From 9cdfcfb7e04cec1f327e6ed853423b4fc038b4a7 Mon Sep 17 00:00:00 2001 From: Clemente Raposo Date: Fri, 17 Dec 2021 12:34:24 +0000 Subject: [PATCH] SuiteCRM 7.10.35 Release --- ModuleInstall/ModuleScanner.php | 72 +++++++++++++++++++++++--------- README.md | 2 +- download.php | 15 +++++-- files.md5 | 46 ++++++++++---------- modules/Project/controller.php | 10 +++-- modules/UpgradeWizard/upload.php | 22 +++++++++- suitecrm_version.php | 4 +- 7 files changed, 117 insertions(+), 54 deletions(-) diff --git a/ModuleInstall/ModuleScanner.php b/ModuleInstall/ModuleScanner.php index efa5982eb9f..919c9fb2049 100755 --- a/ModuleInstall/ModuleScanner.php +++ b/ModuleInstall/ModuleScanner.php @@ -212,6 +212,7 @@ class ModuleScanner 'call_user_func', 'call_user_func_array', 'create_function', + 'phpinfo', //mutliple files per function call @@ -575,6 +576,7 @@ public function isPHPFile($contents) // found isValidExtension($file)) { - $issues[] = translate('ML_INVALID_EXT'); + $issues[] = translate('ML_INVALID_EXT', 'Administration'); $this->issues['file'][$file] = $issues; return $issues; } if ($this->isConfigFile($file)) { - $issues[] = translate('ML_OVERRIDE_CORE_FILES'); + $issues[] = translate('ML_OVERRIDE_CORE_FILES', 'Administration'); $this->issues['file'][$file] = $issues; + return $issues; } $contents = file_get_contents($file); @@ -609,7 +612,7 @@ public function scanFile($file) if (is_string($token[0])) { switch ($token[0]) { case '`': - $issues['backtick'] = translate('ML_INVALID_FUNCTION') . " '`'"; + $issues['backtick'] = translate('ML_INVALID_FUNCTION', 'Administration') . " '`'"; // no break case '(': if ($checkFunction) { @@ -625,9 +628,15 @@ public function scanFile($file) case T_WHITESPACE: break; case T_EVAL: if (in_array('eval', $this->blackList) && !in_array('eval', $this->blackListExempt)) { - $issues[]= translate('ML_INVALID_FUNCTION') . ' eval()'; + $issues[]= translate('ML_INVALID_FUNCTION', 'Administration') . ' eval()'; } break; + case T_ECHO: + $issues[]= translate('ML_INVALID_FUNCTION', 'Administration') . ' echo'; + break; + case T_EXIT: + $issues[]= translate('ML_INVALID_FUNCTION', 'Administration') . ' exit / die'; + break; case T_STRING: $token[1] = strtolower($token[1]); if ($lastToken !== false && $lastToken[0] == T_NEW) { @@ -651,20 +660,20 @@ public function scanFile($file) // check static blacklist for methods if (!empty($this->methodsBlackList[$token[1]])) { if ($this->methodsBlackList[$token[1]] == '*') { - $issues[]= translate('ML_INVALID_METHOD') . ' ' .$token[1]. '()'; + $issues[]= translate('ML_INVALID_METHOD', 'Administration') . ' ' .$token[1]. '()'; break; } if ($lastToken[0] == T_DOUBLE_COLON && $index > 2 && $tokens[$index-2][0] == T_STRING) { $classname = strtolower($tokens[$index-2][1]); if (in_array($classname, $this->methodsBlackList[$token[1]])) { - $issues[]= translate('ML_INVALID_METHOD') . ' ' .$classname . '::' . $token[1]. '()'; + $issues[]= translate('ML_INVALID_METHOD', 'Administration') . ' ' .$classname . '::' . $token[1]. '()'; break; } } } //this is a method call, check the black list if (in_array($token[1], $this->methodsBlackList)) { - $issues[]= translate('ML_INVALID_METHOD') . ' ' .$token[1]. '()'; + $issues[]= translate('ML_INVALID_METHOD', 'Administration') . ' ' .$token[1]. '()'; } break; } @@ -680,7 +689,7 @@ public function scanFile($file) // no break case T_VARIABLE: $checkFunction = true; - $possibleIssue = translate('ML_INVALID_FUNCTION') . ' ' . $token[1] . '()'; + $possibleIssue = translate('ML_INVALID_FUNCTION', 'Administration') . ' ' . $token[1] . '()'; break; default: @@ -865,18 +874,13 @@ public function scanPackage($path) /** *This function will take all issues of the current instance and print them to the screen **/ - public function displayIssues($package='Package') + public function displayIssues($package = 'Package') { - echo '

