
         $output = G::streamCSSBigFile($typearray[0]);
         $output = $filter->xssFilterHard($output);
         print $output;
         return;
     }
     if (file_exists($filename)) {
         switch (strtolower($typefile)) {
             case 'swf':
                 G::sendHeaders($filename, 'application/x-shockwave-flash', $download, $downloadFileName);
                 break;
             case 'js':
                 G::sendHeaders($filename, 'text/javascript', $download, $downloadFileName);
                 break;
             case 'htm':
             case 'html':
                 G::sendHeaders($filename, 'text/html', $download, $downloadFileName);
                 break;
             case 'htc':
                 G::sendHeaders($filename, 'text/plain', $download, $downloadFileName);
                 break;
             case 'json':
                 G::sendHeaders($filename, 'text/plain', $download, $downloadFileName);
                 break;
             case 'gif':
                 G::sendHeaders($filename, 'image/gif', $download, $downloadFileName);
                 break;
             case 'png':
                 G::sendHeaders($filename, 'image/png', $download, $downloadFileName);
                 break;
             case 'jpg':
                 G::sendHeaders($filename, 'image/jpg', $download, $downloadFileName);
                 break;
             case 'css':
                 G::sendHeaders($filename, 'text/css', $download, $downloadFileName);
                 break;
             case 'xml':
                 G::sendHeaders($filename, 'text/xml', $download, $downloadFileName);
                 break;
             case 'txt':
                 G::sendHeaders($filename, 'text/html', $download, $downloadFileName);
                 break;
             case 'doc':
             case 'pdf':
             case 'pm':
             case 'po':
                 G::sendHeaders($filename, 'application/octet-stream', $download, $downloadFileName);
                 break;
             case 'php':
                 if ($download) {
                     G::sendHeaders($filename, 'text/plain', $download, $downloadFileName);
                 } else {
                     require_once $filename;
                     return;
                 }
                 break;
             case 'tar':
                 G::sendHeaders($filename, 'application/x-tar', $download, $downloadFileName);
                 break;
             default:
                 //throw new Exception ( "Unknown type of file '$file'. " );
                 G::sendHeaders($filename, 'application/octet-stream', $download, $downloadFileName);
                 break;
         }
     } else {
         if (strpos($file, 'gulliver') !== false) {
             list($path, $filename) = explode('gulliver', $file);
         }
         $_SESSION['phpFileNotFound'] = $file;
         G::header("location: /errors/error404.php?l=" . $_SERVER['REQUEST_URI']);
     }
     if (substr($filename, -10) == "ext-all.js") {
         $filename = PATH_GULLIVER_HOME . 'js/ext/min/ext-all.js';
     }
     @readfile($filename);
 }
 * GNU Affero General Public License for more details.
 * 
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 * 
 * For more information, contact Colosa Inc, 2566 Le Jeune Rd., 
 * Coral Gables, FL, 33134, USA, or email info@colosa.com.
 * 
 */
/*
 * Created on 13-02-2008
 *
 * @author David Callizaya <*****@*****.**>
 */
if (!isset($_SESSION['PROCESS'])) {
    G::header('location: login');
}
require_once "classes/model/AppDocumentPeer.php";
$oAppDocument = new AppDocument();
$oAppDocument->Fields = $oAppDocument->load($_GET['a']);
$sAppDocUid = $oAppDocument->getAppDocUid();
$info = pathinfo($oAppDocument->getAppDocFilename());
if (!isset($_GET['ext'])) {
    $ext = $info['extension'];
} else {
    if ($_GET['ext'] != '') {
        $ext = $_GET['ext'];
    } else {
        $ext = $info['extension'];
    }
}
                 }
                 break;
             case "DOC":
                 $documentData = new uploadDocumentData($_SESSION['APPLICATION'], $_SESSION['USER_LOGGED'], $pathOutput . $sFilename . '.doc', $sFilenameOriginal . '.doc', $sDocUID, $oAppDocument->getDocVersion());
                 $documentData->sFileType = "DOC";
                 $documentData->bUseOutputFolder = true;
                 $uploadReturn = $oPluginRegistry->executeTriggers(PM_UPLOAD_DOCUMENT, $documentData);
                 if ($uploadReturn) {
                     //Only delete if the file was saved correctly
                     unlink($pathOutput . $sFilename . '.doc');
                 }
                 break;
         }
     }
     $outputNextStep = 'cases_Step?TYPE=OUTPUT_DOCUMENT&UID=' . $_GET['UID'] . '&POSITION=' . $_SESSION['STEP_POSITION'] . '&ACTION=VIEW&DOC=' . $sDocUID;
     G::header('location: ' . $outputNextStep);
     die;
     break;
 case 'VIEW':
     if ($noShowTitle == 0) {
         $G_PUBLISH->AddContent('smarty', 'cases/cases_title', '', '', $array);
     }
     require_once 'classes/model/AppDocument.php';
     $oAppDocument = new AppDocument();
     $lastVersion = $oAppDocument->getLastAppDocVersion($_GET['DOC'], $_SESSION['APPLICATION']);
     $aFields = $oAppDocument->load($_GET['DOC'], $lastVersion);
     $listing = false;
     $oPluginRegistry =& PMPluginRegistry::getSingleton();
     if ($oPluginRegistry->existsTrigger(PM_CASE_DOCUMENT_LIST)) {
         $folderData = new folderData(null, null, $_SESSION['APPLICATION'], null, $_SESSION['USER_LOGGED']);
         $folderData->PMType = "OUTPUT";
    case - 2:
        G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels' );
        G::header( 'location: ../login/login' );
        die();
        break;
    case - 1:
        G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels' );
        G::header( 'location: ../login/login' );
        die();
        break;
}
$_SESSION = $filter->xssFilterHard($_SESSION,"url");
if ((int) $_SESSION['INDEX'] < 1) {
    $_SERVER['HTTP_REFERER'] = $filter->xssFilterHard($_SERVER['HTTP_REFERER']);
    G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels' );
    G::header( 'location: ' . $_SERVER['HTTP_REFERER'] );
    die();
}
/* Includes */
G::LoadClass( 'case' );
G::LoadClass( 'derivation' );

