[0000313] Fixed multiply vulnerabilities.

[fa-stable.git] / reporting / prn_redirect.php

diff --git a/reporting/prn_redirect.php b/reporting/prn_redirect.php
index 2a2b7609a7de815eaf78c88fd9464fba5adea9bd..d827aaa3e6a783e8422edcc8fe4500521ee1ec87 100644 (file)
--- a/reporting/prn_redirect.php
+++ b/reporting/prn_redirect.php
@@ -14,9 +14,45 @@
        print button in reporting module. 
 */
 $path_to_root = "..";
-$page_security = 2;    // this level is later overriden in rep file
+$page_security = 'SA_OPEN';    // this level is later overriden in rep file
 include_once($path_to_root . "/includes/session.inc");
 
+if (isset($save_report_selections) && $save_report_selections > 0 && isset($_POST['REP_ID'])) {        // save parameters from Report Center
+       for($i=0; $i<10; $i++) { // 2010-10-06 Joe Hunt
+               if (isset($_POST['PARAM_'.$i]) && !is_array($_POST['PARAM_'.$i])) {
+                       $rep = $_POST['REP_ID'];
+                       setcookie("select[$rep][$i]", $_POST['PARAM_'.$i], time()+60*60*24*$save_report_selections); // days from $save_report_selections
+               }       
+       }
+}      
+
+if (isset($_GET['xls']))
+{
+       $filename = $_GET['filename'];
+       $unique_name = preg_replace('/[^0-9a-z.]/i', '', $_GET['unique']);
+       $path =  company_path(). '/pdf_files/';
+       header("Content-type: application/vnd.ms-excel");
+       header("Content-Disposition: attachment; filename=$filename" );
+       header("Expires: 0");
+       header("Cache-Control: must-revalidate, post-check=0,pre-check=0");
+       header("Pragma: public");
+       echo file_get_contents($path.$unique_name);
+       exit();
+}
+elseif (isset($_GET['xml']))
+{
+       $filename = $_GET['filename'];
+       $unique_name = preg_replace('/[^0-9a-z.]/i', '', $_GET['unique']);
+       $path =  company_path(). '/pdf_files/';
+       header("content-type: text/xml");
+       header("Content-Disposition: attachment; filename=$filename");
+       header("Expires: 0");
+       header("Cache-Control: must-revalidate, post-check=0,pre-check=0");
+       header("Pragma: public");
+       echo file_get_contents($path.$unique_name);
+       exit();
+}
+       
 if (!isset($_POST['REP_ID'])) {        // print link clicked
        $def_pars = array(0, 0, '', '', 0, '', '', 0); //default values
        $rep = $_POST['REP_ID'] = $_GET['REP_ID'];
@@ -25,12 +61,15 @@ if (!isset($_POST['REP_ID'])) {     // print link clicked
                        ? $_GET['PARAM_'.$i] : $def_pars[$i];
        }
 }
-$rep = $_POST['REP_ID'];
-$rep_file = $comp_path.'/'.user_company()."/reporting/rep$rep.php";
-if (!file_exists($rep_file)) {
-    $rep_file = $path_to_root ."/reporting/rep$rep.php";
-}
-require($rep_file);
+
+$rep = preg_replace('/[^a-z_0-9]/i', '', $_POST['REP_ID']);
+
+$rep_file = find_custom_file("/reporting/rep$rep.php");
+
+if ($rep_file) {
+       require($rep_file);
+} else
+       display_error("Cannot find report file '$rep'");
 exit();
 
 ?>
\ No newline at end of file