'.str_replace('{PACKAGE}', $package, translate('ML_PACKAGE_SCANNING')). '


' . translate('ML_INSTALLATION_FAILED') . '


' .str_replace('{PACKAGE}', $package, translate('ML_PACKAGE_NOT_CONFIRM')). '


' . translate('ML_SUGAR_LOADING_POLICY') . ' ' . translate('ML_SUITE_KB') . '.'. -'
' . translate('ML_AVAIL_RESTRICTION'). ' ' . translate('ML_SUITE_DZ') . '.

'; - - - foreach ($this->issues as $type=>$issues) { - echo '

'. ucfirst($type) .' ' . translate('ML_ISSUES') . '

'; + foreach ($this->issues as $type => $issues) { + echo '

' . ucfirst($type) . ' ' . translate('ML_ISSUES', 'Administration') . '

'; echo '
'; - foreach ($issues as $file=>$issue) { - $file = str_replace($this->pathToModule . '/', '', $file); + foreach ($issues as $file => $issue) { + $file = preg_replace('/.*\//', '', $file); echo '
' . $file . '
'; if (is_array($issue)) { foreach ($issue as $i) { @@ -892,6 +896,36 @@ public function displayIssues($package='Package') echo "
"; } + /** + *This function will take all issues of the current instance and add them to a string + **/ + public function getIssuesLog($package = 'Package') + { + $message = ''; + + foreach ($this->issues as $type => $issues) { + $message .= '

' . ucfirst($type) . ' ' . translate('ML_ISSUES', + 'Administration') . '

