Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Release 6.1.6

  • Loading branch information...
commit 5354e712487076ae15ac99ddea783c1bb3370c64 1 parent cffbac3
@jmertic jmertic authored
View
40 files.md5
@@ -1,5 +1,5 @@
<?php
-// created: 2011-05-11 12:02:07
+// created: 2011-05-25 17:22:58
$md5_string = array (
'./LICENSE.txt' => 'd3f150e4a5bed444763ebe8a81742a95',
'./.htaccess' => 'd41d8cd98f00b204e9800998ecf8427e',
@@ -1167,7 +1167,7 @@ $md5_string = array (
'./themes/Sugar5/css/print.css' => '629df961f98baab29b4530b56322a1ca',
'./themes/Sugar5/css/deprecated.css' => '13f41876c3a31bde4ac2e1223bdd707c',
'./themes/Sugar5/css/chart.css' => 'dda00a834e88692f3d08bec70db12dc9',
- './sugar_version.php' => '0a58a28168a638cf32e8d03bc3c00161',
+ './sugar_version.php' => '6a06e4f7d1b224ef70b35e2b83e0553d',
'./soap/SoapTypes.php' => 'b44fab9d2a11ee705798529a17ccd24e',
'./soap/SoapSugarUsers.php' => '5e65b5fc02625c7dedddb9d3aa21f838',
'./soap/SoapStudio.php' => '08ff60f88df7da98b081a199510858f8',
@@ -1699,7 +1699,7 @@ $md5_string = array (
'./modules/Notes/Menu.php' => '80e4a5be7e5f7a316f11f43e646e7dab',
'./modules/MySettings/language/en_us.lang.php' => '7ab73e2c534ab7d66597730282c87ae3',
'./modules/MySettings/TabController.php' => '5bccbc225eae09c59583f438f1525a1b',
- './modules/MySettings/StoreQuery.php' => '564278c216b2499185ec0dc954629925',
+ './modules/MySettings/StoreQuery.php' => '71ba3168bc08f0ab9c8f790a2b49b8fb',
'./modules/MySettings/LoadTabSubpanels.php' => 'a255e18695ce5a628f77ea5ee52cf87e',
'./modules/ModuleBuilder/views/view.wizard.php' => 'dce66b495e40714975affaa31a6fb324',
'./modules/ModuleBuilder/views/view.tree.php' => '8c422f84d52636a46249e3156a45b150',
@@ -1948,7 +1948,7 @@ $md5_string = array (
'./modules/LabelEditor/Forms.php' => 'fbafcea6235be8a109124d1870e5c76d',
'./modules/LabelEditor/EditView.php' => '1c932d2d28064843f23ba12afb58a36e',
'./modules/LabelEditor/EditView.html' => 'd26998cd92945e931f4207509bd8444f',
- './modules/InboundEmail/InboundEmail.js' => '98639b43e066108023362ac1c6606b51',
+ './modules/InboundEmail/InboundEmail.js' => '0316c7387fca4d032dcc2b08f042649d',
'./modules/InboundEmail/vardefs.php' => 'b502ad0ed0fbd0756c8dbfea8e6f0c3b',
'./modules/InboundEmail/parseEncoding.php' => 'e577543f1dd4acdd9e1e56873612abe1',
'./modules/InboundEmail/language/en_us.lang.php' => '6efdc5c47a673ba196569159bb1da72f',
@@ -1957,15 +1957,15 @@ $md5_string = array (
'./modules/InboundEmail/View.html' => '58f26da62e64f0630806e6dde187a357',
'./modules/InboundEmail/ShowInboundFoldersList.php' => '45d7e8bfbff96456cb27a9f1ef3eea3c',
'./modules/InboundEmail/SaveGroupFolder.php' => 'b25cf3f6fae0a6220773c43966dfccdc',
- './modules/InboundEmail/Save.php' => 'b1cdb79a734b377a20b19986ae32ed89',
+ './modules/InboundEmail/Save.php' => 'c7ac2090b7c9591f7194cd0555e57e07',
'./modules/InboundEmail/Popup.php' => 'dae5482f102fb7cbbcedd46b2cf6a550',
'./modules/InboundEmail/Menu.php' => '79c0619ae84aa23303de599889406019',
'./modules/InboundEmail/ListView.php' => '693d6cb94dede156a0ddf15b031ff031',
'./modules/InboundEmail/ListView.html' => 'd198339eed60a1f901c0082646ac3707',
'./modules/InboundEmail/InboundEmailTest.php' => '18e54a84dd10ebbdb875c4a0c2887bc9',
'./modules/InboundEmail/InboundEmail.php' => 'c1f7a1e8522acea3e9d7cadc636799e9',
- './modules/InboundEmail/EditView.php' => '4dd0ce851a2b0202db293e15012e59c1',
- './modules/InboundEmail/EditView.html' => '01adf407ad0d15c6cac64d94ea9d4168',
+ './modules/InboundEmail/EditView.php' => '65b84941e7dafdad0a07f4b24280e6fb',
+ './modules/InboundEmail/EditView.html' => '1b501d7069cea6166695fbb5593f3f8d',
'./modules/InboundEmail/EditGroupFolder.php' => '52d841e00eeb5d43c736de0adbc5293f',
'./modules/InboundEmail/DetailView.php' => '83323c4e3516f55322d710e296fd518d',
'./modules/InboundEmail/DetailView.html' => 'c26f51c1f5b4d301c56e773de896758d',
@@ -2156,7 +2156,7 @@ $md5_string = array (
'./modules/Emails/javascript/ajax.js' => '8817d5d11cade523f3304d4272a4a5b8',
