From 1ba02b1395d719e8ff04b4c567b8d717f823be56 Mon Sep 17 00:00:00 2001 From: "russellh@ysmail.net" Date: Tue, 23 Apr 2024 12:16:50 +0100 Subject: [PATCH 01/16] Updated release version to 0.9.7.3 --- ajax.php | 2 +- careers/index.php | 2 +- constants.php | 2 +- index.php | 2 +- modules/activity/dataGrids.php | 2 +- modules/companies/dataGrids.php | 2 +- modules/contacts/dataGrids.php | 2 +- modules/home/dataGrids.php | 2 +- modules/joborders/dataGrids.php | 2 +- modules/lists/dataGrids.php | 2 +- rss/index.php | 2 +- xml/index.php | 2 +- 12 files changed, 12 insertions(+), 12 deletions(-) diff --git a/ajax.php b/ajax.php index 8dc4f499..ed418ac9 100644 --- a/ajax.php +++ b/ajax.php @@ -3,7 +3,7 @@ * CATS * AJAX Delegation Module * - * CATS Version: 0.9.7.2 + * CATS Version: -s * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/careers/index.php b/careers/index.php index 606fb1d8..56c602ef 100644 --- a/careers/index.php +++ b/careers/index.php @@ -3,7 +3,7 @@ * CATS * Careers Page Display Module * - * CATS Version: 0.9.7.2 + * CATS Version: -s * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/constants.php b/constants.php index 519a0100..7bb01443 100644 --- a/constants.php +++ b/constants.php @@ -42,7 +42,7 @@ /* CATS Version */ -define('CATS_VERSION', '0.9.7.2'); +define('CATS_VERSION', '-s'); /* Copyright information at bottom of pages. */ diff --git a/index.php b/index.php index 95cebe47..63c612ee 100644 --- a/index.php +++ b/index.php @@ -3,7 +3,7 @@ * CATS * Index (Delegation Module) * - * CATS Version: 0.9.7.2 + * CATS Version: -s * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/modules/activity/dataGrids.php b/modules/activity/dataGrids.php index d85b400f..ab26c129 100644 --- a/modules/activity/dataGrids.php +++ b/modules/activity/dataGrids.php @@ -3,7 +3,7 @@ * CATS * Contacts Datagrid * - * CATS Version: 0.9.7.2 + * CATS Version: -s * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/modules/companies/dataGrids.php b/modules/companies/dataGrids.php index 83a8449e..428b01e9 100644 --- a/modules/companies/dataGrids.php +++ b/modules/companies/dataGrids.php @@ -3,7 +3,7 @@ * CATS * Companies Datagrid * - * CATS Version: 0.9.7.2 + * CATS Version: -s * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/modules/contacts/dataGrids.php b/modules/contacts/dataGrids.php index 1e928a6b..07606fbe 100644 --- a/modules/contacts/dataGrids.php +++ b/modules/contacts/dataGrids.php @@ -3,7 +3,7 @@ * CATS * Contacts Datagrid * - * CATS Version: 0.9.7.2 + * CATS Version: -s * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/modules/home/dataGrids.php b/modules/home/dataGrids.php index 9d9be226..ac5d08f7 100644 --- a/modules/home/dataGrids.php +++ b/modules/home/dataGrids.php @@ -3,7 +3,7 @@ * CATS * Home Datagrid * - * CATS Version: 0.9.7.2 + * CATS Version: -s * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/modules/joborders/dataGrids.php b/modules/joborders/dataGrids.php index 8ddaa1c7..67670330 100644 --- a/modules/joborders/dataGrids.php +++ b/modules/joborders/dataGrids.php @@ -3,7 +3,7 @@ * CATS * Joborder Datagrid * - * CATS Version: 0.9.7.2 + * CATS Version: -s * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/modules/lists/dataGrids.php b/modules/lists/dataGrids.php index 5a650403..5e0a5220 100644 --- a/modules/lists/dataGrids.php +++ b/modules/lists/dataGrids.php @@ -3,7 +3,7 @@ * CATS * Companies Datagrid * - * CATS Version: 0.9.7.2 + * CATS Version: -s * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/rss/index.php b/rss/index.php index 8de9b051..e6063f5f 100644 --- a/rss/index.php +++ b/rss/index.php @@ -3,7 +3,7 @@ * CATS * RSS Display Module * - * CATS Version: 0.9.7.2 + * CATS Version: -s * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/xml/index.php b/xml/index.php index ea786ea1..3baf5720 100644 --- a/xml/index.php +++ b/xml/index.php @@ -3,7 +3,7 @@ * CATS * RSS Display Module * - * CATS Version: 