/** * Displays the online list. **/ public function index_action() { $this->contact_count = Contact::countBySQL('owner_id=?', array(User::findCurrent()->id)); // Total number of contacts $this->users = $this->getOnlineUsers($this->settings['show_groups']); $this->showOnlyBuddies = $this->settings['show_only_buddys']; $this->showGroups = $this->settings['show_groups']; $this->limit = Config::getInstance()->ENTRIES_PER_PAGE; $max_page = ceil(count($this->users['users']) / $this->limit); $this->page = min(Request::int('page', 1), $max_page); // Setup sidebar $sidebar = Sidebar::get(); $sidebar->setImage('sidebar/person-sidebar.png'); // Add buddy configuration option to sidebar only if the user actually // has buddies if ($this->contact_count > 0) { $actions = new OptionsWidget(); $actions->addCheckbox(_('Nur Kontakte in der Übersicht der aktiven Benutzer anzeigen'), $this->settings['show_only_buddys'], $this->url_for('online/config/show_buddies/' . get_ticket())); $actions->addCheckbox(_('Kontaktgruppen bei der Darstellung berücksichtigen'), $this->settings['show_groups'], $this->url_for('online/config/show_groups/' . get_ticket())); $sidebar->addWidget($actions); } }
<? if (isset($flash['question']) && isset($flash['candidate'])) { $dialog = $GLOBALS['template_factory']->open('shared/question'); echo $this->render_partial($dialog, array( "question" => $flash['question'], "approvalLink" => $controller->url_for('course/studygroup/edit_members/' . $sem_id . '/remove_approved/todo/' . get_ticket() . '?user='******'candidate']), "disapprovalLink" => $controller->url_for('course/studygroup/members/' . $sem_id . '/' . $page), )); } $view = count($moderators) + count($tutors) + count($autors) >= 50 ? "list" : "gallery"; ?> <?php echo $this->render_partial("course/studygroup/_feedback", compact('anzahl', 'page', 'sem_id')); ?> <? $partial = $view == 'list' ? 'course/studygroup/_members_list.php' : 'course/studygroup/gallery.php' ?> <? if (!empty($moderators)) : ?> <?php echo $this->render_partial($partial, array('title' => $sem_class['title_dozent_plural'] ?: _("Gruppenadministrator/-innen"), 'sem_id' => $sem_id, 'members' => $moderators, 'moderator_list' => true)); ?> <? endif ?> <? if (!empty($tutors)) : ?> <?php echo $this->render_partial($partial, array('title' => $sem_class['title_tutor_plural'] ?: _("Moderator/-innen"), 'sem_id' => $sem_id, 'members' => $tutors)); ?> <? endif ?>
function plugin_approve_action() { global $vars, $post; if (auth::check_role('readonly')) { die_message(_('PKWK_READONLY prohibits editing')); } if (auth::is_check_role(PKWK_CREATE_PAGE)) { die_message(_('PKWK_CREATE_PAGE prohibits editing')); } // Petit SPAM Check (Client(Browser)-Server Ticket Check) $spam = FALSE; if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) { $s_tracker = md5(get_ticket() . 'Approve'); error_log("\$s_tracker: " . $s_tracker); error_log("\$_SESSION['tracker']: " . $_SESSION['tracker']); } else { if (isset($post['encode_hint']) && $post['encode_hint'] != '') { error_log("\$post['encode_hint']: " . $post['encode_hint']); if (PKWK_ENCODING_HINT != $post['encode_hint']) { $spam = TRUE; } } else { error_log("PKWK_ENCODING_HINT: " . PKWK_ENCODING_HINT); if (PKWK_ENCODING_HINT != '') { $spam = TRUE; } } error_log("is_spampost: " . is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT)); if (is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT)) { $spam = TRUE; } } error_log("isSpam: " . $spam); if ($spam) { honeypot_write(); return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>'); } $name = isset($post['name']) ? $post['name'] : ''; $page = isset($post['_page']) ? $post['_page'] : ''; if ($name == '') { return '<p>approve(): empty name.