'./modules/Emails/javascript/EmailUIShared.js' => 'a7be59721553f5754aa4a5b1ca719c08',
'./modules/Emails/javascript/EmailUICompose.js' => '833266297da57f1372a375a70e6d853a',
- './modules/Emails/javascript/EmailUI.js' => '8862b6b07998241cd1fe07fb53d326d2',
+ './modules/Emails/javascript/EmailUI.js' => 'e80bc7f2ca47aead2c4fd119cfd77ebc',
'./modules/Emails/javascript/Email.js' => '9374349209d72680155e1e886a6b8ed5',
'./modules/Emails/index.php' => '6cc6a189db79619fe86fe1469e9ff7d3',
'./modules/Emails/images/sugarGroup.gif' => 'ad21210176b6a2a10a7a9b8f876ad83b',
@@ -2199,7 +2199,7 @@ $md5_string = array (
'./modules/Emails/Grab.php' => '95a6e008baa1cdeebbf72a74bf72db68',
'./modules/Emails/GenerateQuickComposeFrame.php' => '0c9dbc7d32d522b624198d21f57f6338',
'./modules/Emails/EmailUIAjax.php' => '754dd8c922055582cdabc7083cb33d7c',
- './modules/Emails/EmailUI.php' => 'aeb03bef97950ad4d02b3abc9bc33efe',
+ './modules/Emails/EmailUI.php' => '590deec65bb2b5643dada7d205e20e3e',
'./modules/Emails/EmailUI.css' => 'daf7eb7d61e5b8777613d4f550bfa572',
'./modules/Emails/Email.php' => '4fce8da7c26a1dccf2613d3dc87ed300',
'./modules/Emails/EditViewArchive.html' => 'ad802e567b75e39a6c7885bbb8fb9fcc',
@@ -3025,7 +3025,7 @@ $md5_string = array (
'./jssource/src_files/include/javascript/quickCompose.js' => 'c87742cdae04b75afc7e59c9e9440d39',
'./jssource/src_files/include/javascript/quicksearch.js' => 'ed496427bcc648a621262401c67416ae',
'./jssource/src_files/include/javascript/report_additionals.js' => '7d8f86186481775d3f2b9577f62d7e01',
- './jssource/src_files/include/javascript/sugar_3.js' => '32e3120af5ad4f6747fa9784d7995888',
+ './jssource/src_files/include/javascript/sugar_3.js' => '10dc988f36d82c8621d05ebb4acc2d0f',
'./jssource/src_files/include/javascript/sugar_connection_event_listener.js' => '3f0ed5a6340391e82521b208d6b39e8d',
'./jssource/src_files/include/javascript/sugarwidgets/SugarYUILoader.js' => '91ce3f8311a938d63f6f4f41a2780855',
'./jssource/src_files/include/javascript/sugarwidgets/SugarYUIWidgets.js' => '18d0fbff67ee96b852f8d3bf2d033978',
@@ -3328,7 +3328,7 @@ $md5_string = array (
'./jssource/src_files/modules/Documents/documents.js' => '3b068dac2a20816b5bfda33f1b1e9a4d',
'./jssource/src_files/modules/EmailTemplates/EmailTemplate.js' => '5f31b123e46b4e18c59e890bed779e45',
'./jssource/src_files/modules/Home/about.js' => '21f5494869cd5700b0c552747ad8c0f7',
- './jssource/src_files/modules/InboundEmail/InboundEmail.js' => '9d3e15f052ad39415c3a93db8b0e8915',
+ './jssource/src_files/modules/InboundEmail/InboundEmail.js' => '3c95d3d5e7a57c6148ee692d4eb698e4',
'./jssource/src_files/modules/Leads/Lead.js' => 'd06ef9e18d4c85fa7aedf57cdb5fc9e7',
'./jssource/src_files/modules/Meetings/jsclass_scheduler.js' => '007c932cc101de1394d949008ed79c68',
'./jssource/src_files/modules/MergeRecords/Merge.js' => '753cc64c1b94ed8f161112d17a3e0b0e',
@@ -3521,7 +3521,7 @@ $md5_string = array (
'./include/utils/progress_bar_utils.php' => '72633b667109464bafa8fc027c9938d4',
'./include/utils/zip_utils.php' => '68ea31cbab69f33f9d30f386a9cc7982',
'./include/utils/logic_utils.php' => 'a59013e866e3bed66ea19d404dad3a5d',
- './include/utils/mvc_utils.php' => 'f70cadb0d668630f000d8abe826d1c91',
+ './include/utils/mvc_utils.php' => '976d659ec3eb176891611b4a7ce3ecf9',
'./include/utils/file_utils.php' => '87b90ab168c1e0f45860150fe1572dc0',
'./include/utils/layout_utils.php' => '8942e9784ca325da2aad70cb956f16c7',
'./include/utils/external_cache.php' => '2d018926a89efdc108192dfcf7be0981',
@@ -3531,7 +3531,7 @@ $md5_string = array (
'./include/utils/array_utils.php' => 'e19705c0c995be8545441c1fcdf01e84',
'./include/utils/activity_utils.php' => 'fc0b073a8b715799ec088c1452378686',
'./include/utils/LogicHook.php' => 'e4e3a8576e115f0282ed513068349c26',
- './include/utils.php' => '1fe2a7ba8ca53e71e93c882b7af120da',
+ './include/utils.php' => 'b0225df0ec0f5fb8d0ba499e687a20ec',
'./include/upload_file.php' => 'c50b407f1908ad5e986ca428ec4548f0',
