From 0201c36b1468a16eb89218e7c798cf0ce2adac5c Mon Sep 17 00:00:00 2001 From: Clemente Raposo Date: Fri, 17 Dec 2021 12:36:31 +0000 Subject: [PATCH] SuiteCRM 7.12.2 Release --- ModuleInstall/ModuleScanner.php | 83 ++++++++++++++++++++++---------- README.md | 2 +- download.php | 15 ++++-- files.md5 | 58 +++++++++++----------- modules/Project/controller.php | 10 ++-- modules/UpgradeWizard/upload.php | 22 ++++++++- suitecrm_version.php | 4 +- 7 files changed, 128 insertions(+), 66 deletions(-) diff --git a/ModuleInstall/ModuleScanner.php b/ModuleInstall/ModuleScanner.php index 2e2f00f5805..919c9fb2049 100755 --- a/ModuleInstall/ModuleScanner.php +++ b/ModuleInstall/ModuleScanner.php @@ -212,6 +212,7 @@ class ModuleScanner 'call_user_func', 'call_user_func_array', 'create_function', + 'phpinfo', //mutliple files per function call @@ -575,6 +576,7 @@ public function isPHPFile($contents) // found isValidExtension($file)) { - $issues[] = translate('ML_INVALID_EXT'); + $issues[] = translate('ML_INVALID_EXT', 'Administration'); $this->issues['file'][$file] = $issues; return $issues; } if ($this->isConfigFile($file)) { - $issues[] = translate('ML_OVERRIDE_CORE_FILES'); + $issues[] = translate('ML_OVERRIDE_CORE_FILES', 'Administration'); $this->issues['file'][$file] = $issues; + return $issues; } $contents = file_get_contents($file); @@ -609,7 +612,7 @@ public function scanFile($file) if (is_string($token[0])) { switch ($token[0]) { case '`': - $issues['backtick'] = translate('ML_INVALID_FUNCTION') . " '`'"; + $issues['backtick'] = translate('ML_INVALID_FUNCTION', 'Administration') . " '`'"; // no break case '(': if ($checkFunction) { @@ -625,9 +628,15 @@ public function scanFile($file) case T_WHITESPACE: break; case T_EVAL: if (in_array('eval', $this->blackList) && !in_array('eval', $this->blackListExempt)) { - $issues[]= translate('ML_INVALID_FUNCTION') . ' eval()'; + $issues[]= translate('ML_INVALID_FUNCTION', 'Administration') . ' eval()'; } break; + case T_ECHO: + $issues[]= translate('ML_INVALID_FUNCTION', 'Administration') . ' echo'; + break; + case T_EXIT: + $issues[]= translate('ML_INVALID_FUNCTION', 'Administration') . ' exit / die'; + break; case T_STRING: $token[1] = strtolower($token[1]); if ($lastToken !== false && $lastToken[0] == T_NEW) { @@ -651,21 +660,20 @@ public function scanFile($file) // check static blacklist for methods if (!empty($this->methodsBlackList[$token[1]])) { if ($this->methodsBlackList[$token[1]] == '*') { - $issues[]= translate('ML_INVALID_METHOD') . ' ' .$token[1]. '()'; + $issues[]= translate('ML_INVALID_METHOD', 'Administration') . ' ' .$token[1]. '()'; break; - } else { - if ($lastToken[0] == T_DOUBLE_COLON && $index > 2 && $tokens[$index-2][0] == T_STRING) { - $classname = strtolower($tokens[$index-2][1]); - if (in_array($classname, $this->methodsBlackList[$token[1]])) { - $issues[]= translate('ML_INVALID_METHOD') . ' ' .$classname . '::' . $token[1]. '()'; - break; - } + } + if ($lastToken[0] == T_DOUBLE_COLON && $index > 2 && $tokens[$index-2][0] == T_STRING) { + $classname = strtolower($tokens[$index-2][1]); + if (in_array($classname, $this->methodsBlackList[$token[1]])) { + $issues[]= translate('ML_INVALID_METHOD', 'Administration') . ' ' .$classname . '::' . $token[1]. '()'; + break; } } } //this is a method call, check the black list if (in_array($token[1], $this->methodsBlackList)) { - $issues[]= translate('ML_INVALID_METHOD') . ' ' .$token[1]. '()'; + $issues[]= translate('ML_INVALID_METHOD', 'Administration') . ' ' .$token[1]. '()'; } break; } @@ -681,7 +689,7 @@ public function scanFile($file) // no break case T_VARIABLE: $checkFunction = true; - $possibleIssue = translate('ML_INVALID_FUNCTION') . ' ' . $token[1] . '()'; + $possibleIssue = translate('ML_INVALID_FUNCTION', 'Administration') . ' ' . $token[1] . '()'; break; default: @@ -866,18 +874,13 @@ public function scanPackage($path) /** *This function will take all issues of the current instance and print them to the screen **/ - public function displayIssues($package='Package') + public function displayIssues($package = 'Package') { - echo '

