From 50062ed6562d3588745bca1fbd12e6ff063d8d74 Mon Sep 17 00:00:00 2001 From: Nik Okuntseff Date: Wed, 14 Nov 2018 16:30:19 +0000 Subject: [PATCH] Another try to start using new export-import. --- WEB-INF/lib/ttGroupExportHelper.class.php | 40 +++++++++++------------ WEB-INF/templates/footer.tpl | 2 +- export.php | 8 ++--- import.php | 8 ++--- 4 files changed, 29 insertions(+), 29 deletions(-) diff --git a/WEB-INF/lib/ttGroupExportHelper.class.php b/WEB-INF/lib/ttGroupExportHelper.class.php index ce3dbb67..4e6daad2 100644 --- a/WEB-INF/lib/ttGroupExportHelper.class.php +++ b/WEB-INF/lib/ttGroupExportHelper.class.php @@ -179,8 +179,8 @@ class ttGroupExportHelper { // Write group info. $group = $this->getGroupData(); - $group_part = "file, $this->indentation." \n"); foreach ($roles as $role) { $role_part = $this->indentation.' '."roleMap[$role['id']]."\""; - $role_part .= " name=\"".htmlentities($role['name'])."\""; - $role_part .= " description=\"".htmlentities($role['description'])."\""; + $role_part .= " name=\"".htmlspecialchars($role['name'])."\""; + $role_part .= " description=\"".htmlspecialchars($role['description'])."\""; $role_part .= " rank=\"".$role['rank']."\""; - $role_part .= " rights=\"".htmlentities($role['rights'])."\""; + $role_part .= " rights=\"".htmlspecialchars($role['rights'])."\""; $role_part .= " status=\"".$role['status']."\""; $role_part .= ">\n"; fwrite($this->file, $role_part); @@ -265,8 +265,8 @@ class ttGroupExportHelper { fwrite($this->file, $this->indentation." \n"); foreach ($tasks as $task) { $task_part = $this->indentation.' '."taskMap[$task['id']]."\""; - $task_part .= " name=\"".htmlentities($task['name'])."\""; - $task_part .= " description=\"".htmlentities($task['description'])."\""; + $task_part .= " name=\"".htmlspecialchars($task['name'])."\""; + $task_part .= " description=\"".htmlspecialchars($task['description'])."\""; $task_part .= " status=\"".$task['status']."\""; $task_part .= ">\n"; fwrite($this->file, $task_part); @@ -286,8 +286,8 @@ class ttGroupExportHelper { $tasks_str = implode(',', $tasks_mapped); } $project_part = $this->indentation.' '."projectMap[$project_item['id']]."\""; - $project_part .= " name=\"".htmlentities($project_item['name'])."\""; - $project_part .= " description=\"".htmlentities($project_item['description'])."\""; + $project_part .= " name=\"".htmlspecialchars($project_item['name'])."\""; + $project_part .= " description=\"".htmlspecialchars($project_item['description'])."\""; $project_part .= " tasks=\"".$tasks_str."\""; $project_part .= " status=\"".$project_item['status']."\""; $project_part .= ">\n"; @@ -308,8 +308,8 @@ class ttGroupExportHelper { $projects_str = implode(',', $projects_mapped); } $client_part = $this->indentation.' '."clientMap[$client_item['id']]."\""; - $client_part .= " name=\"".htmlentities($client_item['name'])."\""; - $client_part .= " address=\"".htmlentities($client_item['address'])."\""; + $client_part .= " name=\"".htmlspecialchars($client_item['name'])."\""; + $client_part .= " address=\"".htmlspecialchars($client_item['address'])."\""; $client_part .= " tax=\"".$client_item['tax']."\""; $client_part .= " projects=\"".$projects_str."\""; $client_part .= " status=\"".$client_item['status']."\""; @@ -325,8 +325,8 @@ class ttGroupExportHelper { foreach ($users as $user_item) { $role_id = $user_item['rank'] == 512 ? 0 : $this->roleMap[$user_item['role_id']]; // Special role_id 0 (not null) for top manager. $user_part = $this->indentation.' '."userMap[$user_item['id']]."\""; - $user_part .= " name=\"".htmlentities($user_item['name'])."\""; - $user_part .= " login=\"".htmlentities($user_item['login'])."\""; + $user_part .= " name=\"".htmlspecialchars($user_item['name'])."\""; + $user_part .= " login=\"".htmlspecialchars($user_item['login'])."\""; $user_part .= " password=\"".$user_item['password']."\""; $user_part .= " role_id=\"".$role_id."\""; $user_part .= " client_id=\"".$this->clientMap[$user_item['client_id']]."\""; @@ -361,7 +361,7 @@ class ttGroupExportHelper { fwrite($this->file, $this->indentation." \n"); foreach ($invoices as $invoice_item) { $invoice_part = $this->indentation.' '."invoiceMap[$invoice_item['id']]."\""; - $invoice_part .= " name=\"".htmlentities($invoice_item['name'])."\""; + $invoice_part .= " name=\"".htmlspecialchars($invoice_item['name'])."\""; $invoice_part .= " date=\"".$invoice_item['date']."\""; $invoice_part .= " client_id=\"".$this->clientMap[$invoice_item['client_id']]."\""; $invoice_part .= " status=\"".$invoice_item['status']."\""; @@ -391,7 +391,7 @@ class ttGroupExportHelper { $log_part .= " project_id=\"".$this->projectMap[$record['project_id']]."\""; $log_part .= " task_id=\"".$this->taskMap[$record['task_id']]."\""; $log_part .= " invoice_id=\"".$this->invoiceMap[$record['invoice_id']]."\""; - $log_part .= " comment=\"".htmlentities($record['comment'])."\""; + $log_part .= " comment=\"".htmlspecialchars($record['comment'])."\""; $log_part .= " billable=\"".$record['billable']."\""; $log_part .= " paid=\"".$record['paid']."\""; $log_part .= " status=\"".$record['status']."\""; @@ -408,7 +408,7 @@ class ttGroupExportHelper { foreach ($custom_fields as $custom_field) { $custom_field_part = $this->indentation.' '."customFieldMap[$custom_field['id']]."\""; $custom_field_part .= " type=\"".$custom_field['type']."\""; - $custom_field_part .= " label=\"".htmlentities($custom_field['label'])."\""; + $custom_field_part .= " label=\"".htmlspecialchars($custom_field['label'])."\""; $custom_field_part .= " required=\"".$custom_field['required']."\""; $custom_field_part .= " status=\"".$custom_field['status']."\""; $custom_field_part .= ">\n"; @@ -423,7 +423,7 @@ class ttGroupExportHelper { foreach ($custom_field_options as $option) { $custom_field_option_part = $this->indentation.' '."customFieldOptionMap[$option['id']]."\""; $custom_field_option_part .= " field_id=\"".$this->customFieldMap[$option['field_id']]."\""; - $custom_field_option_part .= " value=\"".htmlentities($option['value'])."\""; + $custom_field_option_part .= " value=\"".htmlspecialchars($option['value'])."\""; $custom_field_option_part .= ">\n"; fwrite($this->file, $custom_field_option_part); } @@ -438,7 +438,7 @@ class ttGroupExportHelper { $custom_field_log_part = $this->indentation.' '."logMap[$entry['log_id']]."\""; $custom_field_log_part .= " field_id=\"".$this->customFieldMap[$entry['field_id']]."\""; $custom_field_log_part .= " option_id=\"".$this->customFieldOptionMap[$entry['option_id']]."\""; - $custom_field_log_part .= " value=\"".htmlentities($entry['value'])."\""; + $custom_field_log_part .= " value=\"".htmlspecialchars($entry['value'])."\""; $custom_field_log_part .= " status=\"".$entry['status']."\""; $custom_field_log_part .= ">\n"; fwrite($this->file, $custom_field_log_part); @@ -455,7 +455,7 @@ class ttGroupExportHelper { $expense_item_part .= " user_id=\"".$this->userMap[$expense_item['user_id']]."\""; $expense_item_part .= " client_id=\"".$this->clientMap[$expense_item['client_id']]."\""; $expense_item_part .= " project_id=\"".$this->projectMap[$expense_item['project_id']]."\""; - $expense_item_part .= " name=\"".htmlentities($expense_item['name'])."\""; + $expense_item_part .= " name=\"".htmlspecialchars($expense_item['name'])."\""; $expense_item_part .= " cost=\"".$expense_item['cost']."\""; $expense_item_part .= " invoice_id=\"".$this->invoiceMap[$expense_item['invoice_id']]."\""; $expense_item_part .= " paid=\"".$expense_item['paid']."\""; @@ -494,7 +494,7 @@ class ttGroupExportHelper { } } $fav_report_part = $this->indentation.' '."userMap[$fav_report['user_id']]."\""; - $fav_report_part .= " name=\"".htmlentities($fav_report['name'])."\""; + $fav_report_part .= " name=\"".htmlspecialchars($fav_report['name'])."\""; $fav_report_part .= " client_id=\"".$this->clientMap[$fav_report['client_id']]."\""; $fav_report_part .= " cf_1_option_id=\"".$this->customFieldOptionMap[$fav_report['cf_1_option_id']]."\""; $fav_report_part .= " project_id=\"".$this->projectMap[$fav_report['project_id']]."\""; diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index 218053a7..e6132be1 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.18.12.4422 | Copyright © Anuko | +  Anuko Time Tracker 1.18.12.4423 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/export.php b/export.php index cf3bccfa..f278b7c9 100644 --- a/export.php +++ b/export.php @@ -57,11 +57,11 @@ if ($request->isPost()) { $mime_type = 'application/x-bzip2'; } - if (defined('SUBGROUP_DEBUG') && isTrue(SUBGROUP_DEBUG)) { +// if (defined('SUBGROUP_DEBUG') && isTrue(SUBGROUP_DEBUG)) { $exportHelper = new ttOrgExportHelper(); - } else { - $exportHelper = new ttExportHelper(); - } +// } else { +// $exportHelper = new ttExportHelper(); +// } if ($exportHelper->createDataFile($compress)) { header('Pragma: public'); // This is needed for IE8 to download files over https. header('Content-Type: '.$mime_type); diff --git a/import.php b/import.php index 235924ac..78630866 100644 --- a/import.php +++ b/import.php @@ -43,11 +43,11 @@ $form->addInput(array('type'=>'upload','name'=>'xmlfile','value'=>'browse','maxs $form->addInput(array('type'=>'submit','name'=>'btn_submit','value'=>$i18n->get('button.import'))); if ($request->isPost()) { - if (defined('SUBGROUP_DEBUG') && isTrue(SUBGROUP_DEBUG)) { +// if (defined('SUBGROUP_DEBUG') && isTrue(SUBGROUP_DEBUG)) { $import = new ttOrgImportHelper($err); - } else { - $import = new ttImportHelper($err); - } +// } else { +// $import = new ttImportHelper($err); +// } $import->importXml(); if ($err->no()) $msg->add($i18n->get('form.import.success')); } // isPost -- 2.20.1