'./include/timezone/timezones.php' => 'c1b535767fd4bb7fdb04d03a91ceed6c',
'./include/templates/TemplateGroupChooser.php' => '1971bdb38d86951c192a3f97e38a2ead',
@@ -3648,13 +3648,13 @@ $md5_string = array (
'./include/jsolait/copying.txt' => '7fbc338309ac38fefcd64b04bb903e34',
'./include/jsolait/LICENSE' => '7fbc338309ac38fefcd64b04bb903e34',
'./include/javascript/sugar_grp_quickcomp.js' => '4ccbb96c80dc11464eb3ffceb4731bb2',
- './include/javascript/sugar_grp_emails.js' => '2550f85987f1ad5aae1bfbdbcd29dc98',
+ './include/javascript/sugar_grp_emails.js' => '61b0937d25e32b9952a1adf498a5e5fe',
'./include/javascript/sugar_grp_overlib.js' => '697dc29858751a3a9848ded2d5cc9638',
'./include/javascript/sugar_grp_yui2.js' => '810b0d52b0d73ca309673fa8c88f7275',
'./include/javascript/sugar_grp_yui_widgets.css' => 'f3b4057fe9151a52174c1f6b252495fd',
'./include/javascript/sugar_grp_yui_widgets.js' => '35ddcaaacf3a5bd2536d64cad5b8e9d2',
'./include/javascript/sugar_grp1_yui.js' => '8c4c32d01308873b67a9fdabad62ff23',
- './include/javascript/sugar_grp1.js' => 'bdda53634008e1a507c1e99d4db3474e',
+ './include/javascript/sugar_grp1.js' => 'e8364ee8df20533820c552f52e7a5acc',
'./include/javascript/cookie.js' => 'de61d7b1eb4ba59186984d89f628eae2',
'./include/javascript/dashlets.js' => 'c58cce8a83dbb9623b5260c45a8b154f',
'./include/javascript/include.js' => '111549b33d8ca4011ca99a23105050fe',
@@ -3668,7 +3668,7 @@ $md5_string = array (
'./include/javascript/quickCompose.js' => '8702e1904189f22c31f88b05e22398e7',
'./include/javascript/quicksearch.js' => 'fe8c4431483099b608ebe483d6e61ca3',
'./include/javascript/report_additionals.js' => 'bfb26a986bc020109f20b703fa6a6a9d',
- './include/javascript/sugar_3.js' => 'e08212c87039664102e218ede7f5285c',
+ './include/javascript/sugar_3.js' => '27e07dcd71753cd4361523a93781b9a1',
'./include/javascript/sugar_connection_event_listener.js' => '119ff2a497fd3c53d9f9a9b3d2226357',
'./include/javascript/swfobject.js' => '52ce7b9e2bf41b265102db45f6cc765a',
'./include/javascript/yui3/index.html' => '9ff89ada5571d6d03eccc45dad57bb16',
@@ -5186,7 +5186,7 @@ $md5_string = array (
'./include/Pear/XML_HTMLSax3/HTMLSax3/Decorators.php' => '34a9a95566c891f013584073fbadaf7e',
'./include/Pear/XML_HTMLSax3/HTMLSax3.php' => '11107d97b19feb13feb394cd858603f0',
'./include/Pear/HTML_Safe/license.txt' => 'a9001003ee71c8e4ca0337600994e7ac',
- './include/Pear/HTML_Safe/Safe.php' => '2ec6ff323a1057c0b94eda37a4caa480',
+ './include/Pear/HTML_Safe/Safe.php' => '5150c0e33710edd9bdb5310627b89f63',
'./include/Pear/Crypt_Blowfish/license.txt' => 'a45bb1bbeed9e26b26c5763df1d3913d',
'./include/Pear/Crypt_Blowfish/Blowfish/DefaultKey.php' => '8274b556662cc178342ea96940b36514',
'./include/Pear/Crypt_Blowfish/Blowfish.php' => 'b391980575340d0fe5bf2df72bc13932',
@@ -5200,7 +5200,7 @@ $md5_string = array (
'./include/MySugar/javascript/MySugar.js' => '95480bf96ab6fe08446e52b8c1236557',
'./include/MySugar/MySugar.php' => '8db3f12d62d5827268dfe4a3b26226a8',
'./include/MySugar/DashletsDialog/DashletsDialog.php' => '3725a75570ef02be822d74e31a6f1e7f',
- './include/MassUpdate.php' => 'ded360481afe54017d6b03310076d4fb',
+ './include/MassUpdate.php' => 'f629206b4831db64f79e84ff25f4fb6d',
'./include/MVC/View/views/view.xml.php' => '899ce32b620a040d2f04dd32bf32cd6d',
'./include/MVC/View/views/view.vcard.php' => 'f40aefcaf222ae87d5717603327a4ceb',
'./include/MVC/View/views/view.sugarpdf.php' => 'fffb5f92357ed83e618ccf726747443e',
@@ -5242,10 +5242,10 @@ $md5_string = array (
'./include/ListView/ListViewNoMassUpdate.tpl' => 'eed55b49e2b787d71106e4e54d30f45f',
'./include/ListView/ListViewGeneric.tpl' => '3754068a0f671ff29a8cafaa3cc0a9b0',
'./include/ListView/ListViewFacade.php' => '09ab474e08eb514a7fe506b6faa3abae',
- './include/ListView/ListViewDisplay.php' => '376d5c1d6c416da74bd6aa4a24ac0fc1',
+ './include/ListView/ListViewDisplay.php' => '5f27ca090ca9f374d8a057d433cb87fb',
'./include/ListView/ListViewData.php' => '36876ea156812985f1155fcf439406e9',