/* GET , POST & $_SESSION Vars */
//$_SESSION['STEP_POSITION'] = (int)$_GET['POSITION'];


/* Menues */
$G_MAIN_MENU = 'processmaker';
$G_SUB_MENU = 'cases';
$G_ID_MENU_SELECTED = 'CASES';
$G_ID_SUB_MENU_SELECTED = 'CASES_TO_REVISE';
Exemple #27
0
                $_SESSION['INDEX'] = $iDelIndex;

                if (is_null( $aFields['DEL_INIT_DATE'] )) {
                    $oCase->setDelInitDate( $sAppUid, $iDelIndex );
                    $aFields = $oCase->loadCase( $sAppUid, $iDelIndex );
                }

                $_SESSION['PROCESS'] = $aFields['PRO_UID'];
                $_SESSION['TASK'] = $aFields['TAS_UID'];
                $_SESSION['STEP_POSITION'] = 0;

                /* Redirect to next step */
                unset( $_SESSION['bNoShowSteps'] );
                $aNextStep = $oCase->getNextStep( $_SESSION['PROCESS'], $_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['STEP_POSITION'] );
                $sPage = $aNextStep['PAGE'];
                G::header( 'location: ' . $sPage );

            } else {
                //when the case have another user or current user doesn't have rights to this self-service,
                //just view the case Resume