'.str_replace('{PACKAGE}', $package, translate('ML_PACKAGE_SCANNING')). '


' . translate('ML_INSTALLATION_FAILED') . '


' .str_replace('{PACKAGE}', $package, translate('ML_PACKAGE_NOT_CONFIRM')). '


' . translate('ML_SUGAR_LOADING_POLICY') . ' ' . translate('ML_SUITE_KB') . '.'. -'
' . translate('ML_AVAIL_RESTRICTION'). ' ' . translate('ML_SUITE_DZ') . '.

'; - - - foreach ($this->issues as $type=>$issues) { - echo '

'. ucfirst($type) .' ' . translate('ML_ISSUES') . '

'; + foreach ($this->issues as $type => $issues) { + echo '

' . ucfirst($type) . ' ' . translate('ML_ISSUES', 'Administration') . '

'; echo '
'; - foreach ($issues as $file=>$issue) { - $file = str_replace($this->pathToModule . '/', '', $file); + foreach ($issues as $file => $issue) { + $file = preg_replace('/.*\//', '', $file); echo '
' . $file . '
'; if (is_array($issue)) { foreach ($issue as $i) { @@ -893,6 +896,36 @@ public function displayIssues($package='Package') echo "
"; } + /** + *This function will take all issues of the current instance and add them to a string + **/ + public function getIssuesLog($package = 'Package') + { + $message = ''; + + foreach ($this->issues as $type => $issues) { + $message .= '

' . ucfirst($type) . ' ' . translate('ML_ISSUES', + 'Administration') . '

