Permalink
Browse files

Release 6.1.6

  • Loading branch information...
1 parent cffbac3 commit 5354e712487076ae15ac99ddea783c1bb3370c64 John Mertic committed May 27, 2011
View
@@ -1,5 +1,5 @@
<?php
-// created: 2011-05-11 12:02:07
+// created: 2011-05-25 17:22:58
$md5_string = array (
'./LICENSE.txt' => 'd3f150e4a5bed444763ebe8a81742a95',
'./.htaccess' => 'd41d8cd98f00b204e9800998ecf8427e',
@@ -1167,7 +1167,7 @@ $md5_string = array (
'./themes/Sugar5/css/print.css' => '629df961f98baab29b4530b56322a1ca',
'./themes/Sugar5/css/deprecated.css' => '13f41876c3a31bde4ac2e1223bdd707c',
'./themes/Sugar5/css/chart.css' => 'dda00a834e88692f3d08bec70db12dc9',
- './sugar_version.php' => '0a58a28168a638cf32e8d03bc3c00161',
+ './sugar_version.php' => '6a06e4f7d1b224ef70b35e2b83e0553d',
'./soap/SoapTypes.php' => 'b44fab9d2a11ee705798529a17ccd24e',
'./soap/SoapSugarUsers.php' => '5e65b5fc02625c7dedddb9d3aa21f838',
'./soap/SoapStudio.php' => '08ff60f88df7da98b081a199510858f8',
@@ -1699,7 +1699,7 @@ $md5_string = array (
'./modules/Notes/Menu.php' => '80e4a5be7e5f7a316f11f43e646e7dab',
'./modules/MySettings/language/en_us.lang.php' => '7ab73e2c534ab7d66597730282c87ae3',
'./modules/MySettings/TabController.php' => '5bccbc225eae09c59583f438f1525a1b',
- './modules/MySettings/StoreQuery.php' => '564278c216b2499185ec0dc954629925',
+ './modules/MySettings/StoreQuery.php' => '71ba3168bc08f0ab9c8f790a2b49b8fb',
'./modules/MySettings/LoadTabSubpanels.php' => 'a255e18695ce5a628f77ea5ee52cf87e',
'./modules/ModuleBuilder/views/view.wizard.php' => 'dce66b495e40714975affaa31a6fb324',
'./modules/ModuleBuilder/views/view.tree.php' => '8c422f84d52636a46249e3156a45b150',
@@ -1948,7 +1948,7 @@ $md5_string = array (
'./modules/LabelEditor/Forms.php' => 'fbafcea6235be8a109124d1870e5c76d',
'./modules/LabelEditor/EditView.php' => '1c932d2d28064843f23ba12afb58a36e',
'./modules/LabelEditor/EditView.html' => 'd26998cd92945e931f4207509bd8444f',
- './modules/InboundEmail/InboundEmail.js' => '98639b43e066108023362ac1c6606b51',
+ './modules/InboundEmail/InboundEmail.js' => '0316c7387fca4d032dcc2b08f042649d',
'./modules/InboundEmail/vardefs.php' => 'b502ad0ed0fbd0756c8dbfea8e6f0c3b',
'./modules/InboundEmail/parseEncoding.php' => 'e577543f1dd4acdd9e1e56873612abe1',
'./modules/InboundEmail/language/en_us.lang.php' => '6efdc5c47a673ba196569159bb1da72f',
@@ -1957,15 +1957,15 @@ $md5_string = array (
'./modules/InboundEmail/View.html' => '58f26da62e64f0630806e6dde187a357',
'./modules/InboundEmail/ShowInboundFoldersList.php' => '45d7e8bfbff96456cb27a9f1ef3eea3c',
'./modules/InboundEmail/SaveGroupFolder.php' => 'b25cf3f6fae0a6220773c43966dfccdc',
- './modules/InboundEmail/Save.php' => 'b1cdb79a734b377a20b19986ae32ed89',
+ './modules/InboundEmail/Save.php' => 'c7ac2090b7c9591f7194cd0555e57e07',
'./modules/InboundEmail/Popup.php' => 'dae5482f102fb7cbbcedd46b2cf6a550',
'./modules/InboundEmail/Menu.php' => '79c0619ae84aa23303de599889406019',
'./modules/InboundEmail/ListView.php' => '693d6cb94dede156a0ddf15b031ff031',
'./modules/InboundEmail/ListView.html' => 'd198339eed60a1f901c0082646ac3707',