'./include/ListView/ListView.php' => '8baaa72b1b8c6fe24a82baedc8deadd0',
- './include/JSON.php' => '1a8d53c6b92eb5886884a6fb923dbf38',
+ './include/JSON.php' => 'a2b128a1daf3994ee1245b38bd7d9e26',
'./include/HTTP_WebDAV_Server/license.txt' => 'a45bb1bbeed9e26b26c5763df1d3913d',
'./include/HTTP_WebDAV_Server/dav.txt' => 'c5235ed64efa685da638c6dcdb6a9708',
'./include/HTTP_WebDAV_Server/Tools/_parse_proppatch.php' => '70971e2e4a07137ef26d6f4777194a9c',
View
24 include/JSON.php
@@ -98,7 +98,7 @@ class JSON
{
// cn: bug 12274 - the below defend against CSRF (see desc for whitepaper)
var $prescript = "while(1);/*";
- var $postscript = "*/";
+ var $postscript = "*/";
/**
* Specifies whether caching should be used
@@ -107,7 +107,7 @@ class JSON
* @access private
*/
var $_use_cache = true;
-
+
/**
* constructs a new JSON instance
*
@@ -216,14 +216,14 @@ function utf82utf16($utf8)
// ignoring UTF-32 for now, sorry
return '';
}
-
-
+
+
/**
* Wrapper for original "encode()" method - allows the creation of a security envelope
* @param mixed var Variable to be JSON encoded
* @param bool addSecurityEnvelope Default false
*/
- function encode($var, $addSecurityEnvelope=false) {
+ function encode($var, $addSecurityEnvelope=false, $encodeSpecial = false) {
$use_cache_on_at_start = $this->_use_cache;
if ($this->_use_cache) {
$cache_key = 'JSON_encode_' . ((is_array($var) || is_object($var)) ? md5(serialize($var)) : $var)
@@ -246,6 +246,14 @@ function encode($var, $addSecurityEnvelope=false) {
$encoded_var = $this->prescript . $encoded_var . $this->postscript;
}
+ if ($encodeSpecial) {
+ $charMap = array('<' => '\u003C', '>' => '\u003E', "'" => '\u0027', '&' => '\u0026');
+ foreach($charMap as $c => $enc)
+ {
+ $encoded_var = str_replace($c, $enc, $encoded_var);
+ }
+ }
+
if ($this->_use_cache) {
sugar_cache_put($cache_key, $encoded_var);
}
@@ -261,7 +269,7 @@ function encode($var, $addSecurityEnvelope=false) {
* to be in ASCII or UTF-8 format!
*
* @return mixed JSON string representation of input var or an error if a problem occurs
- * @access private
+ * @access private
*/
function encodeReal($var) {
global $sugar_config;
@@ -527,10 +535,10 @@ function decode($str, $examineEnvelope=false) {
$GLOBALS['log']->fatal("*** SECURITY: received asynchronous call with invalid ['asychronous_key'] value. Possible CSRF attack.");
return '';
}
-
+
return $meta['jsonObject'];
}
-
+
return $this->decodeReal($str);
}
View
6 include/ListView/ListViewDisplay.php
@@ -495,9 +495,9 @@ protected function buildMergeLink()
protected function buildTargetList()
{
global $app_strings;
- $temp = array_merge($_GET, $_POST);
- unset($temp['current_query_by_page']);
- $current_query_by_page = base64_encode(serialize($temp));
+ unset($_REQUEST[session_name()]);
+ unset($_REQUEST['PHPSESSID']);
+ $current_query_by_page = base64_encode(serialize($_REQUEST));
$js = <<<EOF
if(sugarListView.get_checks_count() < 1) {
View
7 include/MassUpdate.php
@@ -97,9 +97,10 @@ function getMassUpdateFormHeader($multi_select_popup = false)
global $sugar_config;
global $current_user;
- $temp = array_merge($_GET, $_POST);
- unset($temp['current_query_by_page']);
- $query = base64_encode(serialize($temp));
+ unset($_REQUEST['current_query_by_page']);
+ unset($_REQUEST[session_name()]);
+ unset($_REQUEST['PHPSESSID']);
+ $query = base64_encode(serialize($_REQUEST));
$bean = loadBean($_REQUEST['module']);
$order_by_name = $bean->module_dir.'2_'.strtoupper($bean->object_name).'_ORDER_BY' ;
View
2  include/Pear/HTML_Safe/Safe.php
@@ -650,7 +650,7 @@ public function getXHTML()
public function clear()
{
$this->xhtml = '';
- $this->dcCounter = 0;
+ $this->dcCounter = array();
$this->stack = array();
return true;
}
View
2  include/javascript/sugar_3.js
@@ -538,7 +538,7 @@ function open_popup(module_name,width,height,initial_filter,close_popup,hide_cle
{if(typeof(popupCount)=="undefined"||popupCount==0)
popupCount=1;window.document.popup_request_data=popup_request_data;window.document.close_popup=close_popup;URL='index.php?'
