Patch 10

.htaccess

@@ -6,6 +6,13 @@
   Order allow,deny
 </FilesMatch>
 
+<IfModule mod_rewrite.c>
+    RewriteEngine On
+    # Protect hidden directory from vulnerability scanner
+    RewriteRule (^|/)\.([^/]+)(/|$) - [L,F]
+    RewriteRule (^|/)([^/]+)~(/|$) - [L,F]
+</IfModule>
+
 # Don't show directory listings for URLs which map to a directory.
 Options -Indexes
 

admin/admin_template/akasia-dz/index_template.inc.php

@@ -86,7 +86,15 @@
         <div class="s-user">
           <div class="s-user-frame">
             <a href="<?php echo MWB.'system/app_user.php?changecurrent=true&action=detail'; ?>" class="s-user-photo">
-              <img src="<?php echo '../lib/minigalnano/createthumb.php?filename='.IMG.'/persons/'.urlencode(urlencode($_SESSION['upict'])).'&width=200'?>" alt="Photo <?php echo $_SESSION['realname']?>">
+                <?php
+                if (filter_var($_SESSION['upict'], FILTER_VALIDATE_URL)) {
+                    $user_image_url = $_SESSION['upict'];
+                } else {
+                    $user_image = $_SESSION['upict'] && file_exists(IMGBS . 'persons/' . $_SESSION['upict']) ? $_SESSION['upict'] : 'person.png';
+                    $user_image_url = '../lib/minigalnano/createthumb.php?filename=' . IMG . '/persons/' . urlencode(urlencode($user_image)) . '&width=200';
+                }
+                ?>
+                <img src="<?= $user_image_url ?>" alt="Photo <?php echo $_SESSION['realname'] ?>">
             </a>
           </div>
           <h4 class="s-user-name"><?php echo $_SESSION['realname']?></h4>

admin/admin_template/akasia/index_template.inc.php

@@ -85,7 +85,15 @@
         <div class="s-user">
           <div class="s-user-frame">
             <a href="<?php echo MWB.'system/app_user.php?changecurrent=true&action=detail'; ?>" class="s-user-photo">
-              <img src="<?php echo '../lib/minigalnano/createthumb.php?filename='.IMG.'/persons/'.urlencode(urlencode($_SESSION['upict'])).'&width=200'?>" alt="Photo <?php echo $_SESSION['realname']?>">
+                <?php
+                if (filter_var($_SESSION['upict'], FILTER_VALIDATE_URL)) {
+                    $user_image_url = $_SESSION['upict'];
+                } else {
+                    $user_image = $_SESSION['upict'] && file_exists(IMGBS . 'persons/' . $_SESSION['upict']) ? $_SESSION['upict'] : 'person.png';
+                    $user_image_url = '../lib/minigalnano/createthumb.php?filename=' . IMG . '/persons/' . urlencode(urlencode($user_image)) . '&width=200';
+                }
+                ?>
+                <img src="<?= $user_image_url ?>" alt="Photo <?php echo $_SESSION['realname'] ?>">
             </a>
           </div>
           <h4 class="s-user-name"><?php echo $_SESSION['realname']?></h4>

admin/admin_template/default/index_template.inc.php

@@ -34,8 +34,8 @@
     <script type="text/javascript" src="<?php echo JWB; ?>jquery.imgareaselect/scripts/jquery.imgareaselect.pack.js"></script>
     <script type="text/javascript" src="<?php echo JWB; ?>webcam.js"></script>
     <script type="text/javascript" src="<?php echo JWB; ?>scanner.js"></script>
-    <script type="text/javascript" src="<?php echo SWB; ?>js/bootstrap.min.js"></script>
     <script type="text/javascript" src="<?php echo SWB; ?>js/popper.min.js"></script>
+    <script type="text/javascript" src="<?php echo SWB; ?>js/bootstrap.min.js"></script>
     <script type="text/javascript" src="<?php echo JWB; ?>toastr/toastr.min.js"></script>
     <script type="text/javascript" src="<?php echo $sysconf['admin_template']['dir'].'/'.$sysconf['admin_template']['theme']; ?>/js/smooth-scrollbar.js"></script>
     <script type="text/javascript" src="<?php echo $sysconf['admin_template']['dir'].'/'.$sysconf['admin_template']['theme']; ?>/js/overscroll.js"></script>
@@ -64,7 +64,15 @@
     <div class="s-user" id="profile">
         <div class="s-user-frame">
             <a href="<?php echo MWB.'system/app_user.php?changecurrent=true&action=detail'; ?>" class="s-user-photo subMenuItem">
-                <img src="<?php echo '../lib/minigalnano/createthumb.php?filename='.IMG.'/persons/'.urlencode(urlencode($_SESSION['upict'])).'&width=200'?>" alt="Photo <?php echo $_SESSION['realname']?>">
+                <?php
+                if (filter_var($_SESSION['upict'], FILTER_VALIDATE_URL)) {
+                    $user_image_url = $_SESSION['upict'];
+                } else {
+                    $user_image = $_SESSION['upict'] && file_exists(IMGBS . 'persons/' . $_SESSION['upict']) ? $_SESSION['upict'] : 'person.png';
+                    $user_image_url = '../lib/minigalnano/createthumb.php?filename=' . IMG . '/persons/' . urlencode(urlencode($user_image)) . '&width=200';
+                }
+                ?>
+                <img src="<?= $user_image_url ?>" alt="Photo <?php echo $_SESSION['realname'] ?>">
             </a>
         </div>
         <a href="<?php echo MWB.'system/app_user.php?changecurrent=true&action=detail'; ?>">

admin/admin_template/nightmode/index_template.inc.php

@@ -60,7 +60,15 @@
     <div class="s-user" id="profile">
         <div class="s-user-frame">
             <a href="<?php echo MWB.'system/app_user.php?changecurrent=true&action=detail'; ?>" class="s-user-photo subMenuItem">
-                <img src="<?php echo '../lib/minigalnano/createthumb.php?filename='.IMG.'/persons/'.urlencode(urlencode($_SESSION['upict'])).'&width=200'?>" alt="Photo <?php echo $_SESSION['realname']?>">
+                <?php
+                if (filter_var($_SESSION['upict'], FILTER_VALIDATE_URL)) {
+                    $user_image_url = $_SESSION['upict'];
+                } else {
+                    $user_image = $_SESSION['upict'] && file_exists(IMGBS . 'persons/' . $_SESSION['upict']) ? $_SESSION['upict'] : 'person.png';
+                    $user_image_url = '../lib/minigalnano/createthumb.php?filename=' . IMG . '/persons/' . urlencode(urlencode($user_image)) . '&width=200';
+                }
+                ?>
+                <img src="<?= $user_image_url ?>" alt="Photo <?php echo $_SESSION['realname'] ?>">
             </a>
         </div>
         <a href="<?php echo MWB.'system/app_user.php?changecurrent=true&action=detail'; ?>">

admin/modules/bibliography/import.php

@@ -164,7 +164,7 @@
 
               // first field is header
               if (isset($_POST['header']) && $n < 1) {
-                  $n++;
+                  $n++; continue;
               } else {
                 // send query
                 $dbs->query($sql_str);
@@ -246,7 +246,7 @@
     <h2><?php echo __('Import Tool'); ?></h2>
     </div>
     <div class="infoBox">
-    <?php echo __('Import for bibliographics data from CSV file. For guide on CVS fields order and format please refer to documentation or visit <a href="http://slims.web.id" target="_blank">Official Website</a>'); ?>
+    <?php echo __('Import for bibliographics data from CSV file. For guide on CSV fields order and format please refer to documentation or visit <a href="http://slims.web.id" target="_blank">Official Website</a>'); ?>
 	</div>
 </div>
 </div>
@@ -294,4 +294,4 @@
     let fileName = $(this).val().replace(/\\/g, '/').replace(/.*\//, '');
     $(this).parent('.custom-file').find('.custom-file-label').text(fileName);
 });
-</script>
+</script>