'./modules/InboundEmail/InboundEmailTest.php' => '18e54a84dd10ebbdb875c4a0c2887bc9',
'./modules/InboundEmail/InboundEmail.php' => 'c1f7a1e8522acea3e9d7cadc636799e9',
- './modules/InboundEmail/EditView.php' => '4dd0ce851a2b0202db293e15012e59c1',
- './modules/InboundEmail/EditView.html' => '01adf407ad0d15c6cac64d94ea9d4168',
+ './modules/InboundEmail/EditView.php' => '65b84941e7dafdad0a07f4b24280e6fb',
+ './modules/InboundEmail/EditView.html' => '1b501d7069cea6166695fbb5593f3f8d',
'./modules/InboundEmail/EditGroupFolder.php' => '52d841e00eeb5d43c736de0adbc5293f',
'./modules/InboundEmail/DetailView.php' => '83323c4e3516f55322d710e296fd518d',
'./modules/InboundEmail/DetailView.html' => 'c26f51c1f5b4d301c56e773de896758d',
@@ -2156,7 +2156,7 @@ $md5_string = array (
'./modules/Emails/javascript/ajax.js' => '8817d5d11cade523f3304d4272a4a5b8',
'./modules/Emails/javascript/EmailUIShared.js' => 'a7be59721553f5754aa4a5b1ca719c08',
'./modules/Emails/javascript/EmailUICompose.js' => '833266297da57f1372a375a70e6d853a',
- './modules/Emails/javascript/EmailUI.js' => '8862b6b07998241cd1fe07fb53d326d2',
+ './modules/Emails/javascript/EmailUI.js' => 'e80bc7f2ca47aead2c4fd119cfd77ebc',
'./modules/Emails/javascript/Email.js' => '9374349209d72680155e1e886a6b8ed5',
'./modules/Emails/index.php' => '6cc6a189db79619fe86fe1469e9ff7d3',
'./modules/Emails/images/sugarGroup.gif' => 'ad21210176b6a2a10a7a9b8f876ad83b',
@@ -2199,7 +2199,7 @@ $md5_string = array (
'./modules/Emails/Grab.php' => '95a6e008baa1cdeebbf72a74bf72db68',
'./modules/Emails/GenerateQuickComposeFrame.php' => '0c9dbc7d32d522b624198d21f57f6338',
'./modules/Emails/EmailUIAjax.php' => '754dd8c922055582cdabc7083cb33d7c',
- './modules/Emails/EmailUI.php' => 'aeb03bef97950ad4d02b3abc9bc33efe',
+ './modules/Emails/EmailUI.php' => '590deec65bb2b5643dada7d205e20e3e',
'./modules/Emails/EmailUI.css' => 'daf7eb7d61e5b8777613d4f550bfa572',
'./modules/Emails/Email.php' => '4fce8da7c26a1dccf2613d3dc87ed300',
'./modules/Emails/EditViewArchive.html' => 'ad802e567b75e39a6c7885bbb8fb9fcc',
@@ -3025,7 +3025,7 @@ $md5_string = array (
'./jssource/src_files/include/javascript/quickCompose.js' => 'c87742cdae04b75afc7e59c9e9440d39',
'./jssource/src_files/include/javascript/quicksearch.js' => 'ed496427bcc648a621262401c67416ae',
'./jssource/src_files/include/javascript/report_additionals.js' => '7d8f86186481775d3f2b9577f62d7e01',
- './jssource/src_files/include/javascript/sugar_3.js' => '32e3120af5ad4f6747fa9784d7995888',
+ './jssource/src_files/include/javascript/sugar_3.js' => '10dc988f36d82c8621d05ebb4acc2d0f',
'./jssource/src_files/include/javascript/sugar_connection_event_listener.js' => '3f0ed5a6340391e82521b208d6b39e8d',
'./jssource/src_files/include/javascript/sugarwidgets/SugarYUILoader.js' => '91ce3f8311a938d63f6f4f41a2780855',
'./jssource/src_files/include/javascript/sugarwidgets/SugarYUIWidgets.js' => '18d0fbff67ee96b852f8d3bf2d033978',
@@ -3328,7 +3328,7 @@ $md5_string = array (
'./jssource/src_files/modules/Documents/documents.js' => '3b068dac2a20816b5bfda33f1b1e9a4d',
'./jssource/src_files/modules/EmailTemplates/EmailTemplate.js' => '5f31b123e46b4e18c59e890bed779e45',