0.9.7.2 + * CATS Version: -s * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * From 5781f41814f09493c7ce05b9251b5e09c1aff0cd Mon Sep 17 00:00:00 2001 From: "russellh@ysmail.net" Date: Tue, 23 Apr 2024 12:33:01 +0100 Subject: [PATCH 02/16] Updated release version to 0.9.7.4 --- ajax.php | 2 +- careers/index.php | 2 +- constants.php | 2 +- index.php | 2 +- modules/activity/dataGrids.php | 2 +- modules/companies/dataGrids.php | 2 +- modules/contacts/dataGrids.php | 2 +- modules/home/dataGrids.php | 2 +- modules/joborders/dataGrids.php | 2 +- modules/lists/dataGrids.php | 2 +- rss/index.php | 2 +- xml/index.php | 2 +- 12 files changed, 12 insertions(+), 12 deletions(-) diff --git a/ajax.php b/ajax.php index ed418ac9..f6f65d1b 100644 --- a/ajax.php +++ b/ajax.php @@ -3,7 +3,7 @@ * CATS * AJAX Delegation Module * - * CATS Version: -s + * CATS Version: 0.9.7.4 * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/careers/index.php b/careers/index.php index 56c602ef..803fb7cd 100644 --- a/careers/index.php +++ b/careers/index.php @@ -3,7 +3,7 @@ * CATS * Careers Page Display Module * - * CATS Version: -s + * CATS Version: 0.9.7.4 * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/constants.php b/constants.php index 7bb01443..6ec88df0 100644 --- a/constants.php +++ b/constants.php @@ -42,7 +42,7 @@ /* CATS Version */ -define('CATS_VERSION', '-s'); +define('CATS_VERSION', '0.9.7.4'); /* Copyright information at bottom of pages. */ diff --git a/index.php b/index.php index 63c612ee..e35a864f 100644 --- a/index.php +++ b/index.php @@ -3,7 +3,7 @@ * CATS * Index (Delegation Module) * - * CATS Version: -s + * CATS Version: 0.9.7.4 * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/modules/activity/dataGrids.php b/modules/activity/dataGrids.php index ab26c129..b24ff0a8 100644 --- a/modules/activity/dataGrids.php +++ b/modules/activity/dataGrids.php @@ -3,7 +3,7 @@ * CATS * Contacts Datagrid * - * CATS Version: -s + * CATS Version: 0.9.7.4 * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/modules/companies/dataGrids.php b/modules/companies/dataGrids.php index 428b01e9..f370bdd5 100644 --- a/modules/companies/dataGrids.php +++ b/modules/companies/dataGrids.php @@ -3,7 +3,7 @@ * CATS * Companies Datagrid * - * CATS Version: -s + * CATS Version: 0.9.7.4 * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/modules/contacts/dataGrids.php b/modules/contacts/dataGrids.php index 07606fbe..b841c257 100644 --- a/modules/contacts/dataGrids.php +++ b/modules/contacts/dataGrids.php @@ -3,7 +3,7 @@ * CATS * Contacts Datagrid * - * CATS Version: -s + * CATS Version: 0.9.7.4 * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/modules/home/dataGrids.php b/modules/home/dataGrids.php index ac5d08f7..8409569c 100644 --- a/modules/home/dataGrids.php +++ b/modules/home/dataGrids.php @@ -3,7 +3,7 @@ * CATS * Home Datagrid * - * CATS Version: -s + * CATS Version: 0.9.7.4 * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/modules/joborders/dataGrids.php b/modules/joborders/dataGrids.php index 67670330..55bf1ed2 100644 --- a/modules/joborders/dataGrids.php +++ b/modules/joborders/dataGrids.php @@ -3,7 +3,7 @@ * CATS * Joborder Datagrid * - * CATS Version: -s + * CATS Version: 0.9.7.4 * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/modules/lists/dataGrids.php b/modules/lists/dataGrids.php index 5e0a5220..a4362fb4 100644 --- a/modules/lists/dataGrids.php +++ b/modules/lists/dataGrids.php @@ -3,7 +3,7 @@ * CATS * Companies Datagrid * - * CATS Version: -s + * CATS Version: 0.9.7.4 * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/rss/index.php b/rss/index.php index e6063f5f..501879e7 100644 --- a/rss/index.php +++ b/rss/index.php @@ -3,7 +3,7 @@ * CATS * RSS Display Module * - * CATS Version: -s + * CATS Version: 0.9.7.4 * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * diff --git a/xml/index.php b/xml/index.php index 3baf5720..96ed05d4 100644 --- a/xml/index.php +++ b/xml/index.php @@ -3,7 +3,7 @@ * CATS * RSS Display Module * - * CATS Version: -s + * CATS Version: 0.9.7.4 * * Copyright (C) 2005 - 2007 Cognizo Technologies, Inc. * From a0aa929d204694620e39ad98605d1502f9149616 Mon Sep 17 00:00:00 2001 From: "russellh@ysmail.net" Date: Wed, 24 Apr 2024 09:42:49 +0100 Subject: [PATCH 03/16] Update Travis-CI access to Github API --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 2a3e2951..294cf5f7 100644 --- a/.travis.yml +++ b/.travis.yml @@ -26,7 +26,7 @@ script: deploy: provider: releases api_key: - secure: ke80rN2W+MZWizqUbd9ENVOYLYiQy29oAdyqD61Q2rLunnFXm0LgDv/6Bddav6/Lherv+sFmN6LIa9IF3iD/oO7nUuzuRhsL4E9Pib5Al3TEIDZoOeeXyVinO/v2QaWjs+ufAswUESch0/+8p6bowiwGwaCJw0S4EA+jA/PacKHYxYG2cIbk9Rl7/HlSmirAQpkw2n+xUx4pQZj0bQRd5mILFxyLuFa5ct8y3Ya+Bo4gCBgJnXEITufbeuQmcEeK/4Zec8G5xZOIfoiTV7gT4nEBWl1wUK8FxFoEytG6NrHP8fRSkpgmecuZwzQI1zX5ORZaVTzLpC5Mw10/AZmBWYxkZN9ALYpQ9xKvFhxL4kurRZQOdfpepc3gvC6rCNE0Q+OYHD38Y3Nb6rdnOcqdkROdNkPPL+OierOgatgG4grlYLZq4tu9fnqRXYgT4UNrDiV6hAG8OPIIkHRWItPIr5HIjGkAPIos/fs20rBan/uqms9vZjzijfUjOwbold5t1fMTuO1zx/UytANunIWMbajP8puuO+GeEAB8vkE9CBC7ZR+pXDqap3qewCmg4FeclPc24wPcYUM0RRUSOFrBarlM/pQBHIidkgrh3hu48qyXGTw/HzxrgzEatKBgR+Nht2dKml7uEFTJVZnq91VVjlnYOlNv4u+jgNt8z0VxG7Q= + secure: $GITHUB_TOKEN file: - $TRAVIS_BUILD_DIR/opencats-$TRAVIS_TAG-full.tar.gz - $TRAVIS_BUILD_DIR/opencats-$TRAVIS_TAG-full.zip From 2f04c496ebc4f7af396e6030ff53607c85f96834 Mon Sep 17 00:00:00 2001 From: "russellh@ysmail.net" Date: Wed, 24 Apr 2024 11:47:18 +0100 Subject: [PATCH 04/16] remove copyright --- constants.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/constants.php b/constants.php index 6ec88df0..48d4f023 100644 --- a/constants.php +++ b/constants.php @@ -46,7 +46,7 @@ /* Copyright information at bottom of pages. */ -define('COPYRIGHT_HTML', '© 2007-2023 OpenCATS.'); +define('COPYRIGHT_HTML', ''); /* HTTP response codes. */ define('HTTP_OK', 200); From 6871a55c41d427fcdb9733767386ab3119702788 Mon Sep 17 00:00:00 2001 From: "russellh@ysmail.net" Date: Wed, 24 Apr 2024 15:46:41 +0100 Subject: [PATCH 05/16] update travis.yml for travis removal of .org option --- .travis.yml | 35 +++++++++++++++++------------------ 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/.travis.yml b/.travis.yml index 294cf5f7..1c3f9e0a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,35 +1,34 @@ sudo: required services: - - docker - +- docker env: COMPOSE_VERSION: v2.16.0 - before_install: - - sudo apt-get update -qq - - sudo apt-get -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confnew install docker-ce - - curl -L https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose - - chmod +x docker-compose - - sudo mv docker-compose /usr/local/bin - +- sudo apt-get update -qq +- sudo apt-get -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confnew + install docker-ce +- curl -L https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-`uname + -s`-`uname -m` > docker-compose +- chmod +x docker-compose +- sudo mv docker-compose /usr/local/bin language: php php: - 7.2 script: - - composer self-update --2 - - composer install - - ./vendor/bin/phpunit src/OpenCATS/Tests/UnitTests - - cd docker/; docker-compose --compatibility -f docker-compose-test.yml up -d - - docker-compose --compatibility -f docker-compose-test.yml exec php /var/www/public/test/runAllTests.sh - - cd ..; ./ci/package-code.sh - +- composer self-update --2 +- composer install +- "./vendor/bin/phpunit src/OpenCATS/Tests/UnitTests" +- cd docker/; docker-compose --compatibility -f docker-compose-test.yml up -d +- docker-compose --compatibility -f docker-compose-test.yml exec php /var/www/public/test/runAllTests.sh +- cd ..; ./ci/package-code.sh deploy: provider: releases api_key: - secure: $GITHUB_TOKEN + secure: FH/2OR9OM9BT4DWAuroh4CLA7D3q8Fq/3/xvwxACXUQkQuHGRNLs65RdVlOhfBKIkNZuCYY4Aq5Vf8j0yo+Cp0H0tvFNIvuiihLQvxzjWhKt3VizeF5NeT/svjmz238ZDRrJU03eJWfSWt+n4DoHbz+bfL/NXy+vlcF/VauwurPSb2sWxbi2sf4Q4oQrAgqcXXY+Vk4uwGlmISDmyTx8csSIohKGx69+r80Tax5rVmFpeXpG9oCGZnzXOUjy81zeBMRYf2uhlfkuV9D0gAr6gQiIOqQcuKVbyIHR+Kx6LyFcQD3dRbDGb9kX73mQLR/QoCj+9KeroyoxM6Gd8qTJ7TKuWLFT0psy3d5XyMdwJOzxY5/P2IEgusIS6slQ3TpyFA4mja54OR5MbaR/tjCr2awmV1d3eQuH+SX71PeN21t2TsdGk2+3Qs1EbgrF94LqaoHLt3F6EWRzrUMuFQCorlWZs0of3Dc8MBKfrw+5ut6KNYESXmIRN172FB7WeppN8UeAHQIKBQtjC9QboG4NNHrM7aqvvERQgK+q1AOronyuX3d7yOpd9pKNnzwSIuNzwIn7JVorU1wHNTjjeIGtNIn0XUDQKoY4EEpq74K7kVZWzdCX5NSZNX/BZ5+sUvwgjEhECMbhm9tu91JxpLzXVWxfhLSzeQHt8ypseEqtJjo= file: - $TRAVIS_BUILD_DIR/opencats-$TRAVIS_TAG-full.tar.gz - $TRAVIS_BUILD_DIR/opencats-$TRAVIS_TAG-full.zip - skip_cleanup: true on: + repo: opencats/OpenCATS tags: true + skip_cleamup: true From d6042a53107156c2c7a36a097a45525b53b93eaf Mon Sep 17 00:00:00 2001 From: "russellh@ysmail.net" Date: Thu, 15 Aug 2024 10:43:16 +0100 Subject: [PATCH 06/16] updated the cookie settings to be PHP 7.2 compatible --- lib/Session.php | 57 +++++++++++++++++++++++++++---------------------- 1 file changed, 32 insertions(+), 25 deletions(-) diff --git a/lib/Session.php b/lib/Session.php index 1d706dc2..c8f72579 100755 --- a/lib/Session.php +++ b/lib/Session.php @@ -885,31 +885,38 @@ public function processLogin($username, $password, $addToHistory = true) ); $rs = $db->query($sql); } -$cookieValue = $this->getCookie(); -$cookieOptions = [ -// 'expires' => time() + 3600, // Example expiration time, adjust as needed -// 'path' => '/', // Example path, adjust as needed -// 'domain' => 'example.com', // Example domain, adjust as needed -// 'secure' => true, // Example secure flag, adjust as needed - 'httponly' => true, - 'samesite' => 'Strict', -]; - -setcookie('session_cookie', $cookieValue, $cookieOptions); - -// Update the user session in the database -$sql = sprintf( - "UPDATE - user - SET - force_logout = 0 - WHERE - user_id = %s - AND - site_id = %s", - $db->makeQueryString($this->_userID), - $this->_siteID -); + // Start output buffering to prevent "Headers Already Sent" errors + ob_start(); + + $cookieValue = $this->getCookie(); + $expires = time() + 3600; // Example expiration time, adjust as needed + $path = '/'; + // $domain = 'example.com'; // Adjust as needed + $secure = true; // Adjust based on your environment + $httponly = true; + $samesite = 'Strict'; + + // Manually append SameSite to the cookie header for PHP 7.2 + setcookie('session_cookie', $cookieValue, $expires, "$path; SameSite=$samesite", $domain, $secure, $httponly); + + // Update the user session in the database + $sql = sprintf( + "UPDATE + user + SET + force_logout = 0 + WHERE + user_id = %s + AND + site_id = %s", + $db->makeQueryString($this->_userID), + $this->_siteID + ); + + // Flush the output buffer and send the output to the browser + ob_end_flush(); + + $rs = $db->query($sql); break; From ade8a7fc1b75e3065281c7859388b97d7280be58 Mon Sep 17 00:00:00 2001 From: RussH Date: Mon, 16 Sep 2024 13:55:03 +0100 Subject: [PATCH 07/16] Travis ci fix (#659) * kill anything on port 80 * Update .travis.yml fix typo --- .travis.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 1c3f9e0a..2bd01a4c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -11,6 +11,8 @@ before_install: -s`-`uname -m` > docker-compose - chmod +x docker-compose - sudo mv docker-compose /usr/local/bin + # Stop any service using port 80 +- sudo lsof -t -i:80 | sudo xargs kill -9 language: php php: - 7.2 @@ -31,4 +33,4 @@ deploy: on: repo: opencats/OpenCATS tags: true - skip_cleamup: true + skip_cleanup: true From 3da18490042cc60c49487b45ac21da2b2cefcbf4 Mon Sep 17 00:00:00 2001 From: RussH Date: Mon, 16 Sep 2024 13:56:30 +0100 Subject: [PATCH 08/16] attachments module will require authentication (#658) attachments module will require authentication --- modules/attachments/AttachmentsUI.