From d2505d15fe8277c41ece546062e47b2175cbfc88 Mon Sep 17 00:00:00 2001
From: Pierre Goiffon <pierre.goiffon@combodo.com>
Date: Mon, 26 Nov 2018 18:16:06 +0100
Subject: [PATCH 1/7] =?UTF-8?q?:lock:=20N=C2=B01802=20itop-backup=20:=20mo?=
 =?UTF-8?q?ve=20iTop=20root=20to=20config=20file?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 datamodels/2.x/itop-backup/check-backup.php   | 95 ++++++++++++++-----
 .../2.x/itop-backup/module.itop-backup.php    |  3 +-
 2 files changed, 71 insertions(+), 27 deletions(-)

diff --git a/datamodels/2.x/itop-backup/check-backup.php b/datamodels/2.x/itop-backup/check-backup.php
index 81ea9fe6e..4e0d71e17 100644
--- a/datamodels/2.x/itop-backup/check-backup.php
+++ b/datamodels/2.x/itop-backup/check-backup.php
@@ -23,10 +23,29 @@
 // Recommended usage in CRON
 // /usr/bin/php -q /var/www/combodo/modules/itop-backup/backup.php --backup_file=/home/backups/combodo-crm-%Y-%m-%d
 
-if (!defined('__DIR__')) define('__DIR__', dirname(__FILE__));
-require_once(__DIR__.'/../../approot.inc.php');
-require_once(APPROOT.'/application/utils.inc.php');
-require_once(APPROOT.'/core/config.class.inc.php');
+if (file_exists(__DIR__.'/../../approot.inc.php'))
+{
+	require_once __DIR__.'/../../approot.inc.php';   // When in env-xxxx folder
+}
+else
+{
+	require_once __DIR__.'/../../../approot.inc.php';   // When in datamodels/x.x folder
+}
+require_once(APPROOT.'application/utils.inc.php');
+require_once(APPROOT.'core/config.class.inc.php');
+
+
+/**
+ * Uses production env
+ *
+ * @return \Config
+ */
+function GetConfig()
+{
+	$oConfig = new Config(APPCONF.'production/config-itop.php');
+
+	return $oConfig;
+}
 
 
 function ReadMandatoryParam($sParam)
@@ -84,8 +103,8 @@ function MakeArchiveFileName($iRefTime = null)
 {
 	$sDefaultBackupFileName = sys_get_temp_dir().'/'."__DB__-%Y-%m-%d";
 	$sBackupFile =  utils::ReadParam('backup_file', $sDefaultBackupFileName, true, 'raw_data');
-	
-	$oConfig = new Config(APPCONF.'production/config-itop.php');
+
+	$oConfig = GetConfig();
 
 	$sBackupFile = str_replace('__HOST__', $oConfig->Get('db_host'), $sBackupFile);
 	$sBackupFile = str_replace('__DB__', $oConfig->Get('db_name'), $sBackupFile);
@@ -126,28 +145,39 @@ function RaiseAlarm($sMessage)
 		return;
 	}
 
-   $sMessage = "Server: [[Server:".$sTicketImpactedServer."]]\n".$sMessage;
+	$sMessage = "Server: [[Server:".$sTicketImpactedServer."]]\n".$sMessage;
 
 	require_once(APPROOT.'webservices/itopsoaptypes.class.inc.php');
-	
-	//$sItopRootDefault = 'http'.((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS']!='off')) ? 's' : '').'://'.$_SERVER['SERVER_NAME'].':'.$_SERVER['SERVER_PORT'].dirname($_SERVER['SCRIPT_NAME']).'/../..';
-	//$sItopRoot = utils::ReadParam('check_ticket_itop', $sItopRootDefault);
-	$sItopRoot = ReadMandatoryParam('check_ticket_itop');
 