'./jssource/src_files/modules/Home/about.js' => '21f5494869cd5700b0c552747ad8c0f7',
- './jssource/src_files/modules/InboundEmail/InboundEmail.js' => '9d3e15f052ad39415c3a93db8b0e8915',
+ './jssource/src_files/modules/InboundEmail/InboundEmail.js' => '3c95d3d5e7a57c6148ee692d4eb698e4',
'./jssource/src_files/modules/Leads/Lead.js' => 'd06ef9e18d4c85fa7aedf57cdb5fc9e7',
'./jssource/src_files/modules/Meetings/jsclass_scheduler.js' => '007c932cc101de1394d949008ed79c68',
'./jssource/src_files/modules/MergeRecords/Merge.js' => '753cc64c1b94ed8f161112d17a3e0b0e',
@@ -3521,7 +3521,7 @@ $md5_string = array (
'./include/utils/progress_bar_utils.php' => '72633b667109464bafa8fc027c9938d4',
'./include/utils/zip_utils.php' => '68ea31cbab69f33f9d30f386a9cc7982',
'./include/utils/logic_utils.php' => 'a59013e866e3bed66ea19d404dad3a5d',
- './include/utils/mvc_utils.php' => 'f70cadb0d668630f000d8abe826d1c91',
+ './include/utils/mvc_utils.php' => '976d659ec3eb176891611b4a7ce3ecf9',
'./include/utils/file_utils.php' => '87b90ab168c1e0f45860150fe1572dc0',
'./include/utils/layout_utils.php' => '8942e9784ca325da2aad70cb956f16c7',
'./include/utils/external_cache.php' => '2d018926a89efdc108192dfcf7be0981',
@@ -3531,7 +3531,7 @@ $md5_string = array (
'./include/utils/array_utils.php' => 'e19705c0c995be8545441c1fcdf01e84',
'./include/utils/activity_utils.php' => 'fc0b073a8b715799ec088c1452378686',
'./include/utils/LogicHook.php' => 'e4e3a8576e115f0282ed513068349c26',
- './include/utils.php' => '1fe2a7ba8ca53e71e93c882b7af120da',
+ './include/utils.php' => 'b0225df0ec0f5fb8d0ba499e687a20ec',
'./include/upload_file.php' => 'c50b407f1908ad5e986ca428ec4548f0',
'./include/timezone/timezones.php' => 'c1b535767fd4bb7fdb04d03a91ceed6c',
'./include/templates/TemplateGroupChooser.php' => '1971bdb38d86951c192a3f97e38a2ead',
@@ -3648,13 +3648,13 @@ $md5_string = array (
'./include/jsolait/copying.txt' => '7fbc338309ac38fefcd64b04bb903e34',
'./include/jsolait/LICENSE' => '7fbc338309ac38fefcd64b04bb903e34',
'./include/javascript/sugar_grp_quickcomp.js' => '4ccbb96c80dc11464eb3ffceb4731bb2',
- './include/javascript/sugar_grp_emails.js' => '2550f85987f1ad5aae1bfbdbcd29dc98',
+ './include/javascript/sugar_grp_emails.js' => '61b0937d25e32b9952a1adf498a5e5fe',
'./include/javascript/sugar_grp_overlib.js' => '697dc29858751a3a9848ded2d5cc9638',
'./include/javascript/sugar_grp_yui2.js' => '810b0d52b0d73ca309673fa8c88f7275',
'./include/javascript/sugar_grp_yui_widgets.css' => 'f3b4057fe9151a52174c1f6b252495fd',
'./include/javascript/sugar_grp_yui_widgets.js' => '35ddcaaacf3a5bd2536d64cad5b8e9d2',
'./include/javascript/sugar_grp1_yui.js' => '8c4c32d01308873b67a9fdabad62ff23',
- './include/javascript/sugar_grp1.js' => 'bdda53634008e1a507c1e99d4db3474e',
+ './include/javascript/sugar_grp1.js' => 'e8364ee8df20533820c552f52e7a5acc',
'./include/javascript/cookie.js' => 'de61d7b1eb4ba59186984d89f628eae2',
'./include/javascript/dashlets.js' => 'c58cce8a83dbb9623b5260c45a8b154f',
'./include/javascript/include.js' => '111549b33d8ca4011ca99a23105050fe',
@@ -3668,7 +3668,7 @@ $md5_string = array (
