Esempi di codice in PHP per DCL_Sanitize::ToFileName

Esempio n. 1

0

Mostra file

File: class.boWorkOrderTask.inc.php Progetto: ljvblfz/mysoftwarebrasil

 function attachFile($aSource, $iIndex = -1)
 {
     if (($wo_task_id = DCL_Sanitize::ToInt($aSource['wo_task_id'])) === null) {
         trigger_error('Data sanitize failed.', E_USER_ERROR);
         return;
     }
     if ($this->oDB->Load($wo_task_id) == -1) {
         return;
     }
     if (($sFileName = DCL_Sanitize::ToFileName('userfile')) !== null) {
         $o =& CreateObject('dcl.boFile');
         $o->iType = DCL_ENTITY_WORKORDER_TASK;
         $o->iKey1 = $wo_task_id;
         $o->sFileName = DCL_Sanitize::ToActualFileName('userfile');
         $o->sTempFileName = $sFileName;
         $o->sRoot = $dcl_info['DCL_FILE_PATH'] . '/attachments';
         $o->Upload();
     }
 }

Esempio n. 2

0

Mostra file

File: class.boChecklistTpl.inc.php Progetto: ljvblfz/mysoftwarebrasil

 function dbmodify()
 {
     global $dcl_info, $g_oSec;
     commonHeader();
     if (!$g_oSec->HasPerm(DCL_ENTITY_FORMTEMPLATES, DCL_PERM_MODIFY)) {
         return PrintPermissionDenied();
     }
     if (($iID = @DCL_Sanitize::ToInt($_REQUEST['dcl_chklst_tpl_id'])) === null) {
         trigger_error('Data sanitize failed.');
         return;
     }
     $o =& CreateObject('dcl.dbChklstTpl');
     if ($o->Load($iID) != -1) {
         $sFileName = @DCL_Sanitize::ToFileName('userfile');
         if ($sFileName !== null) {
             $sName = '';
             $oXML =& CreateObject('dcl.xmlDoc');
             $oXML->ParseFile($sFileName);
             $oXML->FindChildNode($oXML->root, 'Name');
             if ($oXML->currentNode != NULL) {
                 $sName = $oXML->currentNode->data;
                 $oXML->FindChildNode($oXML->root, 'Version');
                 if ($oXML->currentNode != NULL) {
                     if ($sName != '') {
                         $sName .= ' ';
                     }
                     $sName .= $oXML->currentNode->data;
                 }
                 $o->dcl_chklst_tpl_name = $sName;
             }
         }
         $o->dcl_chklst_tpl_active = @DCL_Sanitize::ToYN($_REQUEST['dcl_chklst_tpl_active']);
         $o->BeginTransaction();
         $o->Edit();
         if ($sFileName !== null) {
             // Insert successful, now stow file in its place
             $filePath = $this->GetTplPath($o->dcl_chklst_tpl_id, true);
             if (copy($sFileName, $filePath)) {
                 $o->EndTransaction();
             } else {
                 $o->RollbackTransaction();
                 echo STR_BO_UPLOADERR;
             }
         } else {
             $o->EndTransaction();
         }
     }
     $this->show();
 }