                // Get DEL_INDEX
                $criteria = new Criteria('workflow');
                $criteria->addSelectColumn(AppDelegationPeer::DEL_INDEX);
                $criteria->add(AppDelegationPeer::APP_UID, $sAppUid);
                $criteria->add(AppDelegationPeer::DEL_LAST_INDEX , 1);
                $rs = AppDelegationPeer::doSelectRS($criteria);
                $rs->setFetchmode(ResultSet::FETCHMODE_ASSOC);
                $rs->next();
                $row = $rs->getRow();
Exemple #28
0
 public function dashletInstanceForm($data)
 {
     try {
         $this->includeExtJS('dashboard/dashletInstanceForm', true, true);
         $this->setView('dashboard/dashletInstanceForm');
         if (!isset($data->DAS_INS_UID)) {
             $data->DAS_INS_UID = '';
         }
         $dashlets = $this->getDashlets();
         $this->setJSVar('storeDasUID', $dashlets);
         if ($data->DAS_INS_UID != '') {
             $this->pmDashlet->setup($data->DAS_INS_UID);
             $this->setJSVar('dashletInstance', $this->pmDashlet->getDashletInstance());
             $this->setJSVar('additionalFields', PMDashlet::getAdditionalFields(get_class($this->pmDashlet->getDashletObject())));
         } else {
             $dashletInstance = new stdclass();
             $dashletInstance->DAS_UID = $dashlets[0][0];
             $dashlet = new Dashlet();
             $dashletFields = $dashlet->load($dashletInstance->DAS_UID);
             $this->setJSVar('dashletInstance', $dashletInstance);
             $this->setJSVar('additionalFields', PMDashlet::getAdditionalFields($dashletFields['DAS_CLASS']));
         }
         G::RenderPage('publish', 'extJs');
         return null;
     } catch (Exception $error) {
         $_SESSION['__DASHBOARD_ERROR__'] = $error->getMessage();
         G::header('Location: dashletsList');
         die;
     }
 }
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 *
 * For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
 * Coral Gables, FL, 33134, USA, or email info@colosa.com.
 */
try {
    global $RBAC;
    switch ($RBAC->userCanAccess('PM_FACTORY')) {
        case -2:
            G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels');
            G::header('location: ../login/login');
            die;
            break;
        case -1:
            G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels');
            G::header('location: ../login/login');
            die;
            break;
    }
    //srequire_once 'classes/model/StepTrigger.php';
    G::LoadClass('processMap');
    $oProcessMap = new ProcessMap();
    switch ($_POST['action']) {
        case 'availableSupervisorDynaforms':
            $oProcessMap->availableSupervisorDynaforms($_POST['PRO_UID']);
            break;
        case 'assignSupervisorDynaform':
            $oProcessMap->assignSupervisorStep($_POST['PRO_UID'], 'DYNAFORM', $_POST['DYN_UID']);
            break;
        case 'removeSupervisorDynaform':
            $oProcessMap->removeSupervisorStep($_POST['STEP_UID'], $_POST['PRO_UID'], 'DYNAFORM', $_POST['DYN_UID'], $_POST['STEP_POSITION']);
             $sLocation = $_SERVER['HTTP_REFERER'];
         } else {
             $sLocation = G::sanitizeInput($_REQUEST['form']['URL']);
         }
     } else {
         $sLocation = G::sanitizeInput($_REQUEST['form']['URL']);
     }
 } else {
     if (isset($_REQUEST['u']) && $_REQUEST['u'] != '') {
         $sLocation = G::sanitizeInput($_REQUEST['u']);
     } else {
         $sLocation = $oUserProperty->redirectTo($_SESSION['USER_LOGGED'], $lang);
     }
 }
 if ($RBAC->singleSignOn) {
     G::header('Location: ' . $sLocation);
     die;
 }
 $aUserProperty = $oUserProperty->loadOrCreateIfNotExists($_SESSION['USER_LOGGED'], array('USR_PASSWORD_HISTORY' => serialize(array(md5($pwd)))));
 $aErrors = $oUserProperty->validatePassword($_POST['form']['USR_PASSWORD'], $aUserProperty['USR_LAST_UPDATE_DATE'], $aUserProperty['USR_LOGGED_NEXT_TIME'], true);
 if (!empty($aErrors) && in_array("ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN", $aErrors)) {
     if (!defined('NO_DISPLAY_USERNAME')) {
         define('NO_DISPLAY_USERNAME', 1);
     }
     $aFields = array();
     $aFields['DESCRIPTION'] = '<span style="font-weight:normal;">';
     $aFields['DESCRIPTION'] .= G::LoadTranslation('ID_POLICY_ALERT') . ':<br /><br />';
     foreach ($aErrors as $sError) {
         switch ($sError) {
             case 'ID_PPP_MINIMUM_LENGTH':
                 $aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MINIMUM_LENGTH . '<br />';