-	$sWsdlUri = $sItopRoot.'/webservices/itop.wsdl.php';
-	//$sWsdlUri .= '?service_category=';
-	
-	$aSOAPMapping = SOAPMapping::GetMapping();
-	
-	ini_set("soap.wsdl_cache_enabled","0");
-	$oSoapClient = new SoapClient(
-		$sWsdlUri,
-		array(
-			'trace' => 1,
-			'classmap' => $aSOAPMapping, // defined in itopsoaptypes.class.inc.php
-		)
-	);
-	
+	$oConfig = GetConfig();
+	$sItopRootConfig = $oConfig->GetModuleSetting('itop-backup', 'itop_root');
+	if (empty($sItopRootConfig))
+	{
+		// by default getting self !
+		// we could have '' as config value...
+		$sItopRootConfig = $oConfig->Get('app_root_url');
+	}
+
+	try
+	{
+		$sWsdlUri = $sItopRootConfig.'/webservices/itop.wsdl.php';
+		$aSOAPMapping = SOAPMapping::GetMapping();
+		ini_set("soap.wsdl_cache_enabled", "0");
+		$oSoapClient = new SoapClient(
+			$sWsdlUri,
+			array(
+				'trace' => 1,
+				'classmap' => $aSOAPMapping, // defined in itopsoaptypes.class.inc.php
+			)
+		);
+	}
+	catch (Exception $e)
+	{
+		echo "ERROR: Failed to read WSDL of the target iTop ($sItopRootConfig)\n";
+
+		return;
+	}
+
 	try
 	{
 		$oRes = $oSoapClient->CreateIncidentTicket
@@ -176,6 +206,8 @@ function RaiseAlarm($sMessage)
 	catch(Exception $e)
 	{
 		echo "The ticket could not be created: SOAP Exception = '".$e->getMessage()."'\n";
+
+		return;
 	}
 
 	//echo "<pre>\n";
@@ -189,7 +221,7 @@ function RaiseAlarm($sMessage)
 	}
 	else
 	{
-		echo "ERROR: Failed to create the ticket in target iTop ($sItopRoot)\n";
+		echo "ERROR: Failed to create the ticket in target iTop ($sItopRootConfig)\n";
 		foreach ($oRes->errors->messages as $oMessage)
 		{
 			echo $oMessage->text."\n";
@@ -211,6 +243,17 @@ catch(Exception $e)
 	exit;
 }
 
+
+// N°1802 : was moved from script param to config file (avoid direct call with untrusted param value)
+$sItopRootParam = utils::ReadParam('check_ticket_itop', null, true, 'raw_data');
+if (!empty($sItopRootParam))
+{
+	echo 'ERROR: parameter \'check_ticket_itop\' should now be specified in the config file\n';
+
+	return;
+}
+
+
 $sZipArchiveFile = MakeArchiveFileName().'.tar.gz';
 $sZipArchiveFileForDisplay = utils::HtmlEntities($sZipArchiveFile);
 echo date('Y-m-d H:i:s')." - Checking file: $sZipArchiveFileForDisplay\n";
diff --git a/datamodels/2.x/itop-backup/module.itop-backup.php b/datamodels/2.x/itop-backup/module.itop-backup.php
index 5b3e6e376..789ef7b5b 100644
--- a/datamodels/2.x/itop-backup/module.itop-backup.php
+++ b/datamodels/2.x/itop-backup/module.itop-backup.php
@@ -52,7 +52,8 @@ SetupWebPage::AddModule(
 			//'file_name_format' => '__DB__-%Y-%m-%d_%H_%M',
 			'retention_count' => 5, 
 			'enabled' => true,
-			'debug' => false
+			'debug' => false,
+			'itop_root' => '',
 		),
 	)
 );

From 88dea990e1466f58521866bea720ffeb410a2d5d Mon Sep 17 00:00:00 2001
From: Molkobain <lajarige.guillaume@free.fr>
Date: Tue, 27 Nov 2018 17:43:21 +0100
Subject: [PATCH 2/7] =?UTF-8?q?(Cherry=20pick=20from=20revision=2019d4de4)?=
 =?UTF-8?q?=20N=C2=B01737=20Fix=20tags=20sanitization=20in=20search=20crit?=
 =?UTF-8?q?eria?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 css/light-grey.css                     | 33 +++++++++++++-------------
 css/light-grey.scss                    |  1 +
 js/search/search_form_criteria.js      |  3 ++-
 js/search/search_form_criteria_enum.js |  3 ++-
 4 files changed, 22 insertions(+), 18 deletions(-)