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/attachments/AttachmentsUI.php b/modules/attachments/AttachmentsUI.php index 7e3d1079..fdebfbf1 100755 --- a/modules/attachments/AttachmentsUI.php +++ b/modules/attachments/AttachmentsUI.php @@ -40,7 +40,7 @@ public function __construct() { parent::__construct(); - $this->_authenticationRequired = false; + $this->_authenticationRequired = true; $this->_moduleDirectory = 'attachments'; $this->_moduleName = 'attachments'; $this->_moduleTabText = ''; From 018397b89bcee7eb18a1802148aa91cfa2afe02c Mon Sep 17 00:00:00 2001 From: Yevhen Popok Date: Mon, 16 Sep 2024 15:59:48 +0300 Subject: [PATCH 09/16] candidates: for the edit form, add missing asterisks + "Owner" check (#653) 1. Add missing asterisks to the "First Name" and "Last Name" fields 2. Add a check for the "Owner" field. This field is marked with an asterisk, which means it is required. Also, the same check already exists in the joborders validator. --- modules/candidates/Edit.tpl | 4 ++-- modules/candidates/validator.js | 21 +++++++++++++++++++++ 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/modules/candidates/Edit.tpl b/modules/candidates/Edit.tpl index 5e2ce458..aeb5c798 100755 --- a/modules/candidates/Edit.tpl +++ b/modules/candidates/Edit.tpl @@ -37,7 +37,7 @@ - +  * @@ -55,7 +55,7 @@ - +  * diff --git a/modules/candidates/validator.js b/modules/candidates/validator.js index 5ac2627e..d2b724aa 100755 --- a/modules/candidates/validator.js +++ b/modules/candidates/validator.js @@ -30,6 +30,7 @@ function checkEditForm(form) errorMessage += checkFirstName(); errorMessage += checkLastName(); + errorMessage += checkOwner(); if (errorMessage != '') { @@ -173,6 +174,26 @@ function checkLastName() return errorMessage; } +function checkOwner() +{ + var errorMessage = ''; + + fieldValue = document.getElementById('owner').selectedIndex; + fieldLabel = document.getElementById('ownerLabel'); + if (fieldValue == '') + { + errorMessage = " - You must select an owner.\n"; + + fieldLabel.style.color = '#ff0000'; + } + else + { + fieldLabel.style.color = '#000'; + } + + return errorMessage; +} + function checkSearchFullName() { var errorMessage = ''; From aeb1ce5daf936b7bce5dda04344faca41cda130f Mon Sep 17 00:00:00 2001 From: Yevhen Popok Date: Mon, 16 Sep 2024 16:00:44 +0300 Subject: [PATCH 10/16] joborders: for forms, take a default company name from the database (#652) Default company name is saved in the database and can be changed. However, for "Add Job Order" and "Edit Job Order" forms it was hardcoded to the standard name ("Internal Posting"). --- modules/companies/CompaniesUI.php | 2 +- modules/joborders/Add.tpl | 2 +- modules/joborders/Edit.tpl | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/companies/CompaniesUI.php b/modules/companies/CompaniesUI.php index 4e9bf3d6..59c5f643 100755 --- a/modules/companies/CompaniesUI.php +++ b/modules/companies/CompaniesUI.php @@ -888,7 +888,7 @@ private function onDelete() if ($rs['defaultCompany'] == 1) { - $this->listByView('Cannot delete internal postings company.'); + $this->listByView('Cannot delete default company.'); return; } diff --git a/modules/joborders/Add.tpl b/modules/joborders/Add.tpl index fad26334..ca1ad96f 100755 --- a/modules/joborders/Add.tpl +++ b/modules/joborders/Add.tpl @@ -67,7 +67,7 @@
defaultCompanyID !== false): ?> -  Internal Posting
+  defaultCompanyRS['name']); ?>
diff --git a/modules/joborders/Edit.tpl b/modules/joborders/Edit.tpl index 45fe9a67..d8f6fc0e 100755 --- a/modules/joborders/Edit.tpl +++ b/modules/joborders/Edit.tpl @@ -75,7 +75,7 @@ defaultCompanyID !== false): ?> - defaultCompanyID == $this->data['companyID']) echo(' checked'); ?> id="defaultCompany" onchange="if(document.getElementById('companyName').disabled == false && document.getElementById('companyID').value > 0) {oldCompanyID = document.getElementById('companyID').value; } else if(document.getElementById('companyName').disabled == false) { oldCompanyID = 0; } document.getElementById('companyName').disabled = true; document.getElementById('companyID').value = 'defaultCompanyID); ?