'; + $message .= '
'; + foreach ($issues as $file => $issue) { + $file = preg_replace('/.*\//', '', $file); + $message .= '
' . $file . '
'; + if (is_array($issue)) { + foreach ($issue as $i) { + $message .= "$i
"; + } + } else { + $message .= "$issue
"; + } + $message .= "
"; + } + $message .= '
'; + } + + return $message; + } + + /** * Lock config settings */ @@ -912,7 +945,7 @@ public function checkConfig($file) { $config_hash_after = md5(serialize($GLOBALS['sugar_config'])); if ($config_hash_after != $this->config_hash) { - $this->issues['file'][$file] = array(translate('ML_CONFIG_OVERRIDE')); + $this->issues['file'][$file] = array(translate('ML_CONFIG_OVERRIDE', 'Administration')); return $this->issues; } return false; diff --git a/README.md b/README.md index 5a0a73a6d1c..1e49d450d30 100755 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ -# SuiteCRM 7.12.1 +# SuiteCRM 7.12.2 [![Build Status](https://travis-ci.org/salesagility/SuiteCRM.svg?branch=hotfix)](https://travis-ci.org/salesagility/SuiteCRM) [![codecov](https://codecov.io/gh/salesagility/SuiteCRM/branch/hotfix/graph/badge.svg)](https://codecov.io/gh/salesagility/SuiteCRM/branch/hotfix) diff --git a/download.php b/download.php index 41444d0855c..4b225630081 100755 --- a/download.php +++ b/download.php @@ -206,7 +206,7 @@ $mime_type = 'application/octet-stream'; break; } - + if ($doQuery && isset($query)) { $rs = DBManagerFactory::getInstance()->query($query); $row = DBManagerFactory::getInstance()->fetchByAssoc($rs); @@ -261,7 +261,14 @@ } } else { header('Content-type: ' . $mime_type); - if (isset($_REQUEST['preview']) && $_REQUEST['preview'] === 'yes' && $mime_type !== 'text/html') { + + $showPreview = false; + + if (in_array($row['file_ext'], $sugar_config['allowed_preview'], true)) { + $showPreview = isset($_REQUEST['preview']) && $_REQUEST['preview'] === 'yes' && $mime_type !== 'text/html'; + } + + if ($showPreview === true) { header('Content-Disposition: inline; filename="' . $name . '";'); } else { header('Content-Disposition: attachment; filename="' . $name . '";'); @@ -281,8 +288,8 @@ ob_start(); echo clean_file_output(file_get_contents($download_location), $mime_type); - + $output = ob_get_contents(); ob_end_clean(); - + echo $output; diff --git a/files.md5 b/files.md5 index 96d9d43729c..488dfc894c6 100755 --- a/files.md5 +++ b/files.md5 @@ -1,5 +1,5 @@ '69a1e7b3d7755a2a63499a16ddae81cf', './Api/Core/Config/slim.php' => 'b134e68765e6a1403577e2a5a06322b8', @@ -102,7 +102,7 @@ $md5_string = array ( './HandleAjaxCall.php' => '954cebdd8ea2ab1e5c03658b184322fd', './LICENSE.txt' => 'd3f150e4a5bed444763ebe8a81742a95', './ModuleInstall/ModuleInstaller.php' => '526a3e11024b84f3602f9857d69a8e47', - './ModuleInstall/ModuleScanner.php' => '7ce0aaf0c2c4b05a6e9588ea36065a7f', + './ModuleInstall/ModuleScanner.php' => '5bd029e1955c5c243ce4cc567cc99367', './ModuleInstall/PackageManager/ListViewPackages.php' => 'dd40ddc497010be809cb03c63499ac4f', './ModuleInstall/PackageManager/PackageController.php' => '03db58edbce570e532e1c55dbb657889', './ModuleInstall/PackageManager/PackageManager.php' => 'ad764627f0515370ef800ba88dfe49e8', @@ -115,7 +115,7 @@ $md5_string = array ( './ModuleInstall/PackageManager/tpls/PackageManagerLicense.tpl' => 