diff --git a/css/light-grey.css b/css/light-grey.css
index 062946973..fb32f7945 100644
--- a/css/light-grey.css
+++ b/css/light-grey.css
@@ -956,6 +956,7 @@ input.dp-applied {
 .search_form_handler .sf_criterion_area .search_form_criteria .sfc_form_group {
   /* Form group (operators) is displayed only when the criteria is toggled to opened state */
   display: none;
+  max-width: 450px;
   max-height: 520px;
   overflow: auto;
   /* Show only first operator in simple mode */
@@ -1420,7 +1421,7 @@ div#logo {
 div#logo div {
   height: 88px;
   width: 244px;
-  background: url(../images/itop-logo-2.png?v=v2.5.0-beta) left no-repeat;
+  background: url(../images/itop-logo-2.png?v=v2.5.0) left no-repeat;
 }
 #left-pane .ui-layout-north {
   overflow: hidden;
@@ -1512,7 +1513,7 @@ div#logo div {
 }
 #global-search-image {
   vertical-align: middle;
-  background: url(../images/search.png?v=v2.5.0-beta) center center no-repeat;
+  background: url(../images/search.png?v=v2.5.0) center center no-repeat;
   display: inline-block;
   width: 28px;
   height: 30px;
@@ -1541,7 +1542,7 @@ span.ui-icon {
   margin: 0 2px;
 }
 .ui-layout-button-pin-down {
-  background: url(../images/splitter-bkg.png?v=v2.5.0-beta) transparent;
+  background: url(../images/splitter-bkg.png?v=v2.5.0) transparent;
   width: 16px;
   background-position: -144px -144px;
 }
@@ -2041,7 +2042,7 @@ img.prev, img.first, img.next, img.last {
 }
 div.actions_button {
   float: right;
-  background: #ea7d1e url("../images/actions_left.png?v=v2.5.0-beta") no-repeat scroll left top;
+  background: #ea7d1e url("../images/actions_left.png?v=v2.5.0") no-repeat scroll left top;
   padding-left: 5px;
   margin-top: 0;
   margin-right: 10px;
@@ -2049,7 +2050,7 @@ div.actions_button {
   vertical-align: middle;
 }
 div.actions_button a, .actions_button a:hover, .actions_button a:visited {
-  background: #ea7d1e url(../images/actions_bkg.png?v=v2.5.0-beta) no-repeat scroll right top;
+  background: #ea7d1e url(../images/actions_bkg.png?v=v2.5.0) no-repeat scroll right top;
   color: #fff;
   padding-right: 8px;
   cursor: pointer;
@@ -2073,10 +2074,10 @@ select#org_id {
   cursor: not-allowed;
 }
 .dragHover {
-  background: url(./ui-lightness/images/ui-bg_diagonals-thick_20_666666_40x40.png?v=v2.5.0-beta);
+  background: url(./ui-lightness/images/ui-bg_diagonals-thick_20_666666_40x40.png?v=v2.5.0);
 }
 .edit_mode .dashlet {
-  background: url(./ui-lightness/images/ui-bg_diagonals-thick_20_666666_40x40.png?v=v2.5.0-beta);
+  background: url(./ui-lightness/images/ui-bg_diagonals-thick_20_666666_40x40.png?v=v2.5.0);
   padding: 5px;
   margin: 0;
   position: relative;
@@ -2110,7 +2111,7 @@ table.prop_table {
   top: 0;
   right: 0;
   z-index: 10;
-  background: transparent url(../images/delete.png?v=v2.5.0-beta) no-repeat center;
+  background: transparent url(../images/delete.png?v=v2.5.0) no-repeat center;
 }
 td.prop_value {
   text-align: left;
@@ -2312,17 +2313,17 @@ a.summary, a.summary:hover {
 }
 .message_info {
   border: 1px solid #993;
-  background: url(../images/info-mini.png?v=v2.5.0-beta) 1em 1em no-repeat #ffc;
+  background: url(../images/info-mini.png?v=v2.5.0) 1em 1em no-repeat #ffc;
   padding-left: 3em;
 }
 .message_ok {
   border: 1px solid #393;
-  background: url(../images/ok.png?v=v2.5.0-beta) 1em 1em no-repeat #cfc;
+  background: url(../images/ok.png?v=v2.5.0) 1em 1em no-repeat #cfc;
   padding-left: 3em;
 }
 .message_error {
   border: 1px solid #933;
-  background: url(../images/error.png?v=v2.5.0-beta) 1em 1em no-repeat #fcc;
+  background: url(../images/error.png?v=v2.5.0) 1em 1em no-repeat #fcc;
   padding-left: 3em;
 }
 .fg-menu a img {
@@ -2453,18 +2454,18 @@ div.explain-printable {
 }
 #hiddeable_chapters .ui-tabs .ui-tabs-nav li.hideable-chapter span {
   padding-left: 20px;
-  background: url(../images/eye-open-555.png?v=v2.5.0-beta) 2px center no-repeat;
+  background: url(../images/eye-open-555.png?v=v2.5.0) 2px center no-repeat;
 }
 #hiddeable_chapters .ui-tabs .ui-tabs-nav li.hideable-chapter.strikethrough span {
   text-decoration: line-through;
-  background: url(../images/eye-closed-555.png?v=v2.5.0-beta) 2px center no-repeat;
+  background: url(../images/eye-closed-555.png?v=v2.5.0) 2px center no-repeat;
 }
 .printable-version legend {
   padding-left: 26px;
-  background: #1c94c4 url(../images/eye-open-fff.png?v=v2.5.0-beta) 8px center no-repeat;
+  background: #1c94c4 url(../images/eye-open-fff.png?v=v2.5.0) 8px center no-repeat;
 }
 .printable-version .strikethrough legend {
-  background: #1c94c4 url(../images/eye-closed-fff.png?v=v2.5.0-beta) 8px center no-repeat;
+  background: #1c94c4 url(../images/eye-closed-fff.png?v=v2.5.0) 8px center no-repeat;
 }
 .printable-version fieldset.strikethrough span {
   display: none;
@@ -2616,7 +2617,7 @@ span.search-button, span.refresh-button {
 #itop-breadcrumb .breadcrumb-item a::after {
   content: '';
   position: absolute;
-  background-image: url(../images/breadcrumb-separator.png?v=v2.5.0-beta);
+  background-image: url(../images/breadcrumb-separator.png?v=v2.5.0);
   background-repeat: no-repeat;
   width: 8px;
   height: 16px;
diff --git a/css/light-grey.scss b/css/light-grey.scss
index 1a612b6e9..b7e27d144 100644
--- a/css/light-grey.scss
+++ b/css/light-grey.scss
@@ -1077,6 +1077,7 @@ input.dp-applied {
 			.sfc_form_group{
 				/* Form group (operators) is displayed only when the criteria is toggled to opened state */
 				display: none;
+				max-width: 450px;
 				max-height: 520px;
 				overflow: auto;
 
diff --git a/js/search/search_form_criteria.js b/js/search/search_form_criteria.js
index 11df536c6..a6a019d59 100644
--- a/js/search/search_form_criteria.js
+++ b/js/search/search_form_criteria.js
@@ -756,7 +756,8 @@ $(function()
 			var aValues = [];
 			for(var iValueIdx in aRawValues)
 			{
-				aValues.push(aRawValues[iValueIdx].label);
+				var sEscapedLabel = $('<div />').text(aRawValues[iValueIdx].label).html();
+				aValues.push(sEscapedLabel);
 			}
 
 			return aValues.join(', ');
diff --git a/js/search/search_form_criteria_enum.js b/js/search/search_form_criteria_enum.js
index 6b04589de..0f64ceb6e 100644
--- a/js/search/search_form_criteria_enum.js
+++ b/js/search/search_form_criteria_enum.js
@@ -829,10 +829,11 @@ $(function()
 		// - Make a jQuery element for a list item
 		_makeListItemElement: function(sLabel, sValue, bInitChecked, bInitHidden)
 		{
+			var sEscapedLabel = $('<div />').text(sLabel).html();
 			var oItemElem = $('<div></div>')
 				.addClass('sfc_opc_mc_item')
 				.attr('data-value-code', sValue)
-				.append('<label><input type="checkbox" value="'+sValue+'"/>'+sLabel+'</label>');
+				.append('<label><input type="checkbox" value="'+sValue+'"/>'+sEscapedLabel+'</label>');
 
 			if(bInitChecked === true)
 			{

From 961b1570e8923a1ea3da82e1716cbc21134eeb83 Mon Sep 17 00:00:00 2001
From: Molkobain <lajarige.guillaume@free.fr>
Date: Tue, 27 Nov 2018 17:52:15 +0100
Subject: [PATCH 3/7] Fix iTop version that stayed to "2.5.0-beta" for the
 release

---
 core/config.class.inc.php | 2 +-
 css/css-variables.scss    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/config.class.inc.php b/core/config.class.inc.php
index 2ea43bf53..bf334b0de 100644
--- a/core/config.class.inc.php
+++ b/core/config.class.inc.php
@@ -19,7 +19,7 @@
 
 define('ITOP_APPLICATION', 'iTop');
 define('ITOP_APPLICATION_SHORT', 'iTop');
-define('ITOP_VERSION', '2.5.0-beta');
+define('ITOP_VERSION', '2.5.0');
 define('ITOP_REVISION', 'svn');
 define('ITOP_BUILD_DATE', '$WCNOW$');
 
diff --git a/css/css-variables.scss b/css/css-variables.scss
index 241779850..150081b15 100644
--- a/css/css-variables.scss
+++ b/css/css-variables.scss
@@ -50,4 +50,4 @@ $search-button-box-bg-color: $white;
 $search-button-box-bg-hover-color: $gray-extra-light;
 
 // Beware the version number MUST be enclosed with quotes otherwise v2.3.0 becomes v2 0.3 .0
-$version: "v2.5.0-beta";
+$version: "v2.5.0";

From 76acd8fe9ee066c6c0182fe3216c09e635827c19 Mon Sep 17 00:00:00 2001
From: Molkobain <lajarige.guillaume@free.fr>
Date: Wed, 28 Nov 2018 10:07:05 +0100
Subject: [PATCH 4/7] Internal: Remove wrongly added default search criterion
 on FAQ (Introduced in commit 5f7e8c9)

---
 .../itop-knownerror-mgmt/datamodel.itop-knownerror-mgmt.xml    | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/datamodels/2.x/itop-knownerror-mgmt/datamodel.itop-knownerror-mgmt.xml b/datamodels/2.x/itop-knownerror-mgmt/datamodel.itop-knownerror-mgmt.xml
index b43fccb93..a691dce07 100755
--- a/datamodels/2.x/itop-knownerror-mgmt/datamodel.itop-knownerror-mgmt.xml
+++ b/datamodels/2.x/itop-knownerror-mgmt/datamodel.itop-knownerror-mgmt.xml
@@ -512,9 +512,6 @@
             <item id="category_id">
               <rank>30</rank>
             </item>
-            <item id="domains">
-              <rank>40</rank>
-            </item>
           </items>
         </default_search>
         <list>

From 47cb4feeebdc7cd59b0eb7934c443919ca31eea5 Mon Sep 17 00:00:00 2001
From: Eric <eric.espie@combodo.com>
Date: Wed, 28 Nov 2018 14:15:45 +0100
Subject: [PATCH 5/7] =?UTF-8?q?N=C2=B01783=20-=20Search=20:=20fix=20error?=
 =?UTF-8?q?=20when=20searching=20for=20a=20quote=20in=20a=20text=20field?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../search/criterionconversion/criteriontooql.class.inc.php     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sources/application/search/criterionconversion/criteriontooql.class.inc.php b/sources/application/search/criterionconversion/criteriontooql.class.inc.php
index ef0a64c47..e3f9da26e 100644
--- a/sources/application/search/criterionconversion/criteriontooql.class.inc.php
+++ b/sources/application/search/criterionconversion/criteriontooql.class.inc.php
@@ -110,7 +110,7 @@ class CriterionToOQL extends CriterionConversionAbstract
 			return null;
 		}
 
-		return $aValues[$iIndex]['value'];
+		return addslashes($aValues[$iIndex]['value']);
 	}
 
 	protected static function ContainsToOql($oSearch, $sRef, $aCriteria)

From 992421292cbc3142c6c69e1f6fc658d1c920d423 Mon Sep 17 00:00:00 2001
From: Eric <eric.espie@combodo.com>
Date: Wed, 28 Nov 2018 14:26:13 +0100
Subject: [PATCH 6/7] =?UTF-8?q?N=C2=B01783=20-=20Search=20:=20fix=20error?=
 =?UTF-8?q?=20when=20searching=20for=20a=20quote=20in=20a=20text=20field?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../search/criterionconversion/criteriontooql.class.inc.php     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sources/application/search/criterionconversion/criteriontooql.class.inc.php b/sources/application/search/criterionconversion/criteriontooql.class.inc.php
index e3f9da26e..ebc6a5b05 100644
--- a/sources/application/search/criterionconversion/criteriontooql.class.inc.php
+++ b/sources/application/search/criterionconversion/criteriontooql.class.inc.php
@@ -110,7 +110,7 @@ class CriterionToOQL extends CriterionConversionAbstract
 			return null;
 		}
 
-		return addslashes($aValues[$iIndex]['value']);
+		return \CMDBSource::Quote($aValues[$iIndex]['value']);
 	}
 
 	protected static function ContainsToOql($oSearch, $sRef, $aCriteria)

From 0e0d2541889ad552f22b0b06e96583e8861ba830 Mon Sep 17 00:00:00 2001
From: Eric <eric.espie@combodo.com>
Date: Wed, 28 Nov 2018 14:41:08 +0100
Subject: [PATCH 7/7] =?UTF-8?q?:white=5Fcheck=5Fmark:=20N=C2=B01783=20-=20?=
 =?UTF-8?q?fix=20unit=20tests?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../search/criterionconversion/criteriontooql.class.inc.php     | 2 +-
 test/application/search/CriterionConversionTest.php             | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/sources/application/search/criterionconversion/criteriontooql.class.inc.php b/sources/application/search/criterionconversion/criteriontooql.class.inc.php
index ebc6a5b05..e3f9da26e 100644
--- a/sources/application/search/criterionconversion/criteriontooql.class.inc.php
+++ b/sources/application/search/criterionconversion/criteriontooql.class.inc.php
@@ -110,7 +110,7 @@ class CriterionToOQL extends CriterionConversionAbstract
 			return null;
 		}
 
-		return \CMDBSource::Quote($aValues[$iIndex]['value']);
+		return addslashes($aValues[$iIndex]['value']);
 	}
 
 	protected static function ContainsToOql($oSearch, $sRef, $aCriteria)
diff --git a/test/application/search/CriterionConversionTest.php b/test/application/search/CriterionConversionTest.php
index ccda37dfe..138f23d95 100644
--- a/test/application/search/CriterionConversionTest.php
+++ b/test/application/search/CriterionConversionTest.php
@@ -359,7 +359,7 @@ class CriterionConversionTest extends ItopDataTestCase
 			),
 			'string regexp' => array(
 				'OQL' => "SELECT Server WHERE name REGEXP '^dbserver[0-9]+\\\\\\\\..+\\\\\\\\.[a-z]{2,3}$'",
-				'ExpectedOQL' => "SELECT `Server` FROM Server AS `Server` WHERE (`Server`.`name` REGEXP '^dbserver[0-9]+\\\\..+\\\\.[a-z]{2,3}$')",
+				'ExpectedOQL' => "SELECT `Server` FROM Server AS `Server` WHERE (`Server`.`name` REGEXP '^dbserver[0-9]+\\\\\\\\..+\\\\\\\\.[a-z]{2,3}$')",
 				'ExpectedCriterion' => array(array('widget' => 'string', 'operator' => 'REGEXP')),
 			),
 			'enum + key =' => array(