>'; "> Internal Posting + defaultCompanyID == $this->data['companyID']) echo(' checked'); ?> id="defaultCompany" onchange="if(document.getElementById('companyName').disabled == false && document.getElementById('companyID').value > 0) {oldCompanyID = document.getElementById('companyID').value; } else if(document.getElementById('companyName').disabled == false) { oldCompanyID = 0; } document.getElementById('companyName').disabled = true; document.getElementById('companyID').value = 'defaultCompanyID); ?>'; "> defaultCompanyRS['name']); ?> From e7c1ab122bf9566c52e899d0d6e042fda4b1edc9 Mon Sep 17 00:00:00 2001 From: Yevhen Popok Date: Mon, 16 Sep 2024 16:04:09 +0300 Subject: [PATCH 11/16] Use mb_substr() for correct abbreviation of non-ASCII characters (#651) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When using substr() or another method to reduce a string to/by 1 byte, many UTF-8 characters are lost (displayed as � ). Switching to mb_substr() fixes this. --- lib/Candidates.php | 2 +- lib/StringUtility.php | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/Candidates.php b/lib/Candidates.php index b07eb120..853337bb 100755 --- a/lib/Candidates.php +++ b/lib/Candidates.php @@ -2066,7 +2066,7 @@ public function __construct($instanceName, $siteID, $parameters, $misc = 0) 'filter' => 'candidate.web_site'), 'Key Skills' => array('select' => 'candidate.key_skills AS keySkills', - 'pagerRender' => 'return substr(trim($rsData[\'keySkills\']), 0, 30) . (strlen(trim($rsData[\'keySkills\'])) > 30 ? \'...\' : \'\');', + 'pagerRender' => 'return mb_substr(trim($rsData[\'keySkills\']), 0, 30) . (strlen(trim($rsData[\'keySkills\'])) > 30 ? \'...\' : \'\');', 'sortableColumn' => 'keySkills', 'pagerWidth' => 210, 'filter' => 'candidate.key_skills'), diff --git a/lib/StringUtility.php b/lib/StringUtility.php index d929e515..459b1f1e 100755 --- a/lib/StringUtility.php +++ b/lib/StringUtility.php @@ -499,24 +499,24 @@ public static function makeInitialName($firstName, $lastName, if ($lastCommaFirst) { - $firstInitial = $firstName[0] . '.'; + $firstInitial = mb_substr($firstName, 0, 1) . '.'; if (strlen($lastName) > $maxLength) { return ucwords( - substr($lastName, 0, $maxLength) . ', ' . $firstInitial + mb_substr($lastName, 0, $maxLength) . ', ' . $firstInitial ); } return ucwords($lastName . ', ' . $firstInitial); } - $lastInitial = $lastName[0] . '.'; + $lastInitial = mb_substr($lastName, 0, 1) . '.'; if (strlen($firstName) > $maxLength) { return ucwords( - substr($firstName, 0, $maxLength) . ' ' . $lastInitial + mb_substr($firstName, 0, $maxLength) . ' ' . $lastInitial ); } From 7e55fb3d19224e8fbe58219eafcc6715db972a46 Mon Sep 17 00:00:00 2001 From: Yevhen Popok Date: Mon, 16 Sep 2024 16:06:26 +0300 Subject: [PATCH 12/16] Fix javascript "back button" links (#650) Use history.back() method instead of currently non-functional back() --- lib/CommonErrors.php | 18 +++++++++--------- modules/import/ImportUI.php | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/CommonErrors.php b/lib/CommonErrors.php index 1b82f77d..c032398f 100755 --- a/lib/CommonErrors.php +++ b/lib/CommonErrors.php @@ -91,7 +91,7 @@ public static function fatal($code, $active, $customMessage = '', $modal = false $errorTitle = 'Invalid Information'; $internalErrorTitle = 'Bad Input'; $errorMessage = 'Some of the information you provided doesn\'t follow the correct format and ' - . 'CATS can\'t interpret what it is. Please go back and ' + . 'CATS can\'t interpret what it is. Please go back and ' . 'complete each field paying close attention to any instructions provided. ' . '

' . $customMessage . ''; break; @@ -124,7 +124,7 @@ public static function fatal($code, $active, $customMessage = '', $modal = false . 'traffic or older web browsers. The latest version of the ' . 'Mozilla Firefox© browser ' . 'is recommended.

The problem may be resolved by using the ' - . 'back button on your browser and trying again.'; + . 'back button on your browser and trying again.'; break; case COMMONERROR_BADINDEX: $errorTitle = 'Bad Server Information'; @@ -139,7 +139,7 @@ public static function fatal($code, $active, $customMessage = '', $modal = false . 'may have been provided to you.' . '

' . 'It\'s ok! CATS can\'t complete whatever action you requested; but chances are, ' - . 'if you click the back button and refresh the page ' + . 'if you click the back button and refresh the page ' . 'and try again it will work just fine.'; break; @@ -148,7 +148,7 @@ public static function fatal($code, $active, $customMessage = '', $modal = false $internalErrorTitle = 'Permission Denied'; $errorMessage = 'You don\'t have access to the action you\'re attempting to perform. If you ' . 'feel you should have access, contact your site administrator. ' - . 'You can click the back button on your browser to return ' + . 'You can click the back button on your browser to return ' . 'to where you came from.'; break; @@ -169,7 +169,7 @@ public static function fatal($code, $active, $customMessage = '', $modal = false $internalErrorTitle = 'Required Fields Missing'; $errorMessage = 'One or more of the input fields on the page you came from were required and ' . 'were left with blank or incorrect values. The action you\'re trying to perform cannot ' - . 'be completed without those fields. Please use the back button ' + . 'be completed without those fields. Please use the back button ' . 'on your browser to return to where you came from.' . '

'; @@ -189,7 +189,7 @@ public static function fatal($code, $active, $customMessage = '', $modal = false $internalErrorTitle = 'Missing wild card string'; $errorMessage = 'One or more of the input fields on the page you came from were required and ' . 'were left with blank or incorrect values. The action you\'re trying to perform cannot ' - . 'be completed without those fields. Please use the back button ' + . 'be completed without those fields. Please use the back button ' . 'on your browser to return to where you came from.' . '

'; @@ -207,7 +207,7 @@ public static function fatal($code, $active, $customMessage = '', $modal = false case COMMONERROR_NOPASSWORDMATCH: $errorTitle = 'Passwords do not Match'; $internalErrorTitle = 'Passwords do not match'; - $errorMessage = 'The passwords you entered do not match. Please use the ' + $errorMessage = 'The passwords you entered do not match. Please use the ' . 'back button on your browser to return from where you came and enter the correct password ' . 'in all required fields.'; break; @@ -216,7 +216,7 @@ public static function fatal($code, $active, $customMessage = '', $modal = false $errorTitle = 'File Does Not Exist'; $internalErrorTitle = 'File Does Not Exist'; $errorMessage = 'The file you are requesting for does not exist. Please use the ' - . 'back button on your browser to return to where ' + . 'back button on your browser to return to where ' . 'you came from.

'; if (!empty($customMessage)) @@ -229,7 +229,7 @@ public static function fatal($code, $active, $customMessage = '', $modal = false $errorTitle = 'An Error Has Occurred'; $internalErrorTitle = 'Undefined'; $errorMessage = 'An error has occurred and the operation you were attempting to perform cannot be ' - . 'completed. Please use the back button on your web browser ' + . 'completed. Please use the back button on your web browser ' . 'to return from where you came. The administrators have been notified, so you may wish to ' . 'try again later.'; break; diff --git a/modules/import/ImportUI.php b/modules/import/ImportUI.php index 49868338..97c2e614 100755 --- a/modules/import/ImportUI.php +++ b/modules/import/ImportUI.php @@ -1556,7 +1556,7 @@ public function massImport($step = 1) { $this->_template->assign('errorMessage', 'You didn\'t upload any files or there was a ' . 'problem working with any files you uploaded. Please use the ' - . 'Back button on your web browser ' + . 'Back button on your web browser ' . 'and select one or more files to import.' ); From 337cbab6a43eebf8fbbd6c74118f4741af04e941 Mon Sep 17 00:00:00 2001 From: Yevhen Popok Date: Mon, 16 Sep 2024 16:08:16 +0300 Subject: [PATCH 13/16] Add "txt" to the list of safe file extensions (#649) so that text files will not have a duplicate extra extension --- lib/FileUtility.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/FileUtility.php b/lib/FileUtility.php index 56e7f3c4..7277a961 100755 --- a/lib/FileUtility.php +++ b/lib/FileUtility.php @@ -189,7 +189,7 @@ public static function makeSafeFilename($filename) /* if (!preg_match("/(?i)\.(pdf|docx?|rtf|odt?g?|txt|wpd|jpe?g|png|csv|xlsx?|ppt|msg|heic|tiff?|html?|bmp|wps|xps)$/i", $fileExtension)) */ - $GoodFileExtensions = array('bmp', 'csv', 'doc', 'docx', 'heic', 'html', 'jpeg', 'jpg', 'msg', 'odg', 'odt', 'pages', 'pdf', 'png', 'ppt', 'pptx', 'rtf', 'tiff', 'wpd', 'wps', 'xls', 'xlsx', 'bak', 'xps'); + $GoodFileExtensions = array('bak', 'bmp', 'csv', 'doc', 'docx', 'heic', 'html', 'jpeg', 'jpg', 'msg', 'odg', 'odt', 'pages', 'pdf', 'png', 'ppt', 'pptx', 'rtf', 'tiff', 'txt', 'wpd', 'wps', 'xls', 'xlsx', 'xps'); if (!in_array($fileExtension, $GoodFileExtensions)) { $filename .= ".txt"; From 0c1487b931755c7a282057ff690eada4a46ff664 Mon Sep 17 00:00:00 2001 From: RussH Date: Mon, 16 Sep 2024 14:48:15 +0100 Subject: [PATCH 14/16] Update .travis.yml include php 8.0, 8.2 checks --- .travis.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.travis.yml b/.travis.yml index 2bd01a4c..3ff89440 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,6 +16,8 @@ before_install: language: php php: - 7.2 +- 8.0 +- 8.2 script: - composer self-update --2 - composer install From 0bf6f3c0e5d81f633e7bad95cc95dbc2b54551df Mon Sep 17 00:00:00 2001 From: MeorA Date: Tue, 8 Jul 2025 18:17:38 +0800 Subject: [PATCH 15/16] add 'uploads' folder content to be excluded from pushed in .gitignore list (#665) --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 38eb35e9..09839614 100644 --- a/.gitignore +++ b/.gitignore @@ -7,6 +7,7 @@ docker/persist/* vendor/* attachments/* temp/* +uploads/* # Ignore Mac DS_Store files .DS_Store /vendor/ From cf7717490c4c6f103aa8f385be947137e860ed70 Mon Sep 17 00:00:00 2001 From: MeorA Date: Tue, 8 Jul 2025 18:21:09 +0800 Subject: [PATCH 16/16] fix session error when domain are not set, default to empty (#664) * fix session error when domain are not set, default to empty * fix typo in the Class --- lib/Session.php | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/lib/Session.php b/lib/Session.php index c8f72579..96ab845c 100755 --- a/lib/Session.php +++ b/lib/Session.php @@ -83,6 +83,8 @@ class CATSSession private $_isAgreedToLicense = false; private $_isLocalizationConfigured = false; private $_loggedInDirectory = ''; + private $_canSeeEEOInfo = false; + private $_loggedInScript = ''; /** * Returns this session's MRU object, and creates one if it doesn't exist. @@ -845,11 +847,11 @@ public function processLogin($username, $password, $addToHistory = true) if (strlen($rs['columnPreferences']) > 0 && $this->_isDemo == false) { - $this->__dataGridColumnPreferences = unserialize($rs['columnPreferences']); + $this->_ = unserialize($rs['columnPreferences']); } else { - $this->__dataGridColumnPreferences = array(); + $this->_dataGridColumnPreferences = array(); } /* Log the login as successful. */ @@ -896,8 +898,9 @@ public function processLogin($username, $password, $addToHistory = true) $httponly = true; $samesite = 'Strict'; - // Manually append SameSite to the cookie header for PHP 7.2 - setcookie('session_cookie', $cookieValue, $expires, "$path; SameSite=$samesite", $domain, $secure, $httponly); + // Fixed setcookie call - define domain variable and remove invalid path format + $domain = ''; // Use empty string for current domain + setcookie('session_cookie', $cookieValue, $expires, $path, $domain, $secure, $httponly); // Update the user session in the database $sql = sprintf( @@ -1179,9 +1182,9 @@ public function retrieveValueByName($name) */ public function getColumnPreferences($instance) { - if (isset($this->__dataGridColumnPreferences[$instance])) + if (isset($this->_dataGridColumnPreferences[$instance])) { - return $this->__dataGridColumnPreferences[$instance]; + return $this->_dataGridColumnPreferences[$instance]; } else { @@ -1196,9 +1199,9 @@ public function getColumnPreferences($instance) */ public function setColumnPreferences($instance, $columnPreferences) { - $this->__dataGridColumnPreferences[$instance] = $columnPreferences; + $this->_dataGridColumnPreferences[$instance] = $columnPreferences; - $columnString = serialize($this->__dataGridColumnPreferences); + $columnString = serialize($this->_dataGridColumnPreferences); $db = DatabaseConnection::getInstance();