'; + $message .= '
'; + foreach ($issues as $file => $issue) { + $file = preg_replace('/.*\//', '', $file); + $message .= '
' . $file . '
'; + if (is_array($issue)) { + foreach ($issue as $i) { + $message .= "$i
"; + } + } else { + $message .= "$issue
"; + } + $message .= "
"; + } + $message .= '
'; + } + + return $message; + } + + /** * Lock config settings */ @@ -911,7 +945,7 @@ public function checkConfig($file) { $config_hash_after = md5(serialize($GLOBALS['sugar_config'])); if ($config_hash_after != $this->config_hash) { - $this->issues['file'][$file] = array(translate('ML_CONFIG_OVERRIDE')); + $this->issues['file'][$file] = array(translate('ML_CONFIG_OVERRIDE', 'Administration')); return $this->issues; } return false; diff --git a/README.md b/README.md index 5f0cce5d5fa..5b8b2e7eac0 100755 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ -# SuiteCRM 7.10.34 +# SuiteCRM 7.10.35 [![Build Status](https://travis-ci.org/salesagility/SuiteCRM.svg?branch=7.10.x)](https://travis-ci.org/salesagility/SuiteCRM) [![codecov](https://codecov.io/gh/salesagility/SuiteCRM/branch/7.10.x/graph/badge.svg)](https://codecov.io/gh/salesagility/SuiteCRM/branch/7.10.x) diff --git a/download.php b/download.php index 41444d0855c..4b225630081 100755 --- a/download.php +++ b/download.php @@ -206,7 +206,7 @@ $mime_type = 'application/octet-stream'; break; } - + if ($doQuery && isset($query)) { $rs = DBManagerFactory::getInstance()->query($query); $row = DBManagerFactory::getInstance()->fetchByAssoc($rs); @@ -261,7 +261,14 @@ } } else { header('Content-type: ' . $mime_type); - if (isset($_REQUEST['preview']) && $_REQUEST['preview'] === 'yes' && $mime_type !== 'text/html') { + + $showPreview = false; + + if (in_array($row['file_ext'], $sugar_config['allowed_preview'], true)) { + $showPreview = isset($_REQUEST['preview']) && $_REQUEST['preview'] === 'yes' && $mime_type !== 'text/html'; + } + + if ($showPreview === true) { header('Content-Disposition: inline; filename="' . $name . '";'); } else { header('Content-Disposition: attachment; filename="' . $name . '";'); @@ -281,8 +288,8 @@ ob_start(); echo clean_file_output(file_get_contents($download_location), $mime_type); - + $output = ob_get_contents(); ob_end_clean(); - + echo $output; diff --git a/files.md5 b/files.md5 index 8440b4fbf7e..30c21eb3f71 100755 --- a/files.md5 +++ b/files.md5 @@ -1,5 +1,5 @@ '69a1e7b3d7755a2a63499a16ddae81cf', './Api/Core/Config/slim.php' => 'b134e68765e6a1403577e2a5a06322b8', @@ -102,7 +102,7 @@ $md5_string = array ( './HandleAjaxCall.php' => '954cebdd8ea2ab1e5c03658b184322fd', './LICENSE.txt' => 'd3f150e4a5bed444763ebe8a81742a95', './ModuleInstall/ModuleInstaller.php' => '201e25734f64c614751832be8764d4ea', - './ModuleInstall/ModuleScanner.php' => '235afbf95be7b4e038bca439533b368d', + './ModuleInstall/ModuleScanner.php' => '5bd029e1955c5c243ce4cc567cc99367', './ModuleInstall/PackageManager/ListViewPackages.php' => 'c2b39c260c2f379abcf241217160029a', './ModuleInstall/PackageManager/PackageController.php' => 'b4b62aeec877007d5a904b7e7406f908', './ModuleInstall/PackageManager/PackageManager.php' => '94c11752b9ab8bcec3f77ed59cdd7422', @@ -115,7 +115,7 @@ $md5_string = array ( './ModuleInstall/PackageManager/tpls/PackageManagerLicense.tpl' => 'df5e267d1df5ce08fb9406e42d5b4816', './ModuleInstall/PackageManager/tpls/PackageManagerScripts.tpl' => '98e396c0aa57329731fda19c790fffb2', './ModuleInstall/extensions.php' => '87596ad3f28a39c996a5551cad3b5cab', - './README.md' => '2945c7eb2a50df410d9bbcfd65a3e2ef', + './README.md' => 'd001bd0256d3fd89ebf9775386fdc5b4', './RoboFile.php' => '045b82c1df69553824d0e4ffcce6e03c', './SugarSecurity.php' => '47e316b2d408e8c5192c8ea4a4f921b3', './TreeData.php' => '32873e20cb5fd33f9d1cdaf18c3cac5c', @@ -522,7 +522,7 @@ $md5_string = array ( './data/SugarBean.php' => '570930b7f8bc50c1d063ebb6c8ac170b', './deprecated.php' => 'f5f507fd6314f38d29c97e2cc2c62239', './dictionary.php' => 'b7c1370fb75a2940c04db74627c4462c', - './download.php' => 'f2d366039d134ac463ff1e75634ce509', + './download.php' => '1d337efcbfc68d524faab8c4460e107a', './emailmandelivery.php' => 'e079e094dd3d4e361670a179f50b1fdd', './export.php' => 'a7364fa8acd13057d4b77f596d9fdb39', './ical_server.php' => '36acd0eb4bdabcdb8c70497b5cc79d16', @@ -3910,17 +3910,17 @@ $md5_string = array ( './modules/AOW_Processed/metadata/subpanels/default.php' => 'a854bad4c87fee3ae01b971e88041b66', './modules/AOW_Processed/vardefs.php' => 'b8116bafbeac63b860466832c444da40', './modules/AOW_Processed/views/view.list.php' => '38e5458ec6e3b5cc188c165ac1af2b2b', - './modules/AOW_WorkFlow/AOW_WorkFlow.php' => '2f5ffcb6572a91220039cbd22e3bbabf', + './modules/AOW_WorkFlow/AOW_WorkFlow.php' => '5268c7af05df606e2dd9de53da1fc41f', './modules/AOW_WorkFlow/Dashlets/AOW_WorkFlowDashlet/AOW_WorkFlowDashlet.meta.php' => '307d5c5c4e36070f26fcd7019a7c3ce7', './modules/AOW_WorkFlow/Dashlets/AOW_WorkFlowDashlet/AOW_WorkFlowDashlet.php' => '9df3265e560ec57ed8bfaffca5335b66', './modules/AOW_WorkFlow/Menu.php' => 'bda4b71d876e065f7661bce4a91bde57', './modules/AOW_WorkFlow/aow_utils.php' => '0f06117126fbfe5cc6fa498a6ddbb4b8', './modules/AOW_WorkFlow/controller.php' => '8c09b64fd23731850eeece646584a375', - './modules/AOW_WorkFlow/language/en_us.lang.php' => 'd3f5d7f63df072fe0d79bc5385dadbbf', + './modules/AOW_WorkFlow/language/en_us.lang.php' => '3257fefa8880da77ef4c90c08fab9dad', './modules/AOW_WorkFlow/metadata/SearchFields.php' => '125fca8f181fd8c4fbb159fd71096bd7', './modules/AOW_WorkFlow/metadata/dashletviewdefs.php' => '113c2f1f0cd10818f564704bcca7c14c', - './modules/AOW_WorkFlow/metadata/detailviewdefs.php' => 'ccf1b5c10936884a44e2f155ab71afeb', - './modules/AOW_WorkFlow/metadata/editviewdefs.php' => 'af6bae5b500c168cee317f9f166a0a2a', + './modules/AOW_WorkFlow/metadata/detailviewdefs.php' => 'd585f5d2191dc56f4f8bf2e9e218e45d', + './modules/AOW_WorkFlow/metadata/editviewdefs.php' => '28914aa96a091ec183728f71006ae689', './modules/AOW_WorkFlow/metadata/listviewdefs.php' => '9068575782d803d94517c12954fb0a0e', './modules/AOW_WorkFlow/metadata/metafiles.php' => '7584c90c84e8a96b21d38eb28d5eeeb9', './modules/AOW_WorkFlow/metadata/popupdefs.php' => '63d9d82f9a867498d239b8774366302c', @@ -3928,7 +3928,7 @@ $md5_string = array ( './modules/AOW_WorkFlow/metadata/searchdefs.php' => 