Commit 48cdb6a9 authored by Son Nguyen's avatar Son Nguyen

Merge branch 'master' of ssh://reviews.mahara.org:29418/mahara

parents 60631719 6e85afa3
......@@ -15,7 +15,6 @@ define('MENUITEM', 'configusers/uploadcsv');
require(dirname(dirname(dirname(__FILE__))) . '/init.php');
define('TITLE', get_string('uploadcsv', 'admin'));
require_once('institution.php');
require_once('phpmailer/class.phpmailer.php');
safe_require('artefact', 'internal');
// Turn on autodetecting of line endings, so mac newlines (\r) will work
......@@ -290,7 +289,7 @@ function uploadcsv_validate(Pieform $form, $values) {
// Duplicate email within this file.
$csverrors->add($i, get_string('uploadcsverroremailaddresstaken', 'admin', $i, $email));
}
else if (!PHPMailer::ValidateAddress($email)) {
else if (!sanitize_email($email)) {
$csverrors->add($i, get_string('uploadcsverrorinvalidemail', 'admin', $i, $email));
}
else if (!$values['updateusers']) {
......
......@@ -58,12 +58,9 @@ if (!empty($folderid)) {
throw new AccessDeniedException(get_string('cannotextractfileinfoldersubmitted', 'artefact.file'));
}
}
try {
$zipinfo = $file->read_archive();
}
catch (SystemException $e) {
$message = get_string('invalidarchive', 'artefact.file');
}
// Read the archive information, throw an ArchiveException if error
$zipinfo = $file->read_archive();
if ($zipinfo) {
$quotaallowed = false;
......@@ -147,7 +144,12 @@ function unzip_artefact_submit(Pieform $form, $values) {
$from = files_page($file);
if (count($zipinfo->names) > 10) {
$SESSION->set('unzip', array('file' => $file->get('id'), 'from' => $from, 'artefacts' => count($zipinfo->names), 'zipinfo' => $zipinfo));
$SESSION->set('unzip', array('file' => $file->get('id'),
'from' => $from,
'artefacts' => count($zipinfo->names),
'zipinfo' => $zipinfo
)
);
$smarty = smarty();
$smarty->display('artefact:file:extract-progress.tpl');
exit;
......
......@@ -310,7 +310,13 @@ $string['filesextractedfromarchive'] = 'Files extracted from archive';
$string['filesextractedfromziparchive'] = 'Files extracted from Zip archive';
$string['fileswillbeextractedintofolder'] = 'Files will be extracted into %s';
$string['insufficientquotaforunzip'] = 'Your remaining file quota is too small to unzip this file. You can either delete files to free up space or contact your administrator to have your quota increased.';
$string['invalidarchive'] = 'Error reading archive file.';
$string['invalidarchive1'] = 'Invalid archive file.';
$string['invalidarchivehandle'] = 'Invalid archive file handle.';
$string['cannotopenarchive'] = 'Can not open the archive file %s.';
$string['cannotreadarchivecontent'] = 'Can not read the archive content.';
$string['cannotextractarchive'] = 'Unable to extract archive into %s.';
$string['cannotcopytemparchive'] = 'Unable to copy the archive file from %s to %s.';
$string['cannotdeletetemparchive'] = 'Unable to delete the temporary archive file %s.';
$string['pleasewaitwhileyourfilesarebeingunzipped'] = 'Please wait while your files are being unzipped.';
$string['spacerequired'] = 'Space required';
$string['unzipprogress'] = '%s files/folders created.';
......
This diff is collapsed.
......@@ -238,9 +238,8 @@ function profileform_validate(Pieform $form, $values) {
}
if (isset($values['email']['unsent']) && is_array($values['email']['validated'])) {
require_once('phpmailer/class.phpmailer.php');
foreach ($values['email']['unsent'] as $email) {
if (!PHPMailer::ValidateAddress($email)) {
if (!sanitize_email($email)) {
$form->set_error('email', get_string('invalidemailaddress', 'artefact.internal') . ': ' . hsc($email));
break;
}
......
......@@ -462,6 +462,27 @@ function xmldb_auth_webservice_upgrade($oldversion=0) {
}
}
if ($oldversion < 2016071400) {
log_debug('Updating DB names of webservice config fields');
$configstochange = array(
'webservice_enabled' => 'webservice_provider_enabled',
'webservice_soap_enabled' => 'webservice_provider_soap_enabled',
'webservice_xmlrpc_enabled' => 'webservice_provider_xmlrpc_enabled',
'webservice_rest_enabled' => 'webservice_provider_rest_enabled',
'webservice_oauth_enabled' => 'webservice_provider_oauth_enabled',
'webservice_connections_enabled' => 'webservice_requester_enabled'
);
foreach ($configstochange as $old => $new) {
set_config(
$new,
get_config($old)
);
delete_records('config', 'field', $old);
}
}
// sweep for webservice updates everytime
$status = external_reload_webservices();
......
......@@ -84,15 +84,15 @@ $string['consumer'] = 'Consumer key';
$string['secret'] = 'Secret';
// core webservices strings start here
$string['control_webservices1'] = 'Use web services: ';
$string['control_webservices'] = 'Switch web services on or off: ';
$string['control_webservices_connections'] = 'Switch web service connections on or off: ';
$string['masterswitch'] = 'Web services master switch';
$string['connectionsmasterswitch'] = 'Web service client connections master switch';
$string['webservice_requester_enabled_label'] = 'Web service requester master switch';
$string['webservice_requester_enabled_label2'] = 'Allow outgoing web service requests:';
$string['webservice_provider_enabled_label'] = 'Web service provider master switch';
$string['webservice_provider_enabled_label2'] = 'Accept incoming web service requests:';
$string['formatdate'] = '';
$string['protocolswitches'] = 'Switch protocols on or off';
$string['webservice_master_switches'] = 'Enable web service functionality';
$string['connectionsswitch'] = 'Switch managed client connections on or off';
$string['manage_protocols'] = 'Enable or disable protocols that are to be supported:';
$string['manage_protocols1'] = 'Enable or disable protocols supported as a web services provider:';
$string['protocol'] = 'Protocol';
$string['rest'] = 'REST';
$string['soap'] = 'SOAP';
......
......@@ -188,7 +188,7 @@ class PluginAuthWebservice extends PluginAuth {
// activate webservices
foreach (array('soap', 'xmlrpc', 'rest', 'oauth') as $proto) {
set_config('webservice_' . $proto.'_enabled', 1);
set_config('webservice_provider_' . $proto.'_enabled', 1);
}
}
}
......
......@@ -12,7 +12,7 @@
defined('INTERNAL') || die();
$config = new StdClass;
$config->version = 2014112800;
$config->release = '1.0.1';
$config->version = 2016071400;
$config->release = '1.1.0';
$config->requires_config = 0;
$config->requires_parent = 0;
......@@ -837,6 +837,9 @@ $string['phpuploaderror_6'] = 'Missing a temporary folder.';
$string['phpuploaderror_7'] = 'Failed to write file to disk. Check that your filesystem has enough space to write to the Mahara dataroot and/or the PHP \'upload_tmp_dir\' directories.';
$string['phpuploaderror_8'] = 'File upload stopped by extension.';
$string['adminphpuploaderror'] = 'A file upload error was probably caused by your server configuration.';
$string['noinputnamesupplied'] = 'No input name is provided.';
$string['cannotrenametempfile'] = 'Can not rename the temporary file.';
$string['failedmovingfiletodataroot'] = 'Can not move uploaded file to dataroot.';
$string['youraccounthasbeensuspendedtext2'] = 'Your account at %s has been suspended by %s.'; // @todo: more info?
$string['youraccounthasbeensuspendedtextcron'] = 'Your account at %s has been suspended.';
......
......@@ -1062,3 +1062,17 @@ class ExportException extends SystemException {
return $this->getMessage();
}
}
/**
* An exception related to read/write/extract archive artefact
*/
class ArchiveException extends SystemException {
public function strings() {
return array_merge(parent::strings(),
array('message' => get_string('invalidarchive1', 'artefact.file'),
'title' => get_string('invalidarchive1', 'artefact.file')));
}
public function render_exception() {
return $this->getMessage();
}
}
......@@ -2058,7 +2058,7 @@ abstract class Plugin implements IPlugin {
global $USER;
// is the web service connection switch enabled?
if (!get_config('webservice_connections_enabled')) {
if (!get_config('webservice_requester_enabled')) {
log_debug('get_webservice_connections: disabled');
return array();
}
......@@ -4269,7 +4269,8 @@ function is_https() {
}
function sanitize_email($value) {
if (filter_var($value, FILTER_VALIDATE_EMAIL) === false) {
require_once('phpmailer/class.phpmailer.php');
if (!PHPMailer::validateAddress($value)) {
return '';
}
return $value;
......
......@@ -37,7 +37,7 @@
* the address.
*/
function pieform_rule_email(Pieform $form, $value, $element) {/*{{{*/
if (!preg_match('/^[A-Za-z0-9+\._%-]+@(?:[A-Za-z0-9-]+\.)+[a-z]{2,4}$/', $value)) {
if (!sanitize_email($value)) {
return $form->i18n('rule', 'email', 'email', $element);
}
}/*}}}*/
}
This diff is collapsed.
......@@ -71,11 +71,11 @@ class upload_manager {
return false;
}
else {
return get_string('noinputnamesupplied');
return get_string('noinputnamesupplied', 'mahara');
}
}
$file = $_FILES[$name];
$file = $_FILES[$name];
$maxsize = get_config('maxuploadsize');
if (isset($this->inputindex)) {
$size = $file['size'][$this->inputindex];
......@@ -190,7 +190,7 @@ class upload_manager {
chmod($destination . '/' . $newname, get_config('filepermissions'));
return false;
}
return get_string('failedmovingfiletodataroot');
return get_string('failedmovingfiletodataroot', 'mahara');
}
......
......@@ -16,7 +16,7 @@ $config = new stdClass();
// See https://wiki.mahara.org/wiki/Developer_Area/Version_Numbering_Policy
// For upgrades on stable branches, increment the version by one. On master, use the date.
$config->version = 2016082400;
$config->version = 2016082900;
$config->series = '16.10';
$config->release = '16.10dev';
$config->minupgradefrom = 2012080604;
......
This diff is collapsed.
......@@ -706,16 +706,17 @@ class external_multiple_structure extends external_description {
*/
class external_function_parameters extends external_single_structure {
}
/**
* Is protocol enabled?
* @param string $protocol name of WS protocol
* @return bool
*/
function webservice_protocol_is_enabled($protocol) {
if (!get_config('webservice_enabled')) {
if (!get_config('webservice_provider_enabled')) {
return false;
}
return get_config('webservice_'.$protocol.'_enabled');
return get_config('webservice_provider_'.$protocol.'_enabled');
}
//=== WS classes ===
......
......@@ -48,7 +48,7 @@ if ($result = $SESSION->get('ws_call_results')) {
// add protocol choice
$popts = array();
foreach (array('soap', 'xmlrpc', 'rest') as $proto) {
$enabled = (get_config('webservice_'.$proto.'_enabled') || 0);
$enabled = (get_config('webservice_provider_'.$proto.'_enabled') || 0);
if ($enabled) {
$popts[$proto] = get_string($proto, 'auth.webservice');
}
......@@ -239,7 +239,7 @@ safe_require('auth', 'webservice');
$smarty->assign('form', $form);
// Check that webservices is enabled
$smarty->assign('disabled', (get_config('webservice_enabled') ? false : true));
$smarty->assign('disabled', (get_config('webservice_provider_enabled') ? false : true));
$smarty->assign('disabledhttps', ((!is_https() && get_config('productionmode')) ? true : false));
$smarty->assign('disabledprotocols', (empty($elements['protocol']['options']) ? get_config('wwwroot') . 'webservice/admin/index.php' : false));
$smarty->display('auth:webservice:testclient.tpl');
......