Esempio n. 3

0

Mostra file

File: class.boWorkorders.inc.php Progetto: ljvblfz/mysoftwarebrasil

 function docsvupload()
 {
     global $dcl_info, $g_oSec;
     commonHeader();
     if (!$g_oSec->HasPerm(DCL_ENTITY_WORKORDER, DCL_PERM_IMPORT)) {
         return PrintPermissionDenied();
     }
     if (($sTempFileName = DCL_Sanitize::ToFileName('userfile')) === null) {
         return PrintPermissionDenied();
     }
     // Open the file as text - let PHP take care of line
     // delimiter differences
     $hFile = fopen($sTempFileName, 'r');
     if (!$hFile) {
         trigger_error(STR_BO_CSVUPLOADERR);
         return;
     }
     // Get the line containing field names
     $newjcns = array();
     $line = 1;
     $fields = fgetcsv($hFile, 1000);
     // Define a useful function for mapping a short name to ID
     // It is really ineffective to instantiate a new object for
     // each field!
     function findID($obj, $table, $value, $pk = 'id', $fd = 'short', $fd2 = '', $val2 = '')
     {
         $sSQL = "SELECT {$pk} FROM {$table} WHERE {$fd} = " . $obj->Quote($value);
         if ($fd2 != '' && $val2 != '') {
             $sSQL .= " AND {$fd2} = {$val2}";
         }
         $obj->Query($sSQL);
         if ($obj->next_record()) {
             return $obj->f(0);
         } else {
             return -1;
         }
     }
     $objWorkorder =& CreateObject('dcl.dbWorkorders');
     $objTemp =& CreateObject('dcl.dbWorkorders');
     $objProjectmap =& CreateObject('dcl.dbProjectmap');
     $objWtch =& CreateObject('dcl.boWatches');
     while ($data = fgetcsv($hFile, 1000)) {
         $line++;
         $projectid = -1;
         $module_id = -1;
         $objWorkorder->Clear();
         while (list($i, $val) = each($data)) {
             if (!is_numeric($val)) {
                 // we may need to convert smth
                 switch ($fields[$i]) {
                     case 'product':
                         $new_val = findID($objTemp, 'products', $val);
                         break;
                     case 'module_id':
                         $module_id = $val;
                         continue;
                         break;
                     case 'account':
                         $new_val = findID($objTemp, 'accounts', $val);
                         break;
                     case 'wo_type_id':
                         $new_val = findID($objTemp, 'dcl_wo_type', $val, 'wo_type_id', 'type_name');
                         break;
                     case 'entity_source_id':
                         $new_val = findID($objTemp, 'dcl_entity_source', $val, 'entity_source_id', 'entity_source_name');
                         break;
                     case 'priority':
                         $new_val = findID($objTemp, 'priorities', $val);
                         break;
                     case 'severity':
                         $new_val = findID($objTemp, 'severities', $val);
                         break;
                     case 'responsible':
                         $new_val = findID($objTemp, 'personnel', $val);
                         break;
                     case 'project':
                         $new_val = findID($objTemp, 'dcl_projects', $val, 'projectid', 'name');
                         $projectid = $new_val;
                         break;
                     default:
                         $new_val = $val;
                 }
                 if ($new_val == -1) {
                     // An error on mapping
                     trigger_error(sprintf(STR_BO_CSVMAPERR, $fields[$i], $line), E_USER_ERROR);
                     continue 2;
                     // On to next line in the file
                 }
                 $val = $new_val;
             } else {
                 if ($fields[$i] == 'module_id') {
                     $module_id = $val;
                 } else {
                     if (!$this->verifyID($fields[$i], $val)) {
                         // An error on mapping
                         trigger_error(sprintf(STR_BO_CSVMAPERR, $fields[$i], $line), E_USER_ERROR);
                         continue 2;
                         // On to next line in the file
                     }
                 }
             }
             if ($fields[$i] != 'project' && $fields[$i] != 'module_id') {
                 // This will ignore nonexisting members
                 // Only works in PHP4 because Clear() initializes each field!
                 if (isset($objWorkorder->{$fields}[$i])) {
                     $objWorkorder->{$fields}[$i] = $val;
                 }
             }
         }
         // Lookup module if specified
         if ($module_id != -1) {
             if (is_numeric($module_id)) {
                 // just verify this module exists for this product
                 if ($objTemp->ExecuteScalar("SELECT COUNT(*) FROM dcl_product_module WHERE product_module_id = {$module_id} AND product_id = " . $objWorkorder->product) > 0) {
                     $objWorkorder->module_id = $module_id;
                 }
             } else {
                 $objWorkorder->module_id = findID($objTemp, 'dcl_product_module', $module_id, 'product_module_id', 'module_name', 'product_id', $objWorkorder->product);
             }
         }
         $objWorkorder->createby = $GLOBALS['DCLID'];
         $objWorkorder->Add();
         if ($objWorkorder->jcn > 0) {
             if ($projectid > 0) {
                 // Project specified, so try to add it
                 $objProjectmap->projectid = $projectid;
                 $objProjectmap->jcn = $objWorkorder->jcn;
                 $objProjectmap->seq = $objWorkorder->seq;
                 $objProjectmap->Add();
             }
             // Add it to our new work order collection
             $newjcns[] = $objWorkorder->jcn;
             // Send notification
             $objWtch->sendNotification($objWorkorder, '4,1');
         }
     }
     if (count($newjcns) > 0) {
         // Display imported work orders
         $objView =& CreateObject('dcl.boView');
         $objView->style = 'report';
         $objView->title = 'Work Order CSV Upload Results';
         $objView->AddDef('filter', 'jcn', $newjcns);
         $objView->AddDef('order', 'jcn');
         $objView->AddDef('columns', '', array('jcn', 'seq', 'responsible.short', 'products.name', 'statuses.name', 'eststarton', 'deadlineon', 'etchours', 'totalhours', 'summary'));
         $objView->AddDef('columnhdrs', '', array(STR_WO_JCN, STR_WO_SEQ, STR_WO_RESPONSIBLE, STR_WO_PRODUCT, STR_WO_STATUS, STR_WO_ESTSTART, STR_WO_DEADLINE, STR_WO_ETCHOURS, STR_WO_ACTHOURS, STR_WO_SUMMARY));
         $objHV =& CreateObject('dcl.htmlWorkOrderResults');
         $objHV->Render($objView);
     }
 }