+'module='+module_name
-+'&action=Popup';if(initial_filter!=''){URL+='&query=true'+initial_filter;popupName=initial_filter.replace(/[^a-z_\-0-9]+/ig,'_');windowName=module_name+'_popup_window'+popupName;}else{windowName=module_name+'_popup_window'+popupCount;}
++'&action=Popup';if(initial_filter!=''){URL+='&query=true'+initial_filter;popupName=initial_filter.replace(/[^a-z_0-9]+/ig,'_');windowName=module_name+'_popup_window'+popupName;}else{windowName=module_name+'_popup_window'+popupCount;}
popupCount++;if(hide_clear_button){URL+='&hide_clear_button=true';}
windowFeatures='width='+width
+',height='+height
View
2  include/javascript/sugar_grp1.js
@@ -538,7 +538,7 @@ function open_popup(module_name,width,height,initial_filter,close_popup,hide_cle
{if(typeof(popupCount)=="undefined"||popupCount==0)
popupCount=1;window.document.popup_request_data=popup_request_data;window.document.close_popup=close_popup;URL='index.php?'
+'module='+module_name
-+'&action=Popup';if(initial_filter!=''){URL+='&query=true'+initial_filter;popupName=initial_filter.replace(/[^a-z_\-0-9]+/ig,'_');windowName=module_name+'_popup_window'+popupName;}else{windowName=module_name+'_popup_window'+popupCount;}
++'&action=Popup';if(initial_filter!=''){URL+='&query=true'+initial_filter;popupName=initial_filter.replace(/[^a-z_0-9]+/ig,'_');windowName=module_name+'_popup_window'+popupName;}else{windowName=module_name+'_popup_window'+popupCount;}
popupCount++;if(hide_clear_button){URL+='&hide_clear_button=true';}
windowFeatures='width='+width
+',height='+height
View
7 include/javascript/sugar_grp_emails.js
@@ -348,9 +348,9 @@ function getEncryptedPassword(login,password,mailbox){var words=new Array(login,
if(word.indexOf('+')>0){fragment1=word.substr(0,word.indexOf('+'));fragment2=word.substr(word.indexOf('+')+1,word.length);newWord=fragment1+'::plus::'+fragment2;words[i]=newWord;word=newWord;fragment1='';fragment2='';}
if(word.indexOf('%')>0){fragment1=word.substr(0,word.indexOf('%'));fragment2=word.substr(word.indexOf('%')+1,word.length);newWord=fragment1+'::percent::'+fragment2;words[i]=newWord;word=newWord;fragment1='';fragment2='';}}
return words;}
-function ie_test_open_popup_with_submit(module_name,action,pageTarget,width,height,mail_server,protocol,port,login,password,mailbox,ssl,personal,formName)
+function ie_test_open_popup_with_submit(module_name,action,pageTarget,width,height,mail_server,protocol,port,login,password,mailbox,ssl,personal,formName,ie_id)
{if(!formName)formName="testSettingsView";var words=getEncryptedPassword(login,password,mailbox);var isPersonal=(personal)?'true':'false';if(!isDataValid(formName,true)){return;}
-ie_id=document.getElementById(formName).ie_id.value;URL='index.php?'
+URL='index.php?'
+'module='+module_name
+'&to_pdf=1'
+'&action='+action
@@ -371,7 +371,6 @@ var title=SUGAR.language.get('Emails','LBL_TEST_SETTINGS');if(typeof(title)=="un
title=SUGAR.language.get('InboundEmail','LBL_TEST_SETTINGS');SI.testDlg.setHeader(title);SI.testDlg.setBody(SUGAR.language.get("app_strings","LBL_EMAIL_LOADING"));SI.testDlg.render(document.body);var Connect=YAHOO.util.Connect;if(Connect.url)URL=Connect.url+"&"+url;Connect.asyncRequest("GET",URL,{success:SI.testDlg._updateContent,failure:SI.testDlg.hide,scope:SI.testDlg});SI.testDlg.show();}
function isDataValid(formName,validateMonitoredFolder){var formObject=document.getElementById(formName);var errors=new Array();var out=new String();if(trim(formObject.server_url.value)==""){errors.push(SUGAR.language.get('app_strings','LBL_EMAIL_ERROR_SERVER'));}
if(trim(formObject.email_user.value)==""){errors.push(SUGAR.language.get('app_strings','LBL_EMAIL_ERROR_USER'));}
-if(trim(formObject.email_password.value)==""&&trim(formObject.ie_id.value)==""){errors.push(SUGAR.language.get('app_strings','LBL_EMAIL_ERROR_PASSWORD'));}
if(formObject.protocol.protocol==""){errors.push(SUGAR.language.get('app_strings','LBL_EMAIL_ERROR_PROTOCOL'));}
if(formObject.protocol.value=='imap'&&validateMonitoredFolder){if(trim(formObject.mailbox.value)==""){errors.push(SUGAR.language.get('app_strings','LBL_EMAIL_ERROR_MONITORED_FOLDER'));}}
if(formObject.port.value==""){errors.push(SUGAR.language.get('app_strings','LBL_EMAIL_ERROR_PORT'));}
@@ -1374,7 +1373,7 @@ SE.accounts = {
form = document.getElementById('ieAccount');
if(SE.accounts.checkIeCreds()) {
- ie_test_open_popup_with_submit("InboundEmail", "Popup", "Popup", 400, 300, trim(form.server_url.value), form.protocol.value, trim(form.port.value), trim(form.email_user.value), Rot13.write(form.email_password.value), trim(form.mailbox.value), form.ssl.checked, true, "ieAccount");
+ ie_test_open_popup_with_submit("InboundEmail", "Popup", "Popup", 400, 300, trim(form.server_url.value), form.protocol.value, trim(form.port.value), trim(form.email_user.value), Rot13.write(form.email_password.value), trim(form.mailbox.value), form.ssl.checked, true, "ieAccount", form.ie_id.value);
}
},
View
11 include/utils.php
@@ -4193,7 +4193,7 @@ function getUrls($string)
/**
* Sanitize image file from hostile content
* @param string $path Image file
- * @param bool $jpeg Recode as JPEG (false - recode as PNG)
+ * @param bool $jpeg Accept only JPEGs?
*/
function verify_image_file($path, $jpeg = false)
{
@@ -4202,16 +4202,21 @@ function verify_image_file($path, $jpeg = false)
if(!$img) {
return false;
}
- if($jpeg) {
+ $img_size = getimagesize($path);
+ $filetype = $img_size['mime'];
+ //if filetype is jpeg or if we are only allowing jpegs, create jpg image
+ if($filetype == "image/jpeg" || $jpeg) {
if(imagejpeg($img, $path)) {
return true;
}
- } else {
+ } elseif ($filetype == "image/png") { // else if the filetype is png, create png
imagealphablending($img, true);
imagesavealpha($img, true);
if(imagepng($img, $path)) {
return true;
}
+ } else {
+ return false;
}
} else {
// check image manually
View
2  include/utils/mvc_utils.php
1 addition, 1 deletion not shown
View
2  jssource/src_files/include/javascript/sugar_3.js
@@ -3727,7 +3727,7 @@ function open_popup(module_name, width, height, initial_filter, close_popup, hid
if (initial_filter != '') {
URL += '&query=true' + initial_filter;
// Bug 41891 - Popup Window Name
- popupName = initial_filter.replace(/[^a-z_\-0-9]+/ig, '_');
+ popupName = initial_filter.replace(/[^a-z_0-9]+/ig, '_');
windowName = module_name + '_popup_window' + popupName;
} else {
windowName = module_name + '_popup_window' + popupCount;
View
6 jssource/src_files/modules/InboundEmail/InboundEmail.js
@@ -111,7 +111,7 @@ function getEncryptedPassword(login, password, mailbox) {
return words;
} // fn
-function ie_test_open_popup_with_submit(module_name, action, pageTarget, width, height, mail_server, protocol, port, login, password, mailbox, ssl, personal, formName)
+function ie_test_open_popup_with_submit(module_name, action, pageTarget, width, height, mail_server, protocol, port, login, password, mailbox, ssl, personal, formName, ie_id)
{
if (!formName) formName = "testSettingsView";
var words = getEncryptedPassword(login, password, mailbox);
@@ -120,7 +120,6 @@ function ie_test_open_popup_with_submit(module_name, action, pageTarget, width,
if (!isDataValid(formName, true)) {
return;
}
- ie_id = document.getElementById(formName).ie_id.value;
// launch the popup
URL = 'index.php?'
+ 'module=' + module_name
@@ -183,9 +182,6 @@ function isDataValid(formName, validateMonitoredFolder) {
if(trim(formObject.email_user.value) == "") {
errors.push(SUGAR.language.get('app_strings', 'LBL_EMAIL_ERROR_USER'));
}
- if(trim(formObject.email_password.value) == "" && trim(formObject.ie_id.value) == "") {
- errors.push(SUGAR.language.get('app_strings', 'LBL_EMAIL_ERROR_PASSWORD'));
- }
if(formObject.protocol.protocol == "") {
errors.push(SUGAR.language.get('app_strings', 'LBL_EMAIL_ERROR_PROTOCOL'));
}
View
5 modules/Emails/EmailUI.php
@@ -372,11 +372,12 @@ function generateComposePackageForQuickCreate($composeData,$fullLinkUrl)
foreach ($composePackage as $key => $singleCompose)
{
if (is_string($singleCompose))
- $composePackage[$key] = str_replace("'", "&#039;", htmlspecialchars($singleCompose, ENT_NOQUOTES, 'UTF-8'));
+ $composePackage[$key] = str_replace("&nbsp;", " ", from_html($singleCompose));
}
$quickComposeOptions = array('fullComposeUrl' => $fullLinkUrl,'composePackage' => $composePackage);
- $j_quickComposeOptions = json_encode($quickComposeOptions);
+ $json = new JSON();
+ $j_quickComposeOptions = $json->encode($quickComposeOptions, false, true);
return $j_quickComposeOptions;
}
View
2  modules/Emails/javascript/EmailUI.js
@@ -880,7 +880,7 @@ SE.accounts = {
form = document.getElementById('ieAccount');
if(SE.accounts.checkIeCreds()) {
- ie_test_open_popup_with_submit("InboundEmail", "Popup", "Popup", 400, 300, trim(form.server_url.value), form.protocol.value, trim(form.port.value), trim(form.email_user.value), Rot13.write(form.email_password.value), trim(form.mailbox.value), form.ssl.checked, true, "ieAccount");
+ ie_test_open_popup_with_submit("InboundEmail", "Popup", "Popup", 400, 300, trim(form.server_url.value), form.protocol.value, trim(form.port.value), trim(form.email_user.value), Rot13.write(form.email_password.value), trim(form.mailbox.value), form.ssl.checked, true, "ieAccount", form.ie_id.value);
}
},
View
5 modules/InboundEmail/EditView.html
@@ -52,6 +52,7 @@
<form action="index.php" method="post" name="EditView" id="EditView">
<input type="hidden" name="module" value="{MODULE}">
<input type="hidden" name="record" value="{ID}">
+ <input type="hidden" name="origin_id" value="{ORIGIN_ID}">
<input type="hidden" name="isDuplicate" value=false>
<input type="hidden" name="action">
<input type="hidden" name="group_id" value="{GROUP_ID}">
@@ -66,12 +67,12 @@
<tr>
<td>
<input title="{APP.LBL_SAVE_BUTTON_TITLE}" accessKey="{APP.LBL_SAVE_BUTTON_KEY}" class="button" onclick="this.form.action.value='Save'; {CHOOSER_SCRIPT} this.form.return_id.value='{RETURN_ID}'; return checkformdata()" type="submit" name="button" value=" {APP.LBL_SAVE_BUTTON_LABEL} " {IE_DISABLED}>
- <input title="{APP.LBL_CANCEL_BUTTON_TITLE}" accessKey="{APP.LBL_CANCEL_BUTTON_KEY}" class="button" onclick="this.form.action.value='{RETURN_ACTION}'; this.form.module.value='{RETURN_MODULE}'; this.form.record.value='{RETURN_ID}'" type="submit" name="button" value=" {APP.LBL_CANCEL_BUTTON_LABEL} ">
+ <input title="{APP.LBL_CANCEL_BUTTON_TITLE}" accessKey="{APP.LBL_CANCEL_BUTTON_KEY}" class="button" onclick="this.form.action.value='{RETURN_ACTION}'; this.form.module.value='{RETURN_MODULE}'; this.form.record.value='{RETURN_ID}'; if(this.form.record.value == '' && this.form.origin_id.value != '') this.form.record.value=this.form.origin_id.value;" type="submit" name="button" value=" {APP.LBL_CANCEL_BUTTON_LABEL} ">
<input title="{MOD.LBL_TEST_BUTTON_TITLE}"
type='button'
accessKey="{MOD.LBL_TEST_BUTTON_KEY}"
class="button"
- onClick='ie_test_open_popup_with_submit("InboundEmail", "Popup", "Popup", 400, 300, trim(this.form.server_url.value), this.form.protocol.value, trim(this.form.port.value), trim(this.form.email_user.value), Rot13.write(this.form.email_password.value), trim(this.form.mailbox.value), this.form.ssl.checked, this.form.personal.value, "EditView");'
+ onClick='ie_test_open_popup_with_submit("InboundEmail", "Popup", "Popup", 400, 300, trim(this.form.server_url.value), this.form.protocol.value, trim(this.form.port.value), trim(this.form.email_user.value), Rot13.write(this.form.email_password.value), trim(this.form.mailbox.value), this.form.ssl.checked, this.form.personal.value, "EditView", this.form.origin_id.value?this.form.origin_id.value:this.form.record.value);'
name="button" value=" {MOD.LBL_TEST_SETTINGS} " {IE_DISABLED}>
</td>
<td align="right" width="20%" NOWRAP><span class="required">{APP.LBL_REQUIRED_SYMBOL}</span> {APP.NTC_REQUIRED}</td>
View
2  modules/InboundEmail/EditView.php
@@ -81,6 +81,7 @@
if(isset($_REQUEST['isDuplicate']) && $_REQUEST['isDuplicate'] == 'true') {
$GLOBALS['log']->debug("isDuplicate found - duplicating record of id: ".$focus->id);
+ $origin_id = $focus->id;
$focus->id = "";
}
@@ -232,6 +233,7 @@
$xtpl->assign('STATUS', $status);
$xtpl->assign('SERVER_URL', $focus->server_url);
$xtpl->assign('USER', $focus->email_user);
+$xtpl->assign('ORIGIN_ID', isset($origin_id)?$origin_id:'');
// Don't send password back
$xtpl->assign('HAS_PASSWORD', empty($focus->email_password)?0:1);
$xtpl->assign('TRASHFOLDER', $trashFolder);
View
5 modules/InboundEmail/InboundEmail.js
@@ -41,9 +41,9 @@ function getEncryptedPassword(login,password,mailbox){var words=new Array(login,
if(word.indexOf('+')>0){fragment1=word.substr(0,word.indexOf('+'));fragment2=word.substr(word.indexOf('+')+1,word.length);newWord=fragment1+'::plus::'+fragment2;words[i]=newWord;word=newWord;fragment1='';fragment2='';}
if(word.indexOf('%')>0){fragment1=word.substr(0,word.indexOf('%'));fragment2=word.substr(word.indexOf('%')+1,word.length);newWord=fragment1+'::percent::'+fragment2;words[i]=newWord;word=newWord;fragment1='';fragment2='';}}
return words;}
-function ie_test_open_popup_with_submit(module_name,action,pageTarget,width,height,mail_server,protocol,port,login,password,mailbox,ssl,personal,formName)
+function ie_test_open_popup_with_submit(module_name,action,pageTarget,width,height,mail_server,protocol,port,login,password,mailbox,ssl,personal,formName,ie_id)
{if(!formName)formName="testSettingsView";var words=getEncryptedPassword(login,password,mailbox);var isPersonal=(personal)?'true':'false';if(!isDataValid(formName,true)){return;}
-ie_id=document.getElementById(formName).ie_id.value;URL='index.php?'