admin/modules/bibliography/index.php

@@ -226,17 +226,25 @@ function getimagesizefromstring($string_data)
             $image_upload->setAllowableFormat($sysconf['allowed_images']);
             $image_upload->setMaxSize($sysconf['max_image_upload'] * 1024);
             $image_upload->setUploadDir(IMGBS . 'docs');
+
+            $img_title = $data['title'].'_'.date("YmdHis");
+            if(strlen($data['title']) > 70){
+                $img_title = substr($data['title'], 0, 70).'_'.date("YmdHis");
+            }
+
+            $new_filename = strtolower('cover_'. preg_replace("/[^a-zA-Z0-9]+/", "-", $img_title));
             // upload the file and change all space characters to underscore
-            $img_upload_status = $image_upload->doUpload('image', preg_replace('@\s+@i', '_', $_FILES['image']['name']));
+            $img_upload_status = $image_upload->doUpload('image', $new_filename);
             if ($img_upload_status == UPLOAD_SUCCESS) {
                 $data['image'] = $dbs->escape_string($image_upload->new_filename);
                 // write log
                 utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', $_SESSION['realname'] . ' upload image file ' . $image_upload->new_filename);
                 utility::jsToastr('Bibliography', __('Image Uploaded Successfully'), 'success');
             } else {
                 // write log
+                $data['image'] = NULL;
                 utility::writeLogs($dbs, 'staff', $_SESSION['uid'], 'bibliography', 'ERROR : ' . $_SESSION['realname'] . ' FAILED TO upload image file ' . $image_upload->new_filename . ', with error (' . $image_upload->error . ')');
-                utility::jsToastr('Bibliography', __('Image Uploaded Failed'), 'error');
+                utility::jsToastr('Bibliography', __('Image Uploaded Failed').'<br/>'.$image_upload->error, 'error');
             }
         } else if (!empty($_POST['base64picstring'])) {
             list($filedata, $filedom) = explode('#image/type#', $_POST['base64picstring']);

admin/modules/bibliography/item_import.php

@@ -133,30 +133,39 @@
                     $item_status = utility::getID($dbs, 'mst_item_status', 'item_status_id', 'item_status_name', $field[9], $stat_id_cache);
                     $item_status = $item_status?'\''.$item_status.'\'':'NULL';
                     $site = $field[10]?'\''.$field[10].'\'':'NULL';
-                    $source = $field[11]?'\''.$field[11].'\'':'NULL';
+                    $source = $field[11]?'\''.$field[11].'\'':'0';
                     $invoice = $field[12]?'\''.$field[12].'\'':'NULL';
                     $price = $field[13]?'\''.$field[13].'\'':'NULL';
                     $price_currency = $field[14]?'\''.$field[14].'\'':'NULL';
                     $invoice_date = $field[15]?'\''.$field[15].'\'':'NULL';
-                    $input_date = '\''.$field[16].'\'';
-                    $last_update = '\''.$field[17].'\'';
-
-                    // sql insert string
-                    $sql_str = "INSERT INTO item (item_code, call_number, coll_type_id,
-                        inventory_code, received_date, supplier_id,
-                        order_no, location_id, order_date, item_status_id, site,
-                        source, invoice, price, price_currency, invoice_date,
-                        input_date, last_update)
-                            VALUES ($item_code, $call_number, $coll_type,
-                            $inventory_code, $received_date, $supplier,
-                            $order_no, $location, $order_date, $item_status, $site,
-                            $source, $invoice, $price, $price_currency, $invoice_date,
-                            $input_date, $last_update)";
+                    $input_date = $field[16]?'\''.$field[16].'\'':'\''.date('Y-m-d H:i:s').'\'';
+                    $last_update = $field[17]?'\''.$field[17].'\'':'\''.date('Y-m-d H:i:s').'\'';
+                    $title = $field[18];
 
                     // first field is header
                     if (isset($_POST['header']) && $n < 1) {
                       $n++;
+                      continue;
                     } else {
+
+                      // get biblio_id
+                      $b_q = $dbs->query(sprintf("select biblio_id from biblio where title = '%s'", $title));
+                      if($b_q->num_rows < 1) continue;
+                      $b_d = $b_q->fetch_row();
+                      $biblio_id = $b_d[0];
+
+                      // sql insert string
+                      $sql_str = "INSERT INTO item (biblio_id, item_code, call_number, coll_type_id,
+                          inventory_code, received_date, supplier_id,
+                          order_no, location_id, order_date, item_status_id, site,
+                          source, invoice, price, price_currency, invoice_date,
+                          input_date, last_update)
+                              VALUES ($biblio_id, $item_code, $call_number, $coll_type,
+                              $inventory_code, $received_date, $supplier,
+                              $order_no, $location, $order_date, $item_status, $site,
+                              $source, $invoice, $price, $price_currency, $invoice_date,
+                              $input_date, $last_update)";
+
                       // send query
                       // die($sql_str);
                       $dbs->query($sql_str);

