mirror of
https://github.com/VTECRM/vtenext.git
synced 2026-02-26 16:18:47 +00:00
Daniele
GitHub
commit
b27cae241e
@ -64,15 +64,15 @@
|
||||
<input type="hidden" name="hidden_toid" id="hidden_toid">
|
||||
<input type="hidden" name="draft_id" id="draft_id" value="{$DRAFTID}">
|
||||
{if !empty($smarty.request.message)}
|
||||
<input type="hidden" name="message" value="{$smarty.request.message}">
|
||||
<input type="hidden" name="message_mode" value="{$smarty.request.message_mode}">
|
||||
<input type="hidden" name="message" value="{$smarty.request.message|@vtlib_purify}">{* crmv@211287 *}
|
||||
<input type="hidden" name="message_mode" value="{$smarty.request.message_mode|@vtlib_purify}">{* crmv@211287 *}
|
||||
{/if}
|
||||
<input type="hidden" name="uploaddir" value="{$UPLOADIR}">
|
||||
{* crmv@2043m *}
|
||||
{if $smarty.request.reply_mail_converter neq ''}
|
||||
<input type="hidden" name="reply_mail_converter" value="{$smarty.request.reply_mail_converter}">
|
||||
<input type="hidden" name="reply_mail_converter_record" value="{$smarty.request.reply_mail_converter_record}">
|
||||
<input type="hidden" name="reply_mail_user" value="{$smarty.request.reply_mail_user}">
|
||||
<input type="hidden" name="reply_mail_converter" value="{$smarty.request.reply_mail_converter|@vtlib_purify}">{* crmv@211287 *}
|
||||
<input type="hidden" name="reply_mail_converter_record" value="{$smarty.request.reply_mail_converter_record|@vtlib_purify}">{* crmv@211287 *}
|
||||
<input type="hidden" name="reply_mail_user" value="{$smarty.request.reply_mail_user|@vtlib_purify}">{* crmv@211287 *}
|
||||
{/if}
|
||||
{* crmv@2043me *}
|
||||
{* crmv@62394 - activity tracking inputs *}
|
||||
@ -280,7 +280,6 @@
|
||||
</td>
|
||||
</tr>
|
||||
<script type="text/javascript">checkAttachment('{$attach_files.url}', '{$attach_files.name}', '{$attach_files.contentid}', 'compose')</script> {* crmv@204525 *}
|
||||
|
||||
{* crmv@121575e *}
|
||||
{/foreach}
|
||||
</table>
|
||||
@ -482,6 +481,14 @@ jQuery(document).ready(function() {ldelim}
|
||||
});
|
||||
},
|
||||
FileUploaded: function(up, file, info) {
|
||||
// crmv@228766
|
||||
var response = JSON.parse(info.response);
|
||||
if(response.hasOwnProperty('error')){
|
||||
vtealert(response.error.message);
|
||||
up.removeFile(file);
|
||||
}
|
||||
// crmv@228766e
|
||||
|
||||
// Called when a file has finished uploading
|
||||
jQuery('.plupload_buttons').show();
|
||||
jQuery('.plupload_upload_status').hide();
|
||||
@ -519,7 +526,7 @@ jQuery(document).ready(function() {ldelim}
|
||||
jQuery.ajax({
|
||||
url: 'index.php',
|
||||
method: 'POST',
|
||||
data: "module=Documents&action=DocumentsAjax&file=EmailFile&record={/literal}{$smarty.request.rec}{literal}",
|
||||
data: "module=Documents&action=DocumentsAjax&file=EmailFile&record={/literal}{$smarty.request.rec|@vtlib_purify|escape:'quotes'}{literal}",//crmv@211287
|
||||
success: function(result) {
|
||||
}
|
||||
});
|
||||
@ -689,4 +696,4 @@ function remove_attach(self) {
|
||||
|
||||
{/literal}
|
||||
</script>
|
||||
</html>
|
||||
</html>
|
||||
|
||||
@ -10,15 +10,38 @@
|
||||
* Contributing: http://www.plupload.com/contributing
|
||||
*/
|
||||
|
||||
// Settings
|
||||
$targetDir = 'storage/uploads_emails_'.$_REQUEST['dir']; //crmv@2963m
|
||||
//crmv@228766
|
||||
if(!isset($root_directory)){
|
||||
require('../../../config.inc.php');
|
||||
}
|
||||
chdir($root_directory);
|
||||
require_once('include/utils/utils.php');
|
||||
VteSession::start();
|
||||
if(!VteSession::hasKey('authenticated_user_id')) die('{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Not Authorized."}, "id" : "id"}');
|
||||
// crmv@228766e
|
||||
|
||||
// Settings
|
||||
$targetDir = 'storage/uploads_emails_'.str_replace('../', '', $_REQUEST['dir']);//crmv@2963m crmv@228766
|
||||
|
||||
// crmv@228766
|
||||
$tempRootDir = rtrim($root_directory, "/");
|
||||
// Create target dir
|
||||
if (!file_exists($targetDir)){
|
||||
@mkdir($targetDir);
|
||||
checkIfPathIsInStorage($targetDir, $tempRootDir);
|
||||
|
||||
@file_put_contents($targetDir."/index.html", "<html></html>\n"); // crmv@195947
|
||||
} else {
|
||||
checkIfPathIsInStorage($targetDir, $tempRootDir);
|
||||
}
|
||||
|
||||
function checkIfPathIsInStorage($path, $rootPath){
|
||||
if (strpos(dirname(realpath($path)), $rootPath.'/storage') !== 0){
|
||||
die('{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Bad dir."}, "id" : "id"}');
|
||||
}
|
||||
}
|
||||
// crmv@228766e
|
||||
|
||||
//crmv@81704
|
||||
if ($_REQUEST['ckeditor'] == 'true'){
|
||||
$response_arr = Array(
|
||||
@ -60,7 +83,7 @@ if ($_REQUEST['ckeditor'] == 'true'){
|
||||
}
|
||||
echo Zend_Json::encode($response_arr);
|
||||
exit;
|
||||
|
||||
|
||||
}
|
||||
//crmv@81704 e
|
||||
|
||||
@ -85,6 +108,13 @@ $chunk = isset($_REQUEST["chunk"]) ? $_REQUEST["chunk"] : 0;
|
||||
$chunks = isset($_REQUEST["chunks"]) ? $_REQUEST["chunks"] : 0;
|
||||
$fileName = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
|
||||
|
||||
// crmv@228766
|
||||
$ext = pathinfo($fileName, PATHINFO_EXTENSION);
|
||||
if (is_array($upload_badext) && in_array($ext, $upload_badext)){
|
||||
die('{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "File type not supported."}, "id" : "id"}');
|
||||
}
|
||||
// crmv@228766e
|
||||
|
||||
// Clean the fileName for security reasons
|
||||
$fileName = preg_replace('/[^\w\._]+/', '', $fileName);
|
||||
|
||||
@ -124,7 +154,7 @@ if (isset($_SERVER["HTTP_CONTENT_TYPE"]))
|
||||
|
||||
if (isset($_SERVER["CONTENT_TYPE"]))
|
||||
$contentType = $_SERVER["CONTENT_TYPE"];
|
||||
|
||||
|
||||
// Handle non multipart uploads older WebKit versions didn't support multipart in HTML5
|
||||
if (strpos($contentType, "multipart") !== false) {
|
||||
if (isset($_FILES['file']['tmp_name']) && is_uploaded_file($_FILES['file']['tmp_name'])) {
|
||||
@ -137,7 +167,7 @@ if (strpos($contentType, "multipart") !== false) {
|
||||
if ($in) {
|
||||
while ($buff = fread($in, 4096))
|
||||
fwrite($out, $buff);
|
||||
// crmv@205309
|
||||
// crmv@205309
|
||||
} else {
|
||||
header("HTTP/1.0 500 Internal Server Error");
|
||||
die('{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}');
|
||||
@ -159,8 +189,8 @@ if (strpos($contentType, "multipart") !== false) {
|
||||
}
|
||||
// crmv@205309e
|
||||
}
|
||||
|
||||
// crmv@205309
|
||||
|
||||
// crmv@205309
|
||||
} else {
|
||||
header("HTTP/1.0 500 Internal Server Error");
|
||||
die('{"jsonrpc" : "2.0", "error" : {"code": 103, "message": "Failed to move uploaded file."}, "id" : "id"}');
|
||||
@ -176,7 +206,7 @@ if (strpos($contentType, "multipart") !== false) {
|
||||
if ($in) {
|
||||
while ($buff = fread($in, 4096))
|
||||
fwrite($out, $buff);
|
||||
// crmv@205309
|
||||
// crmv@205309
|
||||
} else {
|
||||
header("HTTP/1.0 500 Internal Server Error");
|
||||
die('{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}');
|
||||
@ -185,7 +215,7 @@ if (strpos($contentType, "multipart") !== false) {
|
||||
|
||||
fclose($in);
|
||||
fclose($out);
|
||||
|
||||
|
||||
} else {
|
||||
// crmv@205309
|
||||
// try to save in database
|
||||
@ -204,4 +234,3 @@ if (strpos($contentType, "multipart") !== false) {
|
||||
// Return JSON-RPC response
|
||||
die('{"jsonrpc" : "2.0", "result" : null, "id" : "id"}');
|
||||
//crmv@22123e
|
||||
?>
|
||||
|
||||
@ -7,9 +7,9 @@ $patch_version = '';
|
||||
$modified_database = '';
|
||||
$vte_legacy_version = '5.2.1';
|
||||
$enterprise_current_version = '20.04.1';
|
||||
$enterprise_current_build = '2208';
|
||||
$enterprise_current_build = '2210';
|
||||
$enterprise_base_build = '2103'; // just to know where we started
|
||||
$enterprise_mode = 'VTENEXT';
|
||||
$enterprise_mode = 'VTENEXTCE';
|
||||
$enterprise_project = '';
|
||||
$enterprise_subversion = '';
|
||||
$enterprise_subversion = 'VTENEXTCE200401';
|
||||
$enterprise_website = array('http://www.vtenext.com','vtenext.com','info@vtenext.com');
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user