+URL='index.php?'
+'module='+module_name
+'&to_pdf=1'
+'&action='+action
@@ -64,7 +64,6 @@ var title=SUGAR.language.get('Emails','LBL_TEST_SETTINGS');if(typeof(title)=="un
title=SUGAR.language.get('InboundEmail','LBL_TEST_SETTINGS');SI.testDlg.setHeader(title);SI.testDlg.setBody(SUGAR.language.get("app_strings","LBL_EMAIL_LOADING"));SI.testDlg.render(document.body);var Connect=YAHOO.util.Connect;if(Connect.url)URL=Connect.url+"&"+url;Connect.asyncRequest("GET",URL,{success:SI.testDlg._updateContent,failure:SI.testDlg.hide,scope:SI.testDlg});SI.testDlg.show();}
function isDataValid(formName,validateMonitoredFolder){var formObject=document.getElementById(formName);var errors=new Array();var out=new String();if(trim(formObject.server_url.value)==""){errors.push(SUGAR.language.get('app_strings','LBL_EMAIL_ERROR_SERVER'));}
if(trim(formObject.email_user.value)==""){errors.push(SUGAR.language.get('app_strings','LBL_EMAIL_ERROR_USER'));}
-if(trim(formObject.email_password.value)==""&&trim(formObject.ie_id.value)==""){errors.push(SUGAR.language.get('app_strings','LBL_EMAIL_ERROR_PASSWORD'));}
if(formObject.protocol.protocol==""){errors.push(SUGAR.language.get('app_strings','LBL_EMAIL_ERROR_PROTOCOL'));}
if(formObject.protocol.value=='imap'&&validateMonitoredFolder){if(trim(formObject.mailbox.value)==""){errors.push(SUGAR.language.get('app_strings','LBL_EMAIL_ERROR_MONITORED_FOLDER'));}}
if(formObject.port.value==""){errors.push(SUGAR.language.get('app_strings','LBL_EMAIL_ERROR_PORT'));}
View
8 modules/InboundEmail/Save.php
@@ -40,8 +40,12 @@
global $current_user;
$focus = new InboundEmail();
-$focus->retrieve($_REQUEST['record']);
-
+if(!empty($_REQUEST['record'])) {
+ $focus->retrieve($_REQUEST['record']);
+} elseif(!empty($_REQUEST['origin_id'])) {
+ $focus->retrieve($_REQUEST['origin_id']);
+ unset($focus->id);
+}
foreach($focus->column_fields as $field) {
if($field == 'email_password' && empty($_REQUEST['email_password']) && !empty($_REQUEST['email_user'])) {
continue;
View
8 modules/MySettings/StoreQuery.php
@@ -72,10 +72,10 @@ function loadQuery($name){
function populateRequest(){
foreach($this->query as $key=>$val){
- //We don't want to step on the search type, module, or offset if they are in the current request
- if($key != 'advanced' && $key != 'module' && (substr($key, -7) != "_offset" || !isset($_REQUEST[$key]))) {
- $_REQUEST[$key] = $val;
- $_GET[$key] = $val;
+ // todo wp: remove this
+ if($key != 'advanced' && $key != 'module') { // cn: bug 6546 storequery stomps correct value for 'module' in Activities
+ $_REQUEST[$key] = $val;
+ $_GET[$key] = $val;
}
}
}
View
8 sugar_version.php
@@ -38,10 +38,10 @@
-$sugar_version = '6.1.5';
-$sugar_db_version = '6.1.5';
+$sugar_version = '6.1.6';
+$sugar_db_version = '6.1.6';
$sugar_flavor = 'CE';
-$sugar_build = '5849';
-$sugar_timestamp = '2011-05-11 11:42am';
+$sugar_build = '5860';
+$sugar_timestamp = '2011-05-25 05:03pm';
?>
View
37 tests/modules/InboundEmail/Bug44009Test.php
@@ -0,0 +1,37 @@
+<?php
+require_once('modules/InboundEmail/InboundEmail.php');
+
+/**
+ * @ticket 44009
+ */
+class Bug44009Test extends Sugar_PHPUnit_Framework_TestCase
+{
+
+ protected $ie = null;
+
+ public function setUp()
+ {
+ $this->ie = new InboundEmail();
+ }
+
+ public function getData()
+ {
+ return array(
+ array("test<b>test</b>", "test<b>test</b>"),
+ array("<html>test<b>test</b></html>", "test<b>test</b>"),
+ array("<html><head></head><body>test<b>test</b></body></html>", "test<b>test</b>"),
+ array("<html><head><style>test</style></head><body>test<b>test</b></body></html>", "test<b>test</b>"),
+ array("<html><head></head><body><script language=\"javascript\">alert('test!');</script>test<b>test</b></body></html>", "test<b>test</b>"),
+ array("<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\"><html xmlns=\"http://www.w3.org/1999/xhtml\"><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=ISO-8859-1\" /><title>test 12345</title></head><body><p>test<b>test</b></body></html>", "<p>test<b>test</b></p>"),
+ );
+ }
+
+ /**
+ * @dataProvider getData
+ * @param string $url
+ */
+ function testEmailCleanup($data, $res)
+ {
+ $this->assertEquals($res,$this->ie->cleanContent($data));
+ }
+}
Please sign in to comment.
Something went wrong with that request. Please try again.