admin/modules/bibliography/marcexport.php

@@ -216,14 +216,14 @@
 	require LIB.'biblio_list_index.inc.php';
       }
       // table spec
-      $table_spec = 'search_biblio';
+      $table_spec = 'search_biblio AS `index`';
       $datagrid->setSQLColumn('biblio_id',
 	'title AS \''.__('Title').'\'',
 	'author AS \''.__('Author').'\'');
     } else {
       require LIB.'biblio_list.inc.php';
       // table spec
-      $table_spec = 'search_biblio';
+      $table_spec = 'search_biblio AS `index`';
       $datagrid->setSQLColumn('biblio_id',
 	'title AS \''.__('Title').'\'',
 	'author AS \''.__('Author').'\'');

admin/modules/bibliography/pop_attach.php

@@ -88,6 +88,8 @@
         $fdata['file_url'] = $dbs->escape_string($url);
         $fdata['file_dir'] = $dbs->escape_string($file_dir);
         $fdata['file_desc'] = $dbs->escape_string(trim(strip_tags($_POST['fileDesc'])));
+        if(isset($_POST['fileKey']) && trim($_POST['fileKey']) !== '')
+          $fdata['file_key'] = $dbs->escape_string(trim(strip_tags($_POST['fileKey'])));
         $fdata['mime_type'] = $sysconf['mimetype'][$file_ext];
         $fdata['input_date'] = date('Y-m-d H:i:s');
         $fdata['last_update'] = $fdata['input_date'];
@@ -110,6 +112,8 @@
       $fdata['file_url'] = $dbs->escape_string($fdata['file_name']);
       $fdata['file_dir'] = 'literal{NULL}';
       $fdata['file_desc'] = $dbs->escape_string(trim(strip_tags($_POST['fileDesc'])));
+      if(isset($_POST['fileKey']) && trim($_POST['fileKey']) !== '')
+          $fdata['file_key'] = $dbs->escape_string(trim(strip_tags($_POST['fileKey'])));
       $fdata['mime_type'] = 'text/uri-list';
       $fdata['input_date'] = date('Y-m-d H:i:s');
       $fdata['last_update'] = $fdata['input_date'];
@@ -144,7 +148,10 @@
       // file biblio access update
       $update1 = $sql_op->update('biblio_attachment', array('access_type' => $data['access_type'], 'access_limit' => $data['access_limit'], 'placement' => $data['placement']), 'biblio_id='.$updateBiblioID.' AND file_id='.$fileID);
       // file description update
-      $update2 = $sql_op->update('files', array('file_title' => $title, 'file_url' => $url, 'file_desc' => $dbs->escape_string(trim($_POST['fileDesc']))), 'file_id='.$fileID);
+      $file_desc_update = array('file_title' => $title, 'file_url' => $url, 'file_desc' => $dbs->escape_string(trim($_POST['fileDesc'])));
+      if(isset($_POST['fileKey']))
+          $file_desc_update['file_key'] = $dbs->escape_string(trim(strip_tags($_POST['fileKey'])));
+      $update2 = $sql_op->update('files', $file_desc_update, 'file_id='.$fileID);
       if ($update1) {
         utility::jsToastr('File Attachment', __('File Attachment data updated!'), 'success');
         echo '<script type="text/javascript">';
@@ -243,6 +250,8 @@
 
 // file description
 $form->addTextField('textarea', 'fileDesc', __('Description'), $file_attach_d['file_desc']??'', 'rows="2" class="form-control"');
+// file key
+$form->addTextField('textarea', 'fileKey', __('File Password'), $file_attach_d['file_key']??'', 'rows="2" class="form-control"');
 // file access
 $acctype_options[] = array('public', __('Public'));
 $acctype_options[] = array('private', __('Private'));