'df5e267d1df5ce08fb9406e42d5b4816', './ModuleInstall/PackageManager/tpls/PackageManagerScripts.tpl' => '98e396c0aa57329731fda19c790fffb2', './ModuleInstall/extensions.php' => '094f4650261f6efbab1b90b119829388', - './README.md' => '907df202f6bfd978ccbff16441d12df6', + './README.md' => 'ecdc892452414ccb5cb20142ad118de4', './RoboFile.php' => '045b82c1df69553824d0e4ffcce6e03c', './SugarSecurity.php' => '47e316b2d408e8c5192c8ea4a4f921b3', './TreeData.php' => '32873e20cb5fd33f9d1cdaf18c3cac5c', @@ -522,7 +522,7 @@ $md5_string = array ( './data/SugarBean.php' => 'd8544e7bffbd4eeea20053f52c5514bd', './deprecated.php' => 'f5f507fd6314f38d29c97e2cc2c62239', './dictionary.php' => 'b7c1370fb75a2940c04db74627c4462c', - './download.php' => 'f2d366039d134ac463ff1e75634ce509', + './download.php' => '1d337efcbfc68d524faab8c4460e107a', './emailmandelivery.php' => 'e079e094dd3d4e361670a179f50b1fdd', './export.php' => '299a444bd270a6149c02ae8b7bbb3726', './ical_server.php' => '36acd0eb4bdabcdb8c70497b5cc79d16', @@ -1631,7 +1631,7 @@ $md5_string = array ( './include/javascript/jstree/test/visual/screenshots/mobile/home.png' => '446d85d3b0e0e7af49bfeaeb10a3a9a9', './include/javascript/jstree/test/visual/screenshots/mobile/mobile.png' => '4e76b00d1d4edd46e9342867b4f4e0af', './include/javascript/menu.js' => '700ccdcd392049e89935a3c3ba7ef73b', - './include/javascript/message-box.js' => '97decd270298e718d7f6742efa6eb278', + './include/javascript/message-box.js' => 'c78157615ad74518b32b6e2e26f37022', './include/javascript/moment.min.js' => '03c1d3ad0acf482f87368e3ea7af14c2', './include/javascript/mozaik/README.md' => 'de6a804f592e7e1fb3ae3f8fc2359edd', './include/javascript/mozaik/colorpicker/css/colorpicker.css' => 'e77424e5eaf875d3ed66b167db3936ed', @@ -2606,7 +2606,7 @@ $md5_string = array ( './jssource/src_files/include/javascript/jsclass_async.js' => '6d2f3226cf797a3830fb0f96a49b8b2c', './jssource/src_files/include/javascript/jsclass_base.js' => '0e99f15d99c783d457d96e3198c0cb95', './jssource/src_files/include/javascript/menu.js' => '8e8add77d513333cc56ff829c23befbe', - './jssource/src_files/include/javascript/message-box.js' => 'c4e1854f58023512499edd90d0e9172e', + './jssource/src_files/include/javascript/message-box.js' => 'd91df716ac114fa9845be820ed756b1e', './jssource/src_files/include/javascript/phpjs/get_html_translation_table.js' => '9667941dd790119d552f99b6d6b73fdf', './jssource/src_files/include/javascript/phpjs/html_entity_decode.js' => '022ed687a9c7c55a21b4a2aaa848921d', './jssource/src_files/include/javascript/phpjs/htmlentities.js' => 'a4369a51c1d8d1670f78b68c28330424', @@ -3638,17 +3638,17 @@ $md5_string = array ( './modules/AOW_Processed/metadata/subpanels/default.php' => 'a854bad4c87fee3ae01b971e88041b66', './modules/AOW_Processed/vardefs.php' => 'b8116bafbeac63b860466832c444da40', './modules/AOW_Processed/views/view.list.php' => '2f4404c998460f095e3affe63ce1958d', - './modules/AOW_WorkFlow/AOW_WorkFlow.php' => '0a4595bcd982a7c89ab566321ab0227d', + './modules/AOW_WorkFlow/AOW_WorkFlow.php' => '83b3009636ab14da43bb0e1b1f7112b6', './modules/AOW_WorkFlow/Dashlets/AOW_WorkFlowDashlet/AOW_WorkFlowDashlet.meta.php' => '307d5c5c4e36070f26fcd7019a7c3ce7', './modules/AOW_WorkFlow/Dashlets/AOW_WorkFlowDashlet/AOW_WorkFlowDashlet.php' => '9b68831e41b81207bf2e3a1a42b266b2', './modules/AOW_WorkFlow/Menu.php' => 'bda4b71d876e065f7661bce4a91bde57', './modules/AOW_WorkFlow/aow_utils.php' => '0f06117126fbfe5cc6fa498a6ddbb4b8', './modules/AOW_WorkFlow/controller.php' => '80bf5d8ed3fec47f72320c318719e630', - './modules/AOW_WorkFlow/language/en_us.lang.php' => 'd3f5d7f63df072fe0d79bc5385dadbbf', + './modules/AOW_WorkFlow/language/en_us.lang.php' => '3257fefa8880da77ef4c90c08fab9dad', './modules/AOW_WorkFlow/metadata/SearchFields.php' => '125fca8f181fd8c4fbb159fd71096bd7', './modules/AOW_WorkFlow/metadata/dashletviewdefs.php' => '113c2f1f0cd10818f564704bcca7c14c', - './modules/AOW_WorkFlow/metadata/detailviewdefs.php' => 'ccf1b5c10936884a44e2f155ab71afeb', - './modules/AOW_WorkFlow/metadata/editviewdefs.php' => 'af6bae5b500c168cee317f9f166a0a2a', + './modules/AOW_WorkFlow/metadata/detailviewdefs.php' => 'd585f5d2191dc56f4f8bf2e9e218e45d', + './modules/AOW_WorkFlow/metadata/editviewdefs.php' => '28914aa96a091ec183728f71006ae689', './modules/AOW_WorkFlow/metadata/listviewdefs.php' => '9068575782d803d94517c12954fb0a0e', './modules/AOW_WorkFlow/metadata/metafiles.php' => '7584c90c84e8a96b21d38eb28d5eeeb9', './modules/AOW_WorkFlow/metadata/popupdefs.php' => '63d9d82f9a867498d239b8774366302c', @@ -3656,7 +3656,7 @@ $md5_string = array ( './modules/AOW_WorkFlow/metadata/searchdefs.php' => 'b87c0f0ee913106deaee64b8f53dce54', './modules/AOW_WorkFlow/metadata/subpaneldefs.php' => '622ff373a39724c4555fe77dac4f4466', './modules/AOW_WorkFlow/metadata/subpanels/default.php' => 'ad81319c7fcbcf54e938a93c865e1b57', - './modules/AOW_WorkFlow/vardefs.php' => '627e2c280f00bb5350b6d275da79af70', + './modules/AOW_WorkFlow/vardefs.php' => 'c82a06b7557d68cfbc6d44461bddf86f', './modules/Accounts/Account.js' => '88bd59a0507a3d56a0836b667c9de729', './modules/Accounts/Account.php' => 'e737265dbe8552f334032c6555b0cb7f', './modules/Accounts/AccountFormBase.php' => '03eb01512d8cec01a5022a25db83be5d', @@ -4544,7 +4544,7 @@ $md5_string = array ( './modules/EmailMan/Forms.php' => 'd939f3555ef708f533a77c77b696ccd8', './modules/EmailMan/Menu.php' => '9fec01e70c034091a9fe652a61407886', './modules/EmailMan/action_view_map.php' => 'e4b8e3c021d90ed66c74caa7e1f8e4c5', - './modules/EmailMan/controller.php' => '3af2309adb15b87358d1c08b35a7d280', + './modules/EmailMan/controller.php' => '6a79f210b78331386f738a2d6e1a1c78', './modules/EmailMan/field_arrays.php' => '46faacb2ea303c961a1871ea613a455f', './modules/EmailMan/language/en_us.lang.php' => 'ba2d83e744656eeb3aae03f3dc5c0396', './modules/EmailMan/metadata/SearchFields.php' => '16ab0bf5917fd13e2bb8dd99c3444dd8', @@ -4648,7 +4648,7 @@ $md5_string = array ( './modules/Emails/include/ComposeView/ComposeView.tpl' => '1ec29fbb9803c24e5ed8a12155668e58', './modules/Emails/include/ComposeView/ComposeViewBlank.tpl' => '22365ce6727ffb560e5ad3fc187f13f2', './modules/Emails/include/ComposeView/ComposeViewToolbar.tpl' => '656b26827857375278124e4610b9ff06', - './modules/Emails/include/ComposeView/EmailsComposeView.js' => '5c836fdc4d36bb39c6b027f13f9724db', + './modules/Emails/include/ComposeView/EmailsComposeView.js' => '65624a5e5985e5f9deee1e4725533462', './modules/Emails/include/DetailView/EmailsDetailView.php' => 'f95937f398f37afe3927ecc035b8b743', './modules/Emails/include/DetailView/EmailsDraftDetailView.php' => 'baafca815e89a4c0ec3df8b6192552ea', './modules/Emails/include/DetailView/EmailsNonImportedDetailView.php' => 'ef9ecbcf65fa6f03e32f94b6a9805b2f', @@ -4695,12 +4695,12 @@ $md5_string = array ( './modules/Emails/metadata/composeviewdefs.php' => '4cc688ab31ce40c70a476304e890f5df', './modules/Emails/metadata/dashletviewdefs.php' => 