</p>'; } if ($page == '') { return '<p>approve(): empty page.</p>'; } $config_path = PLUGIN_APPROVE_CONFIG_ROOT . $name; $config = new YamlConfig($config_path); if (!$config->read()) { return array('msg' => 'Approve', 'body' => '<p>approve(): failed to load config. "' . $config_path . '"</p>'); } $pattern = $config[PLUGIN_APPROVE_KEY_PATTERN]; $replace = $config[PLUGIN_APPROVE_KEY_REPLACE]; $page_regex = $config[PLUGIN_APPROVE_KEY_PAGE_REGEX]; if ($page == '') { return array('msg' => 'Approve', 'body' => '<p>approve(): empty page.</p>'); } if ($pattern == '') { return array('msg' => 'Approve', 'body' => '<p>approve(): empty pattern.</p>'); } if ($page_regex == '') { return array('msg' => 'Approve', 'body' => '<p>approve(): empty page_regex.</p>'); } if (!preg_match($page_regex, $page)) { return array('msg' => 'Approve', 'body' => '<p>approve(): page not match.</p>'); } if (PKWK_READONLY > 0 || is_freeze($vars['page']) || !plugin_approve_is_edit_authed($page)) { return array('msg' => 'Approve', 'body' => '<p>approve(): prohibit editing. "' . $page . '"</p>'); } $source = get_source($page, TRUE, TRUE); if ($source === FALSE) { return array('msg' => 'Approve', 'body' => '<p>approve(): failed to load page. "' . $page . '"</p>'); } if (strpos($source, $pattern) === FALSE) { return array('msg' => 'Approve', 'body' => '<p>approve(): pattern not match.</p>'); } $source = str_replace($pattern, $replace, $source); //return array('msg'=>'Approve', 'body'=>$source); page_write($page, $source); pkwk_headers_sent(); header('Location: ' . get_page_location_uri($page)); exit; }
function plugin_commentx_convert() { global $vars, $digest; //, $_btn_comment, $_btn_name, $_msg_comment; static $numbers = array(); static $all_numbers = 0; $_btn_name = _("Name: "); $_btn_comment = _("Post Comment"); $_msg_comment = _("Comment: "); $auth_guide = ''; if (PKWK_READONLY == ROLE_AUTH) { // Plus! if (exist_plugin('login')) { $auth_guide = do_plugin_inline('login'); } } if (is_callable(array('auth', 'check_role'))) { // Plus! if (auth::check_role('readonly')) { return $auth_guide; } } else { if (PKWK_READONLY) { return ''; } } if (!isset($numbers[$vars['page']])) { $numbers[$vars['page']] = 0; } $comment_no = $numbers[$vars['page']]++; $comment_all_no = $all_numbers++; $options = func_num_args() ? func_get_args() : array(); $noname = in_array('noname', $options); $nodate = in_array('nodate', $options) ? '1' : '0'; $above = in_array('above', $options) ? '1' : (in_array('below', $options) ? '0' : PLUGIN_COMMENTX_DIRECTION_DEFAULT); $textarea = in_array('textarea', $options) ? TRUE : (in_array('textfield', $options) ? FALSE : PLUGIN_COMMENTX_TEXTAREA); list($user, $link, $disabled) = plugin_commentx_get_nick(); if ($noname) { $nametags = '<label for="_p_comment_comment_' . $comment_all_no . '">' . $_msg_comment . '</label>'; } else { if ($textarea) { $nametags = '<label for="_p_comment_name_' . $comment_all_no . '">' . $_btn_name . '</label>' . '<input type="text" name="name" id="_p_comment_name_' . $comment_all_no . '" size="' . PLUGIN_COMMENTX_SIZE_TEXTAREA_NAME . '" value="' . $user . '"' . $disabled . ' /><br />' . "\n"; } else { $nametags = '<label for="_p_comment_name_' . $comment_all_no . '">' . $_btn_name . '</label>' . '<input type="text" name="name" id="_p_comment_name_' . $comment_all_no . '" size="' . PLUGIN_COMMENTX_SIZE_NAME . '" value="' . $user . '"' . $disabled . ' />' . "\n"; } } if ($textarea) { $comment_box = '<textarea name="msg" id="_p_comment_comment_{' . $comment_all_no . '}" rows="' . PLUGIN_COMMENTX_SIZE_TEXTAREA_ROWS . '" style="width:' . PLUGIN_COMMENTX_SIZE_TEXTAREA_COLS . ';" /></textarea>'; } else { $comment_box = '<input type="text" name="msg" id="_p_comment_comment_{' . $comment_all_no . '}" style="width:' . PLUGIN_COMMENTX_SIZE_MSG . ';" />'; } if (function_exists('edit_form_assistant')) { // Plus! $helptags = edit_form_assistant(); } $refpage = ''; $script = get_script_uri(); $s_page = htmlspecialchars($vars['page']); $r_page = htmlspecialchars(rawurlencode($vars['page'])); $ticket = md5(MUTIME); if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) { $keyword = $ticket; $_SESSION[$keyword] = md5(get_ticket() . $digest); } $string = <<<EOD <br /> {$auth_guide} <form action="{$script}?{$r_page}" method="post"> <div class="commentform" onmouseup="pukiwiki_pos()" onkeyup="pukiwiki_pos()"> <input type="hidden" name="refpage" value="{$refpage}" /> <input type="hidden" name="plugin" value="commentx" /> <input type="hidden" name="refer" value="{$s_page}" /> <input type="hidden" name="comment_no" value="{$comment_no}" /> <input type="hidden" name="nodate" value="{$nodate}" /> <input type="hidden" name="above" value="{$above}" /> <input type="hidden" name="digest" value="{$digest}" /> <input type="hidden" name="ticket" value="{$ticket}" /> {$nametags} {$comment_box} <input type="submit" name="comment" value="{$_btn_comment}" /> {$helptags} </div> </form> EOD; return $string; }
/** * deletes a studygroup * * @param string id of a studypgroup * @param boolean approveDelete * @param string studipticket * * @return void * */ function delete_action($id, $approveDelete = false, $studipticket = false) { global $perm; if ($perm->have_studip_perm('dozent', $id)) { if ($approveDelete && check_ticket($studipticket)) { $messages = array(); $sem = new Seminar($id); $sem->delete(); if ($messages = $sem->getStackedMessages()) { $this->flash['messages'] = $messages; } unset($sem); // Weiterleitung auf die "meine Seminare", wenn es kein Admin // ist, ansonsten auf die Studiengruppenseite if (!$perm->have_perm('root')) { $this->redirect(URLHelper::getURL('dispatch.php/my_courses')); } else { $this->redirect(URLHelper::getURL('dispatch.php/studygroup/browse')); } return; } else { if (!$approveDelete) { $template = $GLOBALS['template_factory']->open('shared/question'); $template->set_attribute('approvalLink', $this->url_for('course/studygroup/delete/' . $id . '/true/' . get_ticket())); $template->set_attribute('disapprovalLink', $this->url_for('course/studygroup/edit/' . $id)); $template->set_attribute('question', _("Sind Sie sicher, dass Sie diese Studiengruppe löschen möchten?")); $this->flash['question'] = $template->render(); $this->redirect('course/studygroup/edit/' . $id); return; } } } throw new Trails_Exception(401); }
function edit_form($page, $postdata, $digest = FALSE, $b_template = TRUE) { global $script, $vars, $rows, $cols, $hr, $function_freeze; global $load_template_func, $load_refer_related; global $notimeupdate; global $_button, $_string; global $ajax, $ctrl_unload; // Newly generate $digest or not if ($digest === FALSE) { $digest = md5(get_source($page, TRUE, TRUE)); } $refer = $template = $addtag = $add_top = $add_ajax = ''; $checked_top = isset($vars['add_top']) ? ' checked="checked"' : ''; $checked_time = isset($vars['notimestamp']) ? ' checked="checked"' : ''; if (isset($vars['add'])) { $addtag = '<input type="hidden" name="add" value="true" />'; $add_top = '<input