function nf_testsuite_setvar1_posthandler($processid, $taskid, $userid, $projectid)
{
if ($processid > 0 and $taskid > 0) {
$nfclass = new nexflow($processid, $userid);
$nfclass->set_currentTaskid($taskid);
$msg = $nfclass->get_taskOptionalParm();
$var1 = COM_applyFilter($_POST['var1'], true);
$nfclass->set_processVariable('VAR1', $var1);
$nfclass->complete_task($taskid);
nf_changeLog("You set VAR1 to {$var1}. Verify the following messages line up!");
}
}
$function_handler = COM_applyFilter($_POST['function_handler']);
$prj_id = COM_applyFilter($_POST['projectid']);
$taskid = COM_applyFilter($_POST['taskid']);
$processid = COM_applyFilter($_POST['processid']);
if (function_exists($function_handler)) {
$errmsg = $function_handler($processid, $taskid, $usermodeUID, $prj_id);
}
echo taskconsoleShowNavbar('My Tasks');
echo display_mytasks();
break;
case 'newRequest':
$workFlowTemplate = COM_applyFilter($_REQUEST['wflow']);
$workFlowOffset = COM_applyFilter($_REQUEST['offset']);
$nfclass = new nexflow();
$newprocid = $nfclass->newprocess($workFlowTemplate, $workFlowOffset);
$nfclass->set_processVariable('INITIATOR', $usermodeUID);
echo COM_refresh($CONF_FE['post_url'] . '/index.php?op=edit&id=58&processid=' . $newprocid . '&taskid=0&usermodeuid=' . $usermodeUID);
break;
case 'reassignments':
echo taskconsoleShowNavbar('My Tasks');
echo display_reassignedTasks();
break;
case 'reclaimtask':
$id = COM_applyFilter($_REQUEST['id'], true);
//added assignBack_uid check in sql statement only to ensure authenticated user is requesting task back
$sql = "SELECT a.task_id, a.uid, a.security_hash, b.fullname, b.email\r\n FROM {$_TABLES['nf_productionassignments']} a\r\n LEFT JOIN {$_TABLES['users']} b ON a.uid=b.uid\r\n WHERE id={$id} AND assignBack_uid={$_USER['uid']};";
$res = DB_query($sql);
//should have 1 row return. Otherwise, user is either a) not the user
//that is the assignback_uid or b) user has tampered with the url
$A = DB_fetchArray($res);
if ($A != FALSE) {