'f1b4e7eed099e0302f5f9f89ca507d12', './modules/Emails/metadata/detaildraftviewdefs.php' => '49fc6d1b8885420494460fc1037bc6ea', - './modules/Emails/metadata/detailviewdefs.php' => 'dc061470876aebf0a41c2e9841d103ef', + './modules/Emails/metadata/detailviewdefs.php' => '0e6b0bc4f9e006978b6d33dc902a6779', './modules/Emails/metadata/editviewdefs.php' => 'ab93b79de12963a9ca0e112d50477958', './modules/Emails/metadata/importviewdefs.php' => '393b8a7c1f9d5b23bc75ce5d6dfdfc51', './modules/Emails/metadata/listviewdefs.php' => '6352a475112c82070f741f5f6386aff3', './modules/Emails/metadata/metafiles.php' => '9876f3a92c8fffb0b7d3aec6993c370d', - './modules/Emails/metadata/nonimporteddetailviewdefs.php' => '1ad3f9ec3a06923de996e34a92f7aae4', + './modules/Emails/metadata/nonimporteddetailviewdefs.php' => 'ae75f85d07dc926ff8a489cfad6c27a0', './modules/Emails/metadata/popupdefs.php' => 'ba85426b428b440975b08f5e9a016ece', './modules/Emails/metadata/qcmodulesdefs.php' => '478fea3bbc381ed9a686c7ccc4bc43b4', './modules/Emails/metadata/quickcreatedefs.php' => '874d3cf3d04e0514195610ede098428a', @@ -5193,7 +5193,7 @@ $md5_string = array ( './modules/ModuleBuilder/parsers/parser.modifysubpanel.php' => '27b433079ba0b51495f59defd0bb348f', './modules/ModuleBuilder/parsers/parser.searchfields.php' => 'e4fb09e49c5247ac4744a8be34e4a686', './modules/ModuleBuilder/parsers/relationships/AbstractRelationship.php' => 'b83c367fd72d1133dd393e44385c1b0c', - './modules/ModuleBuilder/parsers/relationships/AbstractRelationships.php' => 'ee74b56f73e591c5ef86a16a0c6ddd31', + './modules/ModuleBuilder/parsers/relationships/AbstractRelationships.php' => 'e4e2cf6967656d21bd42106f0bf2b83b', './modules/ModuleBuilder/parsers/relationships/ActivitiesRelationship.php' => '5cd20dd7c88ca328d9fdc43592585fc9', './modules/ModuleBuilder/parsers/relationships/DeployedRelationships.php' => 'faa507ca4856cf7bec90833b6ab04970', './modules/ModuleBuilder/parsers/relationships/ManyToManyRelationship.php' => 'bc77bfba6dbb8f53578fa4ce8f526491', @@ -5277,7 +5277,7 @@ $md5_string = array ( './modules/ModuleBuilder/views/view.package.php' => '98f14929cf217186a081488380427c5a', './modules/ModuleBuilder/views/view.popupview.php' => 'fd818423e7b49d9a39c746be70091967', './modules/ModuleBuilder/views/view.property.php' => 'af44584a8a61a1b8e11b0befa2847ad5', - './modules/ModuleBuilder/views/view.relationship.php' => '93bb9749d35157c57b63088eb59f298a', + './modules/ModuleBuilder/views/view.relationship.php' => '50ed2a210cb2d277e047b11eb41ff625', './modules/ModuleBuilder/views/view.relationships.php' => 'db321972c1dc7a533ca370b2408c1c6e', './modules/ModuleBuilder/views/view.resetmodule.php' => '59b291e348f014358a3f3b588bde2990', './modules/ModuleBuilder/views/view.searchview.php' => 'fbca76bd29e0bcdb3a4ca10e281ac57c', @@ -5322,12 +5322,12 @@ $md5_string = array ( './modules/OAuth2Clients/js/PasswordCredentialsValidation.js' => 'd20b36468c15522c07606ddfe6204c64', './modules/OAuth2Clients/language/en_us.lang.php' => '41cc684474703a8d6f1c7ba76b4a900f', './modules/OAuth2Clients/metadata/SearchFields.php' => '0c30055d8ac347f228fe8fd18891c01e', - './modules/OAuth2Clients/metadata/detailcredentialsviewdefs.php' => 'cfcc4106c19bbd7820f20b93ef92f831', - './modules/OAuth2Clients/metadata/detailpasswordviewdefs.php' => '05bad4c0938bd89a725a95219d4b7ca3', - './modules/OAuth2Clients/metadata/detailviewdefs.php' => '752ef40916c7b1da82415063ece8638b', - './modules/OAuth2Clients/metadata/editcredentialsviewdefs.php' => 