Esempio n. 4

0

Mostra file

File: class.DCL_Sanitize.inc.php Progetto: ljvblfz/mysoftwarebrasil

 function ToActualFileName($sFieldName, $iIndex = -1)
 {
     if (DCL_Sanitize::ToFileName($sFieldName) === null) {
         return null;
     }
     if ($iIndex == -1) {
         return $_FILES[$sFieldName]['name'];
     }
     return $_FILES[$sFieldName]['name'][$iIndex];
 }

Esempio n. 5

0

Mostra file

File: class.boTimecards.inc.php Progetto: ljvblfz/mysoftwarebrasil

 function dbadd()
 {
     global $dcl_info, $g_oSec;
     commonHeader();
     if (!$g_oSec->HasPerm(DCL_ENTITY_WORKORDER, DCL_PERM_ACTION)) {
         return PrintPermissionDenied();
     }
     $objTimecard =& CreateObject('dcl.dbTimeCards');
     $objWorkorder =& CreateObject('dcl.dbWorkorders');
     $oStatus =& CreateObject('dcl.dbStatuses');
     $objTimecard->InitFromGlobals();
     $objTimecard->actionby = $GLOBALS['DCLID'];
     if ($g_oSec->IsPublicUser()) {
         $objTimecard->is_public = 'Y';
     } else {
         $objTimecard->is_public = @DCL_Sanitize::ToYN($_REQUEST['is_public']);
     }
     $objTimecard->inputon = DCL_NOW;
     if ($objWorkorder->Load($objTimecard->jcn, $objTimecard->seq) == -1) {
         return;
     }
     if (($targeted_version_id = @DCL_Sanitize::ToInt($_REQUEST['targeted_version_id'])) === null) {
         $targeted_version_id = 0;
     }
     if (($fixed_version_id = @DCL_Sanitize::ToInt($_REQUEST['fixed_version_id'])) === null) {
         $fixed_version_id = 0;
     }
     $status = $objWorkorder->status;
     $objTimecard->Add($targeted_version_id, $fixed_version_id);
     $notify = '4';
     if ($status != $objTimecard->status) {
         $notify .= ',3';
         if ($oStatus->GetStatusType($objTimecard->status) == 2) {
             $notify .= ',2';
             // also need to close all incomplete tasks and warn user if it happens
             $this->closeIncompleteTasks($objTimecard->jcn, $objTimecard->seq);
         } elseif ($oStatus->GetStatusType($objTimecard->status) == 1 && $oStatus->GetStatusType($status) != 1) {
             $notify .= ',1';
         }
     }
     // See if we modified some work order items
     // * Tags
     if (isset($_REQUEST['tags']) && $g_oSec->HasPerm(DCL_ENTITY_WORKORDER, DCL_PERM_MODIFY)) {
         $oTag =& CreateObject('dcl.dbEntityTag');
         $oTag->serialize(DCL_ENTITY_WORKORDER, $objWorkorder->jcn, $objWorkorder->seq, $_REQUEST['tags']);
     }
     // * Hotlists
     if (isset($_REQUEST['hotlist']) && $g_oSec->HasPerm(DCL_ENTITY_WORKORDER, DCL_PERM_MODIFY)) {
         $oTag =& CreateObject('dcl.dbEntityHotlist');
         $oTag->serialize(DCL_ENTITY_WORKORDER, $objWorkorder->jcn, $objWorkorder->seq, $_REQUEST['hotlist']);
     }
     // * Organizations - only if multiple are allowed to improve workflow
     if ($g_oSec->HasPerm(DCL_ENTITY_WORKORDER, DCL_PERM_MODIFY) && $dcl_info['DCL_WO_SECONDARY_ACCOUNTS_ENABLED'] == 'Y') {
         $oWOA =& CreateObject('dcl.dbWorkOrderAccount');
         if (isset($_REQUEST['secaccounts'])) {
             $aAccounts = @DCL_Sanitize::ToIntArray($_REQUEST['secaccounts']);
             if ($aAccounts === null) {
                 $aAccounts = array();
             }
             $oWOA->DeleteByWorkOrder($objWorkorder->jcn, $objWorkorder->seq, join(',', $aAccounts));
             // Add the new ones
             if (count($aAccounts) > 0) {
                 $oWOA->wo_id = $objWorkorder->jcn;
                 $oWOA->seq = $objWorkorder->seq;
                 for ($i = 0; $i < count($aAccounts); $i++) {
                     if ($aAccounts[$i] > 0) {
                         $oWOA->account_id = $aAccounts[$i];
                         $oWOA->Add();
                     }
                 }
             }
         } else {
             $oWOA->DeleteByWorkOrder($objWorkorder->jcn, $objWorkorder->seq);
         }
     }
     // * Project
     if ($g_oSec->HasPerm(DCL_ENTITY_PROJECT, DCL_PERM_ADDTASK)) {
         if (($iProjID = @DCL_Sanitize::ToInt($_REQUEST['projectid'])) !== null && $iProjID > 0) {
             $oProjectMap =& CreateObject('dcl.dbProjectmap');
             if ($oProjectMap->LoadByWO($objWorkorder->jcn, $objWorkorder->seq) == -1 || $oProjectMap->projectid != $iProjID) {
                 $oProject = CreateObject('dcl.boProjects');
                 $aSource = array();
                 $aSource['selected'] = array($objWorkorder->jcn . '.' . $objWorkorder->seq);
                 $aSource['projectid'] = $iProjID;
                 $oProject->batchMove($aSource);
             }
         }
     }
     // * File attachment
     if (($sFileName = DCL_Sanitize::ToFileName('userfile')) !== null && $g_oSec->HasPerm(DCL_ENTITY_WORKORDER, DCL_PERM_ATTACHFILE)) {
         $o =& CreateObject('dcl.boFile');
         $o->iType = DCL_ENTITY_WORKORDER;
         $o->iKey1 = $objWorkorder->jcn;
         $o->iKey2 = $objWorkorder->seq;
         $o->sFileName = DCL_Sanitize::ToActualFileName('userfile');
         $o->sTempFileName = $sFileName;
         $o->sRoot = $dcl_info['DCL_FILE_PATH'] . '/attachments';
         $o->Upload();
     }
     $objWtch =& CreateObject('dcl.boWatches');
     // Reload before sending since time card modifies the work order
     $objWorkorder->Load($objTimecard->jcn, $objTimecard->seq);
     $objWtch->sendNotification($objWorkorder, $notify);
     // if BuildManager is used, find info on who submitted the WO
     if ($dcl_info['DCL_BUILD_MANAGER_ENABLED'] == 'Y') {
         //			$oBM = CreateObject('dcl.dbBuildManager');
         //			$oBM->CheckDepartmentSubmit($objTimecard->jcn, $objTimecard->seq, $objWorkorder->product);
     }
     $objWO =& CreateObject('dcl.htmlWorkOrderDetail');
     $objWO->Show($objTimecard->jcn, $objTimecard->seq);
 }

Esempio n. 6

0

Mostra file

File: class.boProjects.inc.php Progetto: ljvblfz/mysoftwarebrasil

 function doupload()
 {
     global $dcl_info, $g_oSec;
     commonHeader();
     if (($projectid = @DCL_Sanitize::ToInt($_REQUEST['projectid'])) === null) {
         trigger_error('Data sanitize failed.');
         return;
     }
     if (!$g_oSec->HasPerm(DCL_ENTITY_PROJECT, DCL_PERM_ATTACHFILE, $projectid)) {
         return PrintPermissionDenied();
     }
     if (($sFileName = DCL_Sanitize::ToFileName('userfile')) !== null) {
         $o =& CreateObject('dcl.boFile');
         $o->iType = DCL_ENTITY_PROJECT;
         $o->iKey1 = $projectid;
         $o->sFileName = DCL_Sanitize::ToActualFileName('userfile');
         $o->sTempFileName = $sFileName;
         $o->sRoot = $dcl_info['DCL_FILE_PATH'] . '/attachments';
         $o->Upload();
     } else {
         trigger_error('Invalid request');
         return;
     }
     $objHTML =& CreateObject('dcl.htmlProjectsdetail');
     $objHTML->Show($projectid, 0, 0);
 }

Esempio n. 7

0

Mostra file

File: class.boTickets.inc.php Progetto: ljvblfz/mysoftwarebrasil

 function doupload()
 {
     global $dcl_info, $g_oSec;
     commonHeader();
     if (!$g_oSec->HasPerm(DCL_ENTITY_TICKET, DCL_PERM_ATTACHFILE)) {
         return PrintPermissionDenied();
     }
     if (($iID = @DCL_Sanitize::ToInt($_REQUEST['ticketid'])) === null) {
         trigger_error('Data sanitize failed.');
         return;
     }
     $objTicket =& CreateObject('dcl.dbTickets');
     if ($objTicket->Load($iID) == -1) {
         return;
     }
     if (($sFileName = DCL_Sanitize::ToFileName('userfile')) === null) {
         return PrintPermissionDenied();
     }
     $o =& CreateObject('dcl.boFile');
     $o->iType = DCL_ENTITY_TICKET;
     $o->iKey1 = $iID;
     $o->sFileName = DCL_Sanitize::ToActualFileName('userfile');
     $o->sTempFileName = $sFileName;
     $o->sRoot = $dcl_info['DCL_FILE_PATH'] . '/attachments';
     $o->Upload();
     $obj =& CreateObject('dcl.htmlTicketDetail');
     $obj->Show($objTicket);
 }

Esempi in PHP per DCL_Sanitize::ToFileName