'./include/javascript/quickCompose.js' => '8702e1904189f22c31f88b05e22398e7',
'./include/javascript/quicksearch.js' => 'fe8c4431483099b608ebe483d6e61ca3',
'./include/javascript/report_additionals.js' => 'bfb26a986bc020109f20b703fa6a6a9d',
- './include/javascript/sugar_3.js' => 'e08212c87039664102e218ede7f5285c',
+ './include/javascript/sugar_3.js' => '27e07dcd71753cd4361523a93781b9a1',
'./include/javascript/sugar_connection_event_listener.js' => '119ff2a497fd3c53d9f9a9b3d2226357',
'./include/javascript/swfobject.js' => '52ce7b9e2bf41b265102db45f6cc765a',
'./include/javascript/yui3/index.html' => '9ff89ada5571d6d03eccc45dad57bb16',
@@ -5186,7 +5186,7 @@ $md5_string = array (
'./include/Pear/XML_HTMLSax3/HTMLSax3/Decorators.php' => '34a9a95566c891f013584073fbadaf7e',
'./include/Pear/XML_HTMLSax3/HTMLSax3.php' => '11107d97b19feb13feb394cd858603f0',
'./include/Pear/HTML_Safe/license.txt' => 'a9001003ee71c8e4ca0337600994e7ac',
- './include/Pear/HTML_Safe/Safe.php' => '2ec6ff323a1057c0b94eda37a4caa480',
+ './include/Pear/HTML_Safe/Safe.php' => '5150c0e33710edd9bdb5310627b89f63',
'./include/Pear/Crypt_Blowfish/license.txt' => 'a45bb1bbeed9e26b26c5763df1d3913d',
'./include/Pear/Crypt_Blowfish/Blowfish/DefaultKey.php' => '8274b556662cc178342ea96940b36514',
'./include/Pear/Crypt_Blowfish/Blowfish.php' => 'b391980575340d0fe5bf2df72bc13932',
@@ -5200,7 +5200,7 @@ $md5_string = array (
'./include/MySugar/javascript/MySugar.js' => '95480bf96ab6fe08446e52b8c1236557',
'./include/MySugar/MySugar.php' => '8db3f12d62d5827268dfe4a3b26226a8',
'./include/MySugar/DashletsDialog/DashletsDialog.php' => '3725a75570ef02be822d74e31a6f1e7f',
- './include/MassUpdate.php' => 'ded360481afe54017d6b03310076d4fb',
+ './include/MassUpdate.php' => 'f629206b4831db64f79e84ff25f4fb6d',
'./include/MVC/View/views/view.xml.php' => '899ce32b620a040d2f04dd32bf32cd6d',
'./include/MVC/View/views/view.vcard.php' => 'f40aefcaf222ae87d5717603327a4ceb',
'./include/MVC/View/views/view.sugarpdf.php' => 'fffb5f92357ed83e618ccf726747443e',
@@ -5242,10 +5242,10 @@ $md5_string = array (
'./include/ListView/ListViewNoMassUpdate.tpl' => 'eed55b49e2b787d71106e4e54d30f45f',
'./include/ListView/ListViewGeneric.tpl' => '3754068a0f671ff29a8cafaa3cc0a9b0',
'./include/ListView/ListViewFacade.php' => '09ab474e08eb514a7fe506b6faa3abae',
- './include/ListView/ListViewDisplay.php' => '376d5c1d6c416da74bd6aa4a24ac0fc1',
+ './include/ListView/ListViewDisplay.php' => '5f27ca090ca9f374d8a057d433cb87fb',
'./include/ListView/ListViewData.php' => '36876ea156812985f1155fcf439406e9',
'./include/ListView/ListView.php' => '8baaa72b1b8c6fe24a82baedc8deadd0',
- './include/JSON.php' => '1a8d53c6b92eb5886884a6fb923dbf38',
+ './include/JSON.php' => 'a2b128a1daf3994ee1245b38bd7d9e26',
'./include/HTTP_WebDAV_Server/license.txt' => 'a45bb1bbeed9e26b26c5763df1d3913d',
'./include/HTTP_WebDAV_Server/dav.txt' => 'c5235ed64efa685da638c6dcdb6a9708',
'./include/HTTP_WebDAV_Server/Tools/_parse_proppatch.php' => '70971e2e4a07137ef26d6f4777194a9c',
View
@@ -98,7 +98,7 @@ class JSON
{
// cn: bug 12274 - the below defend against CSRF (see desc for whitepaper)
var $prescript = "while(1);/*";
- var $postscript = "*/";
+ var $postscript = "*/";
/**
* Specifies whether caching should be used
@@ -107,7 +107,7 @@ class JSON
* @access private
*/
var $_use_cache = true;
-
+
/**
* constructs a new JSON instance
*
@@ -216,14 +216,14 @@ function utf82utf16($utf8)
// ignoring UTF-32 for now, sorry
return '';
}
-
-
+
+
/**
* Wrapper for original "encode()" method - allows the creation of a security envelope
* @param mixed var Variable to be JSON encoded
* @param bool addSecurityEnvelope Default false
*/
- function encode($var, $addSecurityEnvelope=false) {
+ function encode($var, $addSecurityEnvelope=false, $encodeSpecial = false) {
$use_cache_on_at_start = $this->_use_cache;
if ($this->_use_cache) {
$cache_key = 'JSON_encode_' . ((is_array($var) || is_object($var)) ? md5(serialize($var)) : $var)
@@ -246,6 +246,14 @@ function encode($var, $addSecurityEnvelope=false) {
$encoded_var = $this->prescript . $encoded_var . $this->postscript;
}
+ if ($encodeSpecial) {
+ $charMap = array('<' => '\u003C', '>' => '\u003E', "'" => '\u0027', '&' => '\u0026');
+ foreach($charMap as $c => $enc)
+ {
+ $encoded_var = str_replace($c, $enc, $encoded_var);
+ }
+ }
+
if ($this->_use_cache) {
sugar_cache_put($cache_key, $encoded_var);
}
@@ -261,7 +269,7 @@ function encode($var, $addSecurityEnvelope=false) {
* to be in ASCII or UTF-8 format!
*
* @return mixed JSON string representation of input var or an error if a problem occurs
- * @access private
+ * @access private
*/
function encodeReal($var) {
global $sugar_config;
@@ -527,10 +535,10 @@ function decode($str, $examineEnvelope=false) {
$GLOBALS['log']->fatal("*** SECURITY: received asynchronous call with invalid ['asychronous_key'] value. Possible CSRF attack.");
return '';
}
-
+
return $meta['jsonObject'];
}
-
+
return $this->decodeReal($str);
}
@@ -495,9 +495,9 @@ protected function buildMergeLink()
protected function buildTargetList()
{
global $app_strings;
- $temp = array_merge($_GET, $_POST);
- unset($temp['current_query_by_page']);
- $current_query_by_page = base64_encode(serialize($temp));
+ unset($_REQUEST[session_name()]);
+ unset($_REQUEST['PHPSESSID']);
+ $current_query_by_page = base64_encode(serialize($_REQUEST));
$js = <<<EOF
if(sugarListView.get_checks_count() < 1) {
@@ -97,9 +97,10 @@ function getMassUpdateFormHeader($multi_select_popup = false)
global $sugar_config;
global $current_user;
- $temp = array_merge($_GET, $_POST);
- unset($temp['current_query_by_page']);
- $query = base64_encode(serialize($temp));
+ unset($_REQUEST['current_query_by_page']);
+ unset($_REQUEST[session_name()]);
+ unset($_REQUEST['PHPSESSID']);
+ $query = base64_encode(serialize($_REQUEST));
$bean = loadBean($_REQUEST['module']);
$order_by_name = $bean->module_dir.'2_'.strtoupper($bean->object_name).'_ORDER_BY' ;
@@ -650,7 +650,7 @@ public function getXHTML()
public function clear()
{
$this->xhtml = '';
- $this->dcCounter = 0;
+ $this->dcCounter = array();
$this->stack = array();
return true;
}
Oops, something went wrong.
Oops, something went wrong.
Oops, something went wrong.

0 comments on commit 5354e71

Please sign in to comment.