type="checkbox" name="add_top" value="true"' . $checked_top . ' /><span class="small">' . $_button['addtop'] . '</span>'; } if ($load_template_func && $b_template) { $pages = array(); foreach (auth::get_existpages() as $_page) { if (is_cantedit($_page) || check_non_list($_page)) { continue; } $s_page = htmlspecialchars($_page); $pages[$_page] = ' <option value="' . $s_page . '">' . $s_page . '</option>'; } ksort($pages, SORT_STRING); $s_pages = join("\n", $pages); $template = <<<EOD <select name="template_page"> <option value="">-- {$_button['template']} --</option> {$s_pages} </select> <input type="submit" name="template" value="{$_button['load']}" accesskey="r" /> <br /> EOD; if ($load_refer_related) { if (isset($vars['refer']) && $vars['refer'] != '') { $refer = '[[' . strip_bracket($vars['refer']) . ']]' . "\n\n"; } } } $r_page = rawurlencode($page); $s_page = htmlspecialchars($page); $s_digest = htmlspecialchars($digest); $s_postdata = htmlspecialchars($refer . $postdata); $s_original = isset($vars['original']) ? htmlspecialchars($vars['original']) : $s_postdata; $s_id = isset($vars['id']) ? htmlspecialchars($vars['id']) : ''; $b_preview = isset($vars['preview']); // TRUE when preview $btn_preview = $b_preview ? $_button['repreview'] : $_button['preview']; $s_ticket = md5(MUTIME); if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) { // BugTrack/95 fix Problem: browser RSS request with session $_SESSION[$s_ticket] = md5(get_ticket() . $digest); $_SESSION['origin' . $s_ticket] = md5(get_ticket() . str_replace("\r", '', $s_original)); } if ($ajax && !is_mobile()) { $add_ajax = '<input type="button" name="add_ajax" value="' . $btn_preview . '" accesskey="p" onclick="pukiwiki_apx(this.form.page.value)" />'; } else { $add_ajax = '<input type="submit" name="preview" value="' . $btn_preview . '" accesskey="p" />'; } $add_notimestamp = ''; if ($notimeupdate != 0 && is_page($page)) { // enable 'do not change timestamp' $add_notimestamp = <<<EOD <input type="checkbox" name="notimestamp" id="_edit_form_notimestamp" value="true"{$checked_time} /> <label for="_edit_form_notimestamp"><span class="small">{$_button['notchangetimestamp']}</span></label> EOD; if ($notimeupdate == 2 && auth::check_role('role_adm_contents')) { // enable only administrator $add_notimestamp .= <<<EOD <input type="password" name="pass" size="12" /> EOD; } $add_notimestamp .= ' '; } $refpage = isset($vars['refpage']) ? htmlspecialchars($vars['refpage']) : ''; $add_assistant = edit_form_assistant(); $body = <<<EOD <div id="realview_outer"><div id="realview"></div><br /></div> <form action="{$script}" method="post" id="form"> <div class="edit_form" onmouseup="pukiwiki_pos()" onkeyup="pukiwiki_pos()"> {$template} {$addtag} <input type="hidden" name="cmd" value="edit" /> <input type="hidden" name="page" value="{$s_page}" /> <input type="hidden" name="digest" value="{$s_digest}" /> <input type="hidden" name="ticket" value="{$s_ticket}" /> <input type="hidden" name="id" value="{$s_id}" /> <textarea id="msg" name="msg" rows="{$rows}" cols="{$cols}" onselect="pukiwiki_apv(this.form.page.value,this)" onfocus="pukiwiki_apv(this.form.page.value,this)" onkeyup="pukiwiki_apv(this.form.page.value,this)" onmouseup="pukiwiki_apv(this.form.page.value,this)">{$s_postdata}</textarea> <br /> {$add_assistant} <br /> <input type="submit" name="write" value="{$_button['update']}" accesskey="s" /> {$add_top} {$add_ajax} {$add_notimestamp} <input type="submit" id="cancel" name="cancel" value="{$_button['cancel']}" accesskey="c" /> <textarea id="original" name="original" rows="1" cols="1" style="display:none">{$s_original}</textarea> </div> </form> EOD; if ($ajax) { global $head_tags; $head_tags[] = ' <script type="text/javascript" charset="utf-8" src="' . SKIN_URI . 'ajax/msxml.js"></script>'; $head_tags[] = ' <script type="text/javascript" charset="utf-8" src="' . SKIN_URI . 'ajax/realedit.js"></script>'; } if ($ctrl_unload) { global $head_tags; $head_tags[] = ' <script type="text/javascript" charset="utf-8" src="' . SKIN_URI . 'ajax/ctrl_unload.js"></script>'; } return $body; }