......@@ -86,11 +86,11 @@ class WebServiceTestBase extends MaharaUnitTest {
$USER->id = 1;
$USER->admin = 1;
set_config('webservice_enabled', true);
set_config('webservice_rest_enabled', true);
set_config('webservice_xmlrpc_enabled', true);
set_config('webservice_soap_enabled', true);
set_config('webservice_oauth_enabled', true);
set_config('webservice_provider_enabled', true);
set_config('webservice_provider_rest_enabled', true);
set_config('webservice_provider_xmlrpc_enabled', true);
set_config('webservice_provider_soap_enabled', true);
set_config('webservice_provider_oauth_enabled', true);
//token to test
$this->servicename = 'test webservices';
......
{
"name": "mahara-themes",
"version": "1.0.1",
"version": "1.0.2",
"description": "Compiles SASS files into CSS for all Mahara themes",
"main": "gulpfile.js",
"dependencies": {
"gulp": "^3.9.0",
"gulp": "^3.9.1",
"gulp-clean-css": "^2.0.6",
"gulp-sass": "^2.0.1",
"gulp-sass": "^2.3.2",
"gulp-help": "^1.6.1",
"path": "^0.11.14",
"event-stream": "^3.3.1",
"globule": "^0.2.0",
"event-stream": "^3.3.4",
"globule": "^1.0.0",
"gulp-bless": "3.0.1",
"gulp-autoprefixer": "^3.0.1",
"es6-promise": "^3.0.2",
"gulp-autoprefixer": "^3.1.1",
"es6-promise": "^3.2.1",
"yargs": "^3.27.0",
"gulp-if": "^2.0.0"
"gulp-if": "^2.0.1"
},
"devDependencies": {},
"scripts": {
......
......@@ -15,7 +15,7 @@ Scenario: Turning master switch on
And I follow "Administration"
And I choose "Configuration" in "Web services"
# Turning the master switch on
And I enable the switch "Use web services:"
And I enable the switch "Accept incoming web service requests:"
When I go to "/webservice/testclient.php"
And I should not see "The web service authentication plugin is disabled"
And I log out
......
......@@ -4,17 +4,20 @@ In order to be able to access the webservies menus successfully
As an admin
So I can benefit from the mahara/moodle cross over.
Scenario: Turning Master swtiches and protocol switches on checking test client page is accessible (Bug 1431540)
Scenario: Testing web service admin page on/off switches, and checking test client page is accessible (Bug 1431540)
Given I log in as "admin" with password "Kupuhipa1"
And I follow "Administration"
And I choose "Configuration" in "Web services"
# Turning the master switch on
And I enable the switch "Use web services:"
# Turning the master switch off so the protocols are disabled
And I disable the switch "Use web services:"
# Turning the master switch back on
And I enable the switch "Use web services:"
And I should see "You need to enable at least one Protocol"
# Toggle Web service requester master switch
And I disable the switch "Allow outgoing web service requests:"
And I enable the switch "Allow outgoing web service requests:"
# Turning the Web service provider master switch on
And I enable the switch "Accept incoming web service requests:"
# Turning the Web service provider master switch off so the protocols are disabled
And I disable the switch "Accept incoming web service requests:"
# Turning the Web service provider master switch back on
And I enable the switch "Accept incoming web service requests:"
And I should see "You need to enable at least one protocol"
# Turning a protocol on
And I enable the switch "SOAP:"
# Navigating to the test client page to see it's accessible
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment