tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-31 01:35:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-9045-mensaje-de-error-por-falta-de-acceso-fallos-de-formato' into 'develop'

Browse Source 
Ent 9045 mensaje de error por falta de acceso fallos de formato

#9045 https://brutus.artica.es:8081/artica/pandora_enterprise/-/issues/9045

See merge request artica/pandorafms!5004
This commit is contained in:
Jimmy Olano 2022-07-22 14:39:18 +00:00
commit 7b411ae0de
2 changed files with 124 additions and 111 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

210
pandora_console/general/noaccess.php
View File

@ -1,98 +1,115 @@
<html> <html>
<head> <head>
<link rel="stylesheet" href="<?php echo $config['homeurl']; ?>include/styles/pandora_minimal.css" type="text/css" />
<link rel="stylesheet" href="<?php echo $config['homeurl']; ?>include/styles/js/jquery-ui.min.css" type="text/css" />
<link rel="stylesheet" href="<?php echo $config['homeurl']; ?>include/styles/js/jquery-ui_custom.css" type="text/css" />
<link rel="stylesheet" href="<?php echo $config['homeurl']; ?>include/styles/select2.min.css" type="text/css" />
<link rel="stylesheet" href="<?php echo $config['homeurl']; ?>include/styles/pandora.css" type="text/css" />
<script type='text/javascript' src='<?php echo $config['homeurl']; ?>include/javascript/jquery.current.js'></script>
<script type='text/javascript' src='<?php echo $config['homeurl']; ?>include/javascript/jquery.pandora.js'></script>
<script type='text/javascript' src='<?php echo $config['homeurl']; ?>include/javascript/jquery-ui.min.js'></script>
<script type='text/javascript' src='<?php echo $config['homeurl']; ?>include/javascript/select2.min.js'></script>
<script type='text/javascript' src='<?php echo $config['homeurl']; ?>include/javascript/pandora.js'></script>
<script type='text/javascript' src='<?php echo $config['homeurl']; ?>include/javascript/pandora_ui.js'></script>
<style> <style>
#alert_messages_na {
z-index: 2;
position: absolute;
left: 50%;
top: 50%;
transform: translate(-50%, -50%);
-webkit-transform: translate(-50%, -50%);
width: 650px;
height: 400px;
background: white;
background-repeat: no-repeat;
justify-content: center;
display: flex;
flex-direction: column;
box-shadow: 4px 5px 10px 3px rgba(0, 0, 0, 0.4);
}
#alert_messages_na{ .modalheade {
z-index:2; text-align: center;
position: absolute; width: 100%;
left: 50%; position: absolute;
top: 50%; top: 0;
transform: translate(-50%, -50%); }
-webkit-transform: translate(-50%, -50%);
width:650px;
height: 400px;
background:white;
background-image:url('images/imagen-no-acceso.jpg');
background-repeat:no-repeat;
justify-content: center;
display: flex;
flex-direction: column;
box-shadow:4px 5px 10px 3px rgba(0, 0, 0, 0.4);
}
.modalheade{ .modalheadertex {
text-align:center; color: #000;
width:100%; line-height: 40px;
position:absolute; font-size: 23pt;
top:0; margin-bottom: 30px;
} }
.modalheadertex{
color:#000; .modalclose {
line-height: 40px; cursor: pointer;
font-size: 23pt; display: inline;
margin-bottom:30px; float: right;
} margin-right: 10px;
.modalclose{ margin-top: 10px;
cursor:pointer; }
display:inline;
float:right; .modalconten {
margin-right:10px; color: black;
margin-top:10px; width: 300px;
} margin-left: 30px;
.modalconten{ }
color:black;
width:300px; .modalcontenttex {
margin-left: 30px; text-align: left;
} color: black;
.modalcontenttex{ font-size: 11pt;
text-align:left; line-height: 13pt;
color:black; margin-bottom: 30px;
font-size: 11pt; }
line-height:13pt;
margin-bottom:30px; .modalokbutto {
} cursor: pointer;
.modalokbutto{ text-align: center;
cursor:pointer; display: inline-block;
text-align:center; padding: 6px 45px;
display: inline-block; -moz-border-radius: 3px;
padding: 6px 45px; -webkit-border-radius: 3px;
-moz-border-radius: 3px; border-radius: 3px;
-webkit-border-radius: 3px; background-color: white;
border-radius: 3px; border: 1px solid #82b92e;
background-color:white; }
border: 1px solid #82b92e;
} .modalokbuttontex {
.modalokbuttontex{ color: #82b92e;
color:#82b92e; font-size: 13pt;
font-size:13pt; }
}
.modalgobutto{ .modalgobutto {
cursor:pointer; cursor: pointer;
text-align:center; text-align: center;
-moz-border-radius: 3px; -moz-border-radius: 3px;
-webkit-border-radius: 3px; -webkit-border-radius: 3px;
border-radius: 3px; border-radius: 3px;
background-color:white; background-color: white;
border: 1px solid #82b92e; border: 1px solid #82b92e;
} }
.modalgobuttontex{
color:#82b92e; .modalgobuttontex {
font-size:10pt; color: #82b92e;
} font-size: 10pt;
}
#opacidad{ #opacidad {
position:fixed; position: fixed;
background:black; background: black;
opacity:0.6; opacity: 0.6;
z-index:-1; z-index: -1;
left:0px; left: 0px;
top:0px; top: 0px;
width:100%; width: 100%;
height:100%; height: 100%;
} }
/* /*
.textodialog{ .textodialog{
margin-left: 0px; margin-left: 0px;
color:#333; color:#333;
@ -119,15 +136,15 @@ font-size:10pt;
</head> </head>
<body> <body>
<div id="alert_messages_na"> <div id="alert_messages_na" style='background-image: url(<?php echo ui_get_full_url('images/imagen-no-acceso.jpg', false, false, false); ?>)'>
<div class='modalheade'> <div class='modalheade'>
<img class='modalclose cerrar' src='<?php echo $config['homeurl']; ?>images/input_cross.png'> <img class='modalclose cerrar' src='<?php echo $config['homeurl']; ?>images/input_cross.png'>
</div> </div>
<div class='modalconten'> <div class='modalconten'>
<div class='modalheadertex'> <div class='modalheadertex' style='font-size: 23pt'>
<?php echo __("You don't have access to this page"); ?> <?php echo __('You do not have access to this page'); ?>
</div> </div>
<div class='modalcontenttex'> <div class='modalcontenttex'>
@ -141,7 +158,6 @@ font-size:10pt;
} }
} }
?> ?>
</div> </div>
<div class='modalokbutto cerrar'> <div class='modalokbutto cerrar'>
@ -149,18 +165,14 @@ font-size:10pt;
</div> </div>
</div> </div>
</div> </div>
<div id="opacidad"></div> <div id="opacidad"></div>
</body> </body>
</html> </html>
<script> <script>
$(".cerrar").click(function() {
$(".cerrar").click(function(){ window.location = "<?php echo $config['homeurl']; ?>";
window.location=".";
}); });
$('div#page').css('background-color','#d3d3d3'); $('div#page').css('background-color', '#d3d3d3');
</script> </script>