'b87c0f0ee913106deaee64b8f53dce54', './modules/AOW_WorkFlow/metadata/subpaneldefs.php' => '622ff373a39724c4555fe77dac4f4466', './modules/AOW_WorkFlow/metadata/subpanels/default.php' => 'ad81319c7fcbcf54e938a93c865e1b57', - './modules/AOW_WorkFlow/vardefs.php' => '627e2c280f00bb5350b6d275da79af70', + './modules/AOW_WorkFlow/vardefs.php' => 'c82a06b7557d68cfbc6d44461bddf86f', './modules/Accounts/Account.js' => '363f97788fd67766e867ac749a6272bf', './modules/Accounts/Account.php' => '889a6c753277a839fb7961d8d8ca5a4e', './modules/Accounts/AccountFormBase.php' => '03eb01512d8cec01a5022a25db83be5d', @@ -4797,7 +4797,7 @@ $md5_string = array ( './modules/EmailMan/Forms.php' => 'd939f3555ef708f533a77c77b696ccd8', './modules/EmailMan/Menu.php' => '9fec01e70c034091a9fe652a61407886', './modules/EmailMan/action_view_map.php' => 'e4b8e3c021d90ed66c74caa7e1f8e4c5', - './modules/EmailMan/controller.php' => '3af2309adb15b87358d1c08b35a7d280', + './modules/EmailMan/controller.php' => '6a79f210b78331386f738a2d6e1a1c78', './modules/EmailMan/field_arrays.php' => '46faacb2ea303c961a1871ea613a455f', './modules/EmailMan/language/en_us.lang.php' => 'ba2d83e744656eeb3aae03f3dc5c0396', './modules/EmailMan/metadata/SearchFields.php' => '16ab0bf5917fd13e2bb8dd99c3444dd8', @@ -4901,7 +4901,7 @@ $md5_string = array ( './modules/Emails/include/ComposeView/ComposeView.tpl' => '1ec29fbb9803c24e5ed8a12155668e58', './modules/Emails/include/ComposeView/ComposeViewBlank.tpl' => '22365ce6727ffb560e5ad3fc187f13f2', './modules/Emails/include/ComposeView/ComposeViewToolbar.tpl' => '656b26827857375278124e4610b9ff06', - './modules/Emails/include/ComposeView/EmailsComposeView.js' => '5c836fdc4d36bb39c6b027f13f9724db', + './modules/Emails/include/ComposeView/EmailsComposeView.js' => '5be2c694952733d64dbf75a208534f28', './modules/Emails/include/DetailView/EmailsDetailView.php' => 'f95937f398f37afe3927ecc035b8b743', './modules/Emails/include/DetailView/EmailsDraftDetailView.php' => 'baafca815e89a4c0ec3df8b6192552ea', './modules/Emails/include/DetailView/EmailsNonImportedDetailView.php' => 'ef9ecbcf65fa6f03e32f94b6a9805b2f', @@ -5574,12 +5574,12 @@ $md5_string = array ( './modules/OAuth2Clients/js/PasswordCredentialsValidation.js' => 'd20b36468c15522c07606ddfe6204c64', './modules/OAuth2Clients/language/en_us.lang.php' => '41cc684474703a8d6f1c7ba76b4a900f', './modules/OAuth2Clients/metadata/SearchFields.php' => '0c30055d8ac347f228fe8fd18891c01e', - './modules/OAuth2Clients/metadata/detailcredentialsviewdefs.php' => 'cfcc4106c19bbd7820f20b93ef92f831', - './modules/OAuth2Clients/metadata/detailpasswordviewdefs.php' => '05bad4c0938bd89a725a95219d4b7ca3', - './modules/OAuth2Clients/metadata/detailviewdefs.php' => '752ef40916c7b1da82415063ece8638b', - './modules/OAuth2Clients/metadata/editcredentialsviewdefs.php' => 'ff8140e9404e2baacd2d7328e0bd0aeb', - './modules/OAuth2Clients/metadata/editpasswordviewdefs.php' => '37d0505b27bba6fb6fe79378187f1a94', - './modules/OAuth2Clients/metadata/editviewdefs.php' => '087f5db2a82577312f2d7a384ede2ec6', + './modules/OAuth2Clients/metadata/detailcredentialsviewdefs.php' => '7b697367c75b861cc31f3908c891a424', + './modules/OAuth2Clients/metadata/detailpasswordviewdefs.php' => 'a0ff587a982ccb98c693a95083d12c37', + './modules/OAuth2Clients/metadata/detailviewdefs.php' => '06a24351d5c0c05134efb22a779562ef', + './modules/OAuth2Clients/metadata/editcredentialsviewdefs.php' => '4d247876f3ba72caea12bf2218313357', + './modules/OAuth2Clients/metadata/editpasswordviewdefs.php' => '03e345601ae7834a3db7eeeb23b50173', + './modules/OAuth2Clients/metadata/editviewdefs.php' => 'e5f20eb75f4f9c90ebed7e913cea5dca', './modules/OAuth2Clients/metadata/listviewdefs.php' => '4282034fa7a8316948346787d4641c65', './modules/OAuth2Clients/metadata/metafiles.php' => '41cd83567c02ce1a8edc8634307f5cdd', './modules/OAuth2Clients/metadata/popupdefs.php' => '7a2066ca250a032afb73d2feb5026d5a', @@ -5677,8 +5677,8 @@ $md5_string = array ( './modules/OutboundEmailAccounts/language/en_us.lang.php' => '9b9becdbac51bb11ec5009007f7aa682', './modules/OutboundEmailAccounts/metadata/SearchFields.php' => 'b1d3821e188938066156f0c85d4e37fe', './modules/OutboundEmailAccounts/metadata/dashletviewdefs.php' => '93e262245007ffc79f1ff9938e8bbac9', - './modules/OutboundEmailAccounts/metadata/detailviewdefs.php' => '464e6ae2faa0d79b72999ca462dd9fa9', - './modules/OutboundEmailAccounts/metadata/editviewdefs.php' => 'c52ee86e9832d7c210134710d98396d6', + './modules/OutboundEmailAccounts/metadata/detailviewdefs.php' => '948df4801e3d229ea4bac06e247fd643', + './modules/OutboundEmailAccounts/metadata/editviewdefs.php' => 'f28a1bf18ca13bcfe8229c1d5fa6eee4', './modules/OutboundEmailAccounts/metadata/listviewdefs.php' => 'b55ab9fcc7b7fe5dc24847570f53c5c6', './modules/OutboundEmailAccounts/metadata/metafiles.php' => 'd163cfdaa7fa3d697326f798bbcc6867', './modules/OutboundEmailAccounts/metadata/popupdefs.php' => '3464601d89e63838c93f7bfcd2142eec', @@ -5704,7 +5704,7 @@ $md5_string = array ( './modules/Project/SubPanelView.php' => 'af95a6ef52973f660100c71164dd42fe', './modules/Project/action_view_map.php' => 'bfb14b59f2e972e576ab76d3d5aceac0', './modules/Project/chart.php' => 'a7372c5e93317f570c4570b7bd34f71e', - './modules/Project/controller.php' => 'f7a1625bad7e30c8407b26eabca31f26', + './modules/Project/controller.php' => 'a8bd59dc59f9cf503d21cf16514d59e3', './modules/Project/css/style.css' => 'f46ccefd03710380a8079bede95341ce', './modules/Project/css/style_chart.css' => '233f2a964aeed0a7a4db10aaa8397a5b', './modules/Project/delete_project_tasks.php' => '1c2dab740529a1e5a2fbc0e0ce7965d9', @@ -6254,7 +6254,7 @@ $md5_string = array ( './modules/UpgradeWizard/upgradeMetaHelper.php' => '800c97e8653bba6168392cb7fb1aeb2c', './modules/UpgradeWizard/upgradeTimeCounter.php' => 'dd3927b75efa08402bd0e2062140ce8c', './modules/UpgradeWizard/upgradeWizard.js' => 'f9257d89ca94aacd912a1e5b9a8016b8', - './modules/UpgradeWizard/upload.php' => 'dfa84b530eea7d4cf027aa69be29b470', + './modules/UpgradeWizard/upload.php' => 'f18f412726b4dcbb2c436d7f2e7aa6c3', './modules/UpgradeWizard/uw_ajax.php' => 'dc6dd5c6491829bdff9ad33b5f6162ee', './modules/UpgradeWizard/uw_emptyFunctions.php' => '78d1a2e170174830b7dd1522db706828', './modules/UpgradeWizard/uw_files.php' => 'acff8db8712e3f892d46e6dcdcf13fbc', @@ -6577,7 +6577,7 @@ $md5_string = array ( './soap.php' => 'e28988c2e0b8e2c484587b537a710525', './sugar_version.json' => 'bdfbcefae2f9af559bef6a36367df7bb', './sugar_version.php' => 'db7b6c8d51f87879fce1e6172eedfbed', - './suitecrm_version.php' => '8038561cf0d7daf2f4434655fa3e4661', + './suitecrm_version.php' => 'efb3eed2d1d827d27740c8128423d089', './themes/SuiteP/css/Dawn/color-palette.scss' => 'f85621a6c8b0cd015a8c4703e83e519b', './themes/SuiteP/css/Dawn/icons.scss' => 'd59f8c5855e7a8df09542a663835a196', './themes/SuiteP/css/Dawn/style.css' => '96e228603dfc1458e19c4d07013f2ef3', @@ -9492,4 +9492,4 @@ $md5_string = array ( './themes/default/less/wells.less' => '07cc7d04d7f7f344742f23886cbe5683', './vCard.php' => '3f5273501c464563e5b1247be28b69de', './vcal_server.php' => 'ce4752597ba62a99f791c467339d2500', -); \ No newline at end of file +); diff --git a/modules/Project/controller.php b/modules/Project/controller.php index 62cedd7b27b..bc9247d3dcb 100755 --- a/modules/Project/controller.php +++ b/modules/Project/controller.php @@ -484,11 +484,13 @@ public function action_Tooltips() { global $mod_strings; - $start_date = $_REQUEST['start_date']; - $end_date = $_REQUEST['end_date']; - $resource_id = $_REQUEST['resource_id']; + $db = DBManagerFactory::getInstance(); + + $start_date = $db->quote($_REQUEST['start_date']); + $end_date = $db->quote($_REQUEST['end_date']); + $resource_id = $db->quote($_REQUEST['resource_id']); - $projects = explode(",", $_REQUEST['projects']); + $projects = explode(",", $db->quote($_REQUEST['projects'])); $project_where = ""; if (count($projects) > 1 || $projects[0] != '') { $project_where = " AND project_id IN( '" . implode("','", $projects) . "' )"; diff --git a/modules/UpgradeWizard/upload.php b/modules/UpgradeWizard/upload.php index f977a8fdd16..e32fe4d7703 100755 --- a/modules/UpgradeWizard/upload.php +++ b/modules/UpgradeWizard/upload.php @@ -118,12 +118,32 @@ $manifest_file = extractManifest($tempFile); if (is_file($manifest_file)) { - require_once($manifest_file); + + //SCAN THE MANIFEST FILE TO MAKE SURE NO COPIES OR ANYTHING ARE HAPPENING IN IT + require_once __DIR__ . '/../../ModuleInstall/ModuleScanner.php'; + + $ms = new ModuleScanner(); + $ms->lockConfig(); + $fileIssues = $ms->scanFile($manifest_file); + if (!empty($fileIssues)) { + $out .= '

' . translate('ML_MANIFEST_ISSUE', 'Administration') . '


'; + $out .= $ms->getIssuesLog(); + break; + } + + list($manifest, $installdefs) = MSLoadManifest($manifest_file); + if ($ms->checkConfig($manifest_file)) { + $out .= '

' . translate('ML_MANIFEST_ISSUE', 'Administration') . '


'; + $out .= $ms->getIssuesLog(); + break; + } + $error = validate_manifest($manifest); if (!empty($error)) { $out = "{$error}
"; break; } + $upgrade_zip_type = $manifest['type']; // exclude the bad permutations diff --git a/suitecrm_version.php b/suitecrm_version.php index 27f24fe70e4..a0edbac5c83 100755 --- a/suitecrm_version.php +++ b/suitecrm_version.php @@ -3,5 +3,5 @@ die('Not A Valid Entry Point'); } -$suitecrm_version = '7.10.34'; -$suitecrm_timestamp = '2021-11-19 17:00:00'; +$suitecrm_version = '7.10.35'; +$suitecrm_timestamp = '2021-12-14 17:00:00';