admin/modules/bibliography/ucs_update.php

@@ -69,24 +69,25 @@
     $to_sent['node_info'] = $sysconf['ucs'];
     $to_sent['node_data'] = $data;
     // create HTTP request
-    $http_request = new http_request();
-    // send HTTP POST request
-    $server_addr = isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : (isset($_SERVER['LOCAL_ADDR']) ? $_SERVER['LOCAL_ADDR'] : gethostbyname($_SERVER['SERVER_NAME']));
-	if (isset($sysconf['ucs']['serverversion']) && $sysconf['ucs']['serverversion'] < 3) {
-      $http_request->send_http_request($sysconf['ucs']['serveraddr'].'/uc-ops.php', $server_addr, $to_sent, 'POST', 'text/json');
-	} else {
-	  $http_request->send_http_request($sysconf['ucs']['serveraddr'].'/ucs.php', $server_addr, $to_sent, 'POST', 'text/json');
-	}
+    $http_request = new \GuzzleHttp\Client();
+    $http_param = ['body' => json_encode($to_sent), 'http_errors' => false];
+
+    if (isset($sysconf['ucs']['serverversion']) && $sysconf['ucs']['serverversion'] < 3) {
+        $request = $http_request->request('POST', $sysconf['ucs']['serveraddr'].'/uc-ops.php', $http_param);
+    } else {
+        $request = $http_request->request('POST', $sysconf['ucs']['serveraddr'].'/ucs.php', $http_param);
+    }
+
     // below is for debugging purpose only
-    // die(json_encode(array('status' => 'RAW', 'message' => $http_request->body())));
+    // die(json_encode(array('status' => 'RAW', 'message' => $request->getBody())));
 
     // check for http request error
-    if ($req_error = $http_request->error()) {
-	    die(json_encode(array('status' => 'HTTP_REQUEST_ERROR', 'message' => $req_error['message'])));
+    if ($request->getStatusCode() != '200') {
+        die(json_encode(array('status' => 'HTTP_REQUEST_ERROR', 'message' => 'HTTP Request error with code : ' . $request->getStatusCode())));
     }
 
     // print out body of request result
-    echo $http_request->body();
+    echo $request->getBody();
     exit();
 } else {
     die(json_encode(array('status' => 'NO_BIBLIO_SELECTED', 'message' => 'Please select bibliographic data to update!')));

admin/modules/bibliography/ucs_upload.php

@@ -63,7 +63,7 @@
     $sql = "SELECT
         b.biblio_id, b.title, b.spec_detail_info, gmd.gmd_code, gmd.gmd_name, b.edition,
         b.isbn_issn, publ.publisher_name, b.publish_year,
-        b.collation, b.series_title, b.call_number, lang.language_id,
+        b.collation, b.series_title, b.call_number, b.image, lang.language_id,
         lang.language_name, pl.place_name, b.classification, b.notes, fr.frequency
         FROM biblio AS b
         LEFT JOIN mst_gmd AS gmd ON b.gmd_id=gmd.gmd_id
@@ -103,26 +103,25 @@
         $to_sent['node_info'] = $sysconf['ucs'];
         $to_sent['node_data'] = $data;
         // create HTTP request
-        $http_request = new http_request();
-        // send HTTP POST request
-        $server_addr = isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : (isset($_SERVER['LOCAL_ADDR']) ? $_SERVER['LOCAL_ADDR'] : gethostbyname($_SERVER['SERVER_NAME']));
+        $http_request = new \GuzzleHttp\Client();
+        $http_param = ['body' => json_encode($to_sent), 'http_errors' => false];
 
 		if (isset($sysconf['ucs']['serverversion']) && $sysconf['ucs']['serverversion'] < 3) {
-          $http_request->send_http_request($sysconf['ucs']['serveraddr'].'/ucpoll.php', $server_addr, $to_sent, 'POST', 'text/json');
+          $request = $http_request->request('POST', $sysconf['ucs']['serveraddr'].'/ucpoll.php', $http_param);
 		} else {
-		  $http_request->send_http_request($sysconf['ucs']['serveraddr'].'/ucs.php', $server_addr, $to_sent, 'POST', 'text/json');
+          $request = $http_request->request('POST', $sysconf['ucs']['serveraddr'].'/ucs.php', $http_param);
 		}
 
         // below is for debugging purpose only
-	    // die(json_encode(array('status' => 'RAW', 'message' => $http_request->body())));
+	    // die(json_encode(array('status' => 'RAW', 'message' => $request->getBody())));
 
 	    // check for http request error
-	    if ($req_error = $http_request->error()) {
-		  die(json_encode(array('status' => 'HTTP_REQUEST_ERROR', 'message' => $req_error['message'])));
+	    if ($request->getStatusCode() != '200') {
+		  die(json_encode(array('status' => 'HTTP_REQUEST_ERROR', 'message' => 'HTTP Request error with code : ' . $request->getStatusCode())));
 	    }
 
         // print out body of request result
-        echo $http_request->body();
+        echo $request->getBody();
         exit();
     } else {
         die(json_encode(array('status' => 'NO_DATA', 'message' => 'No Data to be uploaded to Union Catalog Server')));