15
pandora_console/include/get_file.php
View File

@ -46,6 +46,12 @@ $hash = get_parameter('hash');
$file_raw = get_parameter('file'); $file_raw = get_parameter('file');
$file = base64_decode(urldecode($file_raw)); $file = base64_decode(urldecode($file_raw));
// Avoid possible inifite loop with referer.
if (isset($_SERVER['HTTP_ORIGIN']) === false || (isset($_SERVER['HTTP_ORIGIN']) === true && $_SERVER['HTTP_REFERER'] === $_SERVER['HTTP_ORIGIN'].$_SERVER['REQUEST_URI'])) {
$refererPath = ui_get_full_url('index.php');
} else {
$refererPath = $_SERVER['HTTP_REFERER'];
}
if (empty($file) === true || empty($hash) === true || $hash !== md5($file_raw.$config['server_unique_identifier']) || isset($_SERVER['HTTP_REFERER']) === false) { if (empty($file) === true || empty($hash) === true || $hash !== md5($file_raw.$config['server_unique_identifier']) || isset($_SERVER['HTTP_REFERER']) === false) {
$errorMessage = __('Security error. Please contact the administrator.'); $errorMessage = __('Security error. Please contact the administrator.');
@ -84,12 +90,6 @@ if (empty($file) === true || empty($hash) === true || $hash !== md5($file_raw.$c
if (empty($downloadable_file) === true || file_exists($downloadable_file) === false) { if (empty($downloadable_file) === true || file_exists($downloadable_file) === false) {
$errorMessage = __('File is missing in disk storage. Please contact the administrator.'); $errorMessage = __('File is missing in disk storage. Please contact the administrator.');
// Avoid possible inifite loop with referer.
if (isset($_SERVER['HTTP_ORIGIN']) === true && $_SERVER['HTTP_REFERER'] === $_SERVER['HTTP_ORIGIN'].$_SERVER['REQUEST_URI']) {
$refererPath = ui_get_full_url('index.php');
} else {
$refererPath = $_SERVER['HTTP_REFERER'];
}
} else { } else {
// Everything went well. // Everything went well.
header('Content-type: aplication/octet-stream;'); header('Content-type: aplication/octet-stream;');
@ -106,11 +106,12 @@ if (empty($file) === true || empty($hash) === true || $hash !== md5($file_raw.$c
document.addEventListener('DOMContentLoaded', function () { document.addEventListener('DOMContentLoaded', function () {
var refererPath = '<?php echo $refererPath; ?>'; var refererPath = '<?php echo $refererPath; ?>';
var errorFileOutput = '<?php echo $errorMessage; ?>'; var errorFileOutput = '<?php echo $errorMessage; ?>';
if(refererPath != ''){
document.body.innerHTML = `<form action="` + refererPath + `" name="failedReturn" method="post" style="display:none;"> document.body.innerHTML = `<form action="` + refererPath + `" name="failedReturn" method="post" style="display:none;">
<input type="hidden" name="errorFileOutput" value="` + errorFileOutput + `" /> <input type="hidden" name="errorFileOutput" value="` + errorFileOutput + `" />
</form>`; </form>`;
document.forms['failedReturn'].submit(); document.forms['failedReturn'].submit();
}
}, false); }, false);
</script> </script>