����JFIF��x�x����'
Server IP : 78.140.185.180 / Your IP : 216.73.216.150 Web Server : LiteSpeed System : Linux cpanel13.v.fozzy.com 4.18.0-513.11.1.lve.el8.x86_64 #1 SMP Thu Jan 18 16:21:02 UTC 2024 x86_64 User : builderbox ( 1072) PHP Version : 7.3.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /opt/dell/srvadmin/var/lib/openmanage/xslroot/oma/template/web/ |
Upload File : |
<?xml version="1.0" encoding="UTF-8"?> <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:fo="http://www.w3.org/1999/XSL/Format"> <xsl:template match="OMA"> <xsl:choose> <xsl:when test="SMTPHost = ''"> <DataArea email="false" cancel="true" exportdata="false"> <xsl:if test="OMAUserRights='7' and SHOWWEBSERVER='TRUE'"> <xsl:attribute name="backpagedisplay"><xsl:value-of select="$strGoToServer"/></xsl:attribute> <xsl:attribute name="backpagetarget">./DataArea?plugin=com.dell.oma.webplugins.SvrPrefWebPlugin&help=Serverpreferences</xsl:attribute> </xsl:if> <xsl:attribute name="canceltarget"><xsl:value-of select="translate(//Caller, ';', '&amp;')"/></xsl:attribute> <PageTitle> <xsl:attribute name="display"><xsl:value-of select="$strEmailFailed"/></xsl:attribute> </PageTitle> <PromptText> <xsl:choose> <xsl:when test="OMAUserRights='7' and SHOWWEBSERVER='TRUE'"><xsl:value-of select="$strSetUpSMTP"/></xsl:when> <xsl:otherwise><xsl:value-of select="$strAskYourSystem"/></xsl:otherwise> </xsl:choose> </PromptText> </DataArea> </xsl:when> <xsl:otherwise> <DataArea email="false" exportdata="false"> <xsl:if test="Success != 'true'"> <xsl:attribute name="cancel">true</xsl:attribute> <xsl:attribute name="canceltarget">javascript:cancel();</xsl:attribute> </xsl:if> <xsl:if test="(/OMA/OMAUserRights = '7') or (/OMA/OMAUserRights = '3')"> <xsl:choose> <xsl:when test="Success ='true'"> <xsl:attribute name="submit"><xsl:value-of select="translate(Caller, ';','&')"/></xsl:attribute> <xsl:attribute name="submitdisplay"><xsl:value-of select="$strGoBack"/></xsl:attribute> </xsl:when> <xsl:otherwise> <xsl:attribute name="submit">./SubmitForm?plugin=com.dell.oma.webplugins.SendEmailWebPlugin</xsl:attribute> <xsl:attribute name="submitdisplay"><xsl:value-of select="$strSendEmail"/></xsl:attribute> <xsl:attribute name="validate">true</xsl:attribute> </xsl:otherwise> </xsl:choose> </xsl:if> <PageTitle> <xsl:attribute name="display"><xsl:value-of select="$strSendEmailMessage"/></xsl:attribute> </PageTitle> <xsl:choose> <xsl:when test="Success ='true'"> <PromptText><xsl:value-of select="$strTheEmailMessage"/><xsl:value-of select="ToAddress"/><xsl:value-of select="$str"/></PromptText> </xsl:when> <xsl:when test="Exception != ''"> <xsl:choose> <xsl:when test="Exception = '1'"> <PromptText><xsl:value-of select="$strTheEmailMessage1"/><xsl:value-of select="ToAddress"/><xsl:value-of select="$strSince"/><xsl:value-of select="ToAddress"/><xsl:text> </xsl:text><xsl:value-of select="$strOr"/><xsl:text> </xsl:text><xsl:value-of select="FromAddress"/><xsl:value-of select="$strIsInvalidEnter"/></PromptText> </xsl:when> <xsl:otherwise> <PromptText><xsl:value-of select="$strTheEmailMessage2"/><xsl:value-of select="ToAddress"/><xsl:value-of select="$strEmailAddressMay"/></PromptText> </xsl:otherwise> </xsl:choose> </xsl:when> <xsl:otherwise> </xsl:otherwise> </xsl:choose> <xsl:if test="Success !='true'"> <ListData> <Data name="to" type="editbox" size="40"><xsl:attribute name="display"><xsl:value-of select="$strTo"/></xsl:attribute> <xsl:attribute name="value"><xsl:value-of select="ToAddress"/></xsl:attribute> </Data> <Data name="from"><xsl:attribute name="display"><xsl:value-of select="$strFrom"/></xsl:attribute> <xsl:attribute name="value"><xsl:value-of select="FromAddress"/></xsl:attribute> </Data> <Data name="subject" type="editbox" size="50"><xsl:attribute name="display"><xsl:value-of select="$strSubject"/></xsl:attribute> <xsl:attribute name="value"><xsl:value-of select="Subject"/></xsl:attribute> </Data> <Data name="desc" type="textarea" cols="35" rows="5"><xsl:attribute name="display"><xsl:value-of select="$strMessage"/></xsl:attribute> <xsl:attribute name="value"><xsl:value-of select="Message"/></xsl:attribute> </Data> </ListData> <ListData> <Data name="Attach"><xsl:attribute name="display"><xsl:value-of select="$strAttachments"/></xsl:attribute></Data> <xsl:for-each select="Attachment/File"> <xsl:variable name="filename"><xsl:value-of select="."/></xsl:variable> <xsl:if test="($filename != 'blank.html') and ($filename != 'calendar.html') and ($filename != 'pre.html')"> <Data name="attachment" type="checkbox" state="3"> <xsl:attribute name="returnvalue"><xsl:value-of select="@count"/></xsl:attribute> <xsl:attribute name="splcase">true</xsl:attribute> <xsl:if test="@href != ''"> <ExtraItem link="true"> <xsl:attribute name="href">javascript:showFile('<xsl:value-of select="@href"/>');</xsl:attribute> <xsl:attribute name="value"><xsl:value-of select="."/></xsl:attribute> </ExtraItem> </xsl:if> </Data> </xsl:if> </xsl:for-each> </ListData> <!--Security Fix:Unrestricted file upload in E-mail feature <ListData> <Data type="file" name="file" splcase="true"><xsl:attribute name="display"><xsl:value-of select="$strAddAttachment"/></xsl:attribute> <ExtraItem type="button" href="javascript:uploadFile();"><xsl:attribute name="display"><xsl:value-of select="$strAddAttachment1"/></xsl:attribute></ExtraItem> </Data> </ListData> --> <HiddenTable> <Data type="hidden" name="smtp"> <xsl:attribute name="returnvalue"><xsl:value-of select="SMTPHost"/></xsl:attribute> </Data> <Data type="hidden" name="pageTitle"> <xsl:attribute name="returnvalue"><xsl:value-of select="PageName" disable-output-escaping="yes" /></xsl:attribute> </Data> <Data type="hidden" name="redirectURL"> <xsl:attribute name="returnvalue"></xsl:attribute> </Data> <Data type="hidden" name="prevPage"> <xsl:attribute name="returnvalue"><xsl:value-of select="Caller"/></xsl:attribute> </Data> <Data type="hidden" name="fileName"/> </HiddenTable> </xsl:if> <script language="javascript"> function showFile(url) { console.log("Removed file rendering as Security fix for JIT-173043-Unrestricted File Upload"); } function cancel() { location.href ='<xsl:value-of select="translate(//Caller, ';', '&amp;')"/>'; } function validate() { var inLength = <xsl:value-of select="string-length(Message)"/> if((document.getElementById("desc").value.length - inLength) > 256) { alert("<xsl:value-of select="$strErrorLessThan"/>"); document.getElementById("desc").select(); return false; } if(!isAlphaNumeric(document.getElementById("to").value, "to")) { return false; } if(!validateEmail(document.getElementById("to").value, "to")) { return false; } if(!isAlphaNumeric(document.getElementById("subject").value, "subject")) { return false; } if(!isAlphaNumeric(document.getElementById("desc").value, "desc")) { return false; } /* Removed file validation as new files cannot be added in attachment section if(!isAlphaNumeric(document.getElementById("file").value, "file")) { return false; } */ if (((document.getElementById("to").value).indexOf(',') != "-1") || ((document.getElementById("to").value).indexOf(';') != "-1")) { alert(<xsl:value-of select="$strXLATESTARTToDoesNot"/>); var to = ""; var toVal = document.getElementById("to").value; if (toVal.indexOf(',') != "-1") { to = trim(toVal.substring(0 , toVal.indexOf(','))); } if (toVal.indexOf(';') != "-1") { to = trim(toVal.substring(0 , toVal.indexOf(';'))); } document.getElementById("to").value = to; document.getElementById("to").focus(); return false; } return true; } // CHNG86594 Validate email address function validateEmail(str) { var at = "@" var dot = "." var lat = str.indexOf(at); var lstr = str.length; var ldot = str.indexOf(dot); var error = 0; if (str.indexOf(at) == -1) { error = 1 } if (str.indexOf(at) == -1 || str.indexOf(at) == 0 || str.indexOf(at) == lstr) { error = 1 } if (str.indexOf(dot) == -1 || str.indexOf(dot) == 0 || str.indexOf(dot) == lstr) { error = 1 } if (str.indexOf(at,(lat+1)) != -1) { error = 1 } if (str.substring(lat-1,lat) == dot || str.substring(lat+1,lat+2) == dot) { error = 1 } if (str.indexOf(dot,(lat+2)) == -1) { error = 1 } if (str.indexOf(" ") != -1) { error = 1 } if (error == 1) { alert ( "<xsl:value-of select="$strErrorEmailAddress"/>" + str ); document.getElementById("to").focus(); return false } else { return true } } function isAlphaNumeric(text, context){ var validValue = "><&?\"#%"; var ok = "yes"; var temp; for (var i=0; i<text.length; i++) { temp = "" + text.substring(i, i+1); if (validValue.indexOf(temp) != "-1") { ok = "no"; break; } } if (ok == "no") { if(context == "to") { msg = "<xsl:value-of select="$strErrorAlphanumericOr"/>"; } else if(context == "subject") { msg = "<xsl:value-of select="$strErrorAlphanumericOr1"/>"; } else if(context == "desc") { msg = "<xsl:value-of select="$strErrorAlphanumericOr2"/>"; } else if(context == "file") { msg = "<xsl:value-of select="$strErrorAlphanumericOr3"/>"; } alert ("<xsl:value-of select="$strError1"/>" + temp + "<xsl:value-of select="$strIsInvalid"/>" + msg + text); return false; } return true; } function ltrim ( s ) { return s.replace( /^\s*/, "" ) } function rtrim ( s ) { return s.replace( /\s*$/, "" ); } function trim ( s ) { return rtrim(ltrim(s)); } /* Remove uploadFile function to restrict upload function <!-- function uploadFile() { if(document.getElementById("file").value == '') { alert("<xsl:value-of select="$strYouMustSelect"/>"); return; } if(!isAlphaNumeric(document.getElementById("file").value, "file")) { return; } else { var _fname = document.getElementById("file").value; var _ext = ".gif"; if(_fname.indexOf(_ext) != -1) { alert(<xsl:value-of select="$strXLATESTARTYouShouldNot"/>); return; } } var count = <xsl:value-of select="Attachment/Count"/>; document.getElementById("dataarea").encoding = "multipart/form-data"; document.getElementById("dataarea").enctype = "multipart/form-data"; var regQuote = /\'/g; var PageName = "<xsl:value-of select="PageName"/>"; PageName = PageName.replace (regQuote, "\\\'"); var url = "./DataArea?plugin=com.dell.oma.webplugins.ShowSendEmailWebPlugin" + "&pageTitle="+PageName ; if(count == 1) { url = url + '&attachment=' + document.getElementById("attachment").value; } else { for(i=0; i <document.dataarea.attachment.length; i++) { if(document.dataarea.attachment[i].checked == true) { url = url + '&attachment=' + document.dataarea.attachment[i].value; } } } url = url + '&toAddr=' + document.getElementById("to").value; url = url + '&sendto=' + document.getElementById("to").value; document.getElementById("dataarea").redirectURL.value = url; document.getElementById("dataarea").action = "./UploadServlet?caller=email"; uploadStart (document.dataarea.file.value, ''); formSubmit(); } --> */ function encode_utf8( s ) { return unescape( encodeURIComponent( s ) );} function decode_utf8( s ) { return decodeURIComponent( escape( s ) ); } </script> <!--No need to load 'Upload.js' file and define iframe as we removed uploadFile()function for restricting the file upload <script language="JavaScript" src="/oma/js/Upload.js" /> <HTMLData> <iframe id="uploadtest" name="uploadtest" style="visibility: hidden; height: 1px; width: 1px; top: 0px; left: 0px; position: absolute; z-index: -1" ></iframe> </HTMLData> --> </DataArea> </xsl:otherwise> </xsl:choose> </xsl:template> </xsl:stylesheet>