'ff8140e9404e2baacd2d7328e0bd0aeb', - './modules/OAuth2Clients/metadata/editpasswordviewdefs.php' => '37d0505b27bba6fb6fe79378187f1a94', - './modules/OAuth2Clients/metadata/editviewdefs.php' => '087f5db2a82577312f2d7a384ede2ec6', + './modules/OAuth2Clients/metadata/detailcredentialsviewdefs.php' => '7b697367c75b861cc31f3908c891a424', + './modules/OAuth2Clients/metadata/detailpasswordviewdefs.php' => 'a0ff587a982ccb98c693a95083d12c37', + './modules/OAuth2Clients/metadata/detailviewdefs.php' => '06a24351d5c0c05134efb22a779562ef', + './modules/OAuth2Clients/metadata/editcredentialsviewdefs.php' => '4d247876f3ba72caea12bf2218313357', + './modules/OAuth2Clients/metadata/editpasswordviewdefs.php' => '03e345601ae7834a3db7eeeb23b50173', + './modules/OAuth2Clients/metadata/editviewdefs.php' => 'e5f20eb75f4f9c90ebed7e913cea5dca', './modules/OAuth2Clients/metadata/listviewdefs.php' => '4282034fa7a8316948346787d4641c65', './modules/OAuth2Clients/metadata/metafiles.php' => '41cd83567c02ce1a8edc8634307f5cdd', './modules/OAuth2Clients/metadata/popupdefs.php' => '7a2066ca250a032afb73d2feb5026d5a', @@ -5425,8 +5425,8 @@ $md5_string = array ( './modules/OutboundEmailAccounts/language/en_us.lang.php' => '9b9becdbac51bb11ec5009007f7aa682', './modules/OutboundEmailAccounts/metadata/SearchFields.php' => 'b1d3821e188938066156f0c85d4e37fe', './modules/OutboundEmailAccounts/metadata/dashletviewdefs.php' => '93e262245007ffc79f1ff9938e8bbac9', - './modules/OutboundEmailAccounts/metadata/detailviewdefs.php' => '464e6ae2faa0d79b72999ca462dd9fa9', - './modules/OutboundEmailAccounts/metadata/editviewdefs.php' => 'c52ee86e9832d7c210134710d98396d6', + './modules/OutboundEmailAccounts/metadata/detailviewdefs.php' => '948df4801e3d229ea4bac06e247fd643', + './modules/OutboundEmailAccounts/metadata/editviewdefs.php' => 'f28a1bf18ca13bcfe8229c1d5fa6eee4', './modules/OutboundEmailAccounts/metadata/listviewdefs.php' => 'b55ab9fcc7b7fe5dc24847570f53c5c6', './modules/OutboundEmailAccounts/metadata/metafiles.php' => 'd163cfdaa7fa3d697326f798bbcc6867', './modules/OutboundEmailAccounts/metadata/popupdefs.php' => '3464601d89e63838c93f7bfcd2142eec', @@ -5452,7 +5452,7 @@ $md5_string = array ( './modules/Project/SubPanelView.php' => 'af95a6ef52973f660100c71164dd42fe', './modules/Project/action_view_map.php' => 'bfb14b59f2e972e576ab76d3d5aceac0', './modules/Project/chart.php' => '02539a509ab925faa9a81ccf04a9c058', - './modules/Project/controller.php' => 'c901668f6b9a9c75dad1ca1cdafd39f6', + './modules/Project/controller.php' => '76888c230e8c8b12b5e43cec7dcc8ac9', './modules/Project/css/style.css' => 'f46ccefd03710380a8079bede95341ce', './modules/Project/css/style_chart.css' => '233f2a964aeed0a7a4db10aaa8397a5b', './modules/Project/delete_project_tasks.php' => '1c2dab740529a1e5a2fbc0e0ce7965d9', @@ -6002,7 +6002,7 @@ $md5_string = array ( './modules/UpgradeWizard/upgradeMetaHelper.php' => '74eb154592e08fec475b3e43908eee01', './modules/UpgradeWizard/upgradeTimeCounter.php' => '375d68c9195bec9cb46ae78ee780f854', './modules/UpgradeWizard/upgradeWizard.js' => 'f52a5ac0e7c17ab9bebdaf1149766a1c', - './modules/UpgradeWizard/upload.php' => 'b736ead70ef9bbffb622b7ff247b6e6a', + './modules/UpgradeWizard/upload.php' => 'c2a0d959177ea5dd45774299b55d4e21', './modules/UpgradeWizard/uw_ajax.php' => 'dc6dd5c6491829bdff9ad33b5f6162ee', './modules/UpgradeWizard/uw_emptyFunctions.php' => '78d1a2e170174830b7dd1522db706828', './modules/UpgradeWizard/uw_files.php' => 'c63402ed2d43b3c6477e8c30859cb32d', @@ -6328,7 +6328,7 @@ $md5_string = array ( './soap.php' => 'e28988c2e0b8e2c484587b537a710525', './sugar_version.json' => 'bdfbcefae2f9af559bef6a36367df7bb', './sugar_version.php' => 'db7b6c8d51f87879fce1e6172eedfbed', - './suitecrm_version.php' => 'e03f4bc7104206ab214f5952a78e38ea', + './suitecrm_version.php' => 'cc4bc58fefbbe53ff0744c20358fa0fa', './themes/SuiteP/css/Dawn/color-palette.scss' => 'e64677d79e1d68c069bdc2dc661c4f99', './themes/SuiteP/css/Dawn/icons.scss' => 'd59f8c5855e7a8df09542a663835a196', './themes/SuiteP/css/Dawn/select.ico' => '22393ad23f16c3f1462455bae8f20279', @@ -9252,4 +9252,4 @@ $md5_string = array ( './themes/default/less/wells.less' => '07cc7d04d7f7f344742f23886cbe5683', './vCard.php' => '3f5273501c464563e5b1247be28b69de', './vcal_server.php' => 'ce4752597ba62a99f791c467339d2500', -); \ No newline at end of file +); diff --git a/modules/Project/controller.php b/modules/Project/controller.php index d4dbc9483cc..a591fcf96cf 100755 --- a/modules/Project/controller.php +++ b/modules/Project/controller.php @@ -486,11 +486,13 @@ public function action_Tooltips() { global $mod_strings; - $start_date = $_REQUEST['start_date']; - $end_date = $_REQUEST['end_date']; - $resource_id = $_REQUEST['resource_id']; + $db = DBManagerFactory::getInstance(); + + $start_date = $db->quote($_REQUEST['start_date']); + $end_date = $db->quote($_REQUEST['end_date']); + $resource_id = $db->quote($_REQUEST['resource_id']); - $projects = explode(",", $_REQUEST['projects']); + $projects = explode(",", $db->quote($_REQUEST['projects'])); $project_where = ""; if (count($projects) > 1 || $projects[0] != '') { $project_where = " AND project_id IN( '" . implode("','", $projects) . "' )"; diff --git a/modules/UpgradeWizard/upload.php b/modules/UpgradeWizard/upload.php index 7d83385a2a3..3c951b55397 100755 --- a/modules/UpgradeWizard/upload.php +++ b/modules/UpgradeWizard/upload.php @@ -118,12 +118,32 @@ $manifest_file = extractManifest($tempFile); if (is_file($manifest_file)) { - require_once($manifest_file); + + //SCAN THE MANIFEST FILE TO MAKE SURE NO COPIES OR ANYTHING ARE HAPPENING IN IT + require_once __DIR__ . '/../../ModuleInstall/ModuleScanner.php'; + + $ms = new ModuleScanner(); + $ms->lockConfig(); + $fileIssues = $ms->scanFile($manifest_file); + if (!empty($fileIssues)) { + $out .= '

' . translate('ML_MANIFEST_ISSUE', 'Administration') . '


'; + $out .= $ms->getIssuesLog(); + break; + } + + list($manifest, $installdefs) = MSLoadManifest($manifest_file); + if ($ms->checkConfig($manifest_file)) { + $out .= '

' . translate('ML_MANIFEST_ISSUE', 'Administration') . '


'; + $out .= $ms->getIssuesLog(); + break; + } + $error = validate_manifest($manifest); if (!empty($error)) { $out = "{$error}
"; break; } + $upgrade_zip_type = $manifest['type']; // exclude the bad permutations diff --git a/suitecrm_version.php b/suitecrm_version.php index 9e0b3c6b5c6..abee9081fd6 100755 --- a/suitecrm_version.php +++ b/suitecrm_version.php @@ -3,5 +3,5 @@ die('Not A Valid Entry Point'); } -$suitecrm_version = '7.12.1'; -$suitecrm_timestamp = '2021-11-19 17:00:00'; +$suitecrm_version = '7.12.2'; +$suitecrm_timestamp = '2021-12-14 17:00:00';