function get_ticket_response($ticket_number) { $ticket = get_ticket($ticket_number); $data = array("response_type" => "in_channel", "attachments" => array(array("title" => $ticket->getDisplayId() . " - " . $ticket->getSubject(), "fallback" => "Case " . $ticket->getDisplayId(), "title_link" => "http://prosoftxp.com/support/staff/index.php?/Tickets/Ticket/View/" . $ticket->getDisplayId(), "fields" => array(array("title" => "Creator", "value" => $ticket->getFullName(), "short" => "true"), array("title" => "Assigned To", "value" => $ticket->getOwnerStaffName() == "" ? "Unassigned" : $ticket->getOwnerStaffName(), "short" => "true"))))); return $data; }
function plugin_guiedit_edit_form($page, $postdata, $digest = FALSE, $b_template = TRUE) { global $vars; global $load_template_func, $whatsnew; global $_button; global $notimeupdate; global $js_tags, $link_tags, $js_blocks; global $guiedit_use_fck; $script = get_script_uri(); // Newly generate $digest or not if ($digest === FALSE) { $digest = md5(get_source($page, TRUE, TRUE)); } $s_id = isset($vars['id']) ? Utility::htmlsc($vars['id']) : ''; if (!$guiedit_use_fck) { $body = edit_form($page, $postdata, $digest, $b_template); $pattern = "/(<input\\s+type=\"hidden\"\\s+name=\"cmd\"\\s+value=\")edit(\"\\s*\\/?>)/"; $replace = "\$1guiedit\$2\n" . ' <input type="hidden" name="id" value="' . $s_id . '" />' . ' <input type="hidden" name="text" value="1" />'; $body = preg_replace($pattern, $replace, $body); return $body; } // require_once(GUIEDIT_CONF_PATH . 'guiedit.ini.php'); // フォームの値の設定 $s_digest = Utility::htmlsc($digest); $s_page = Utility::htmlsc($page); $s_original = Utility::htmlsc($vars['original']); $s_ticket = md5(MUTIME); if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) { // BugTrack/95 fix Problem: browser RSS request with session $_SESSION[$s_ticket] = md5(get_ticket() . $digest); $_SESSION['origin' . $s_ticket] = md5(get_ticket() . str_replace("\r", '', $s_original)); } // テンプレート $template = ''; if ($load_template_func) { global $guiedit_non_list; $pages = array(); foreach (get_existpages() as $_page) { if ($_page == $whatsnew || check_non_list($_page)) { continue; } foreach ($guiedit_non_list as $key) { $pos = strpos($_page . '/', $key . '/'); if ($pos !== FALSE && $pos == 0) { continue 2; } } $_s_page = Utility::htmlsc($_page); $pages[$_page] = ' <option value="' . $_s_page . '">' . $_s_page . '</option>'; } ksort($pages); $s_pages = join("\n", $pages); $template = <<<EOD <select name="template_page"> \t<option value="">-- {$_button['template']} --</option> {$s_pages} </select> <br /> EOD; } // チェックボックス「タイムスタンプを変更しない」 $add_notimestamp = ''; if ($notimeupdate != 0) { $checked_time = isset($vars['notimestamp']) ? ' checked="checked"' : ''; // if ($notimeupdate == 2) { if ($notimeupdate == 2 && Auth::check_role('role_contents_admin')) { $add_notimestamp = ' ' . '<input type="password" name="pass" size="12" />' . "\n"; } $add_notimestamp = '<input type="checkbox" name="notimestamp" ' . 'id="_edit_form_notimestamp" value="true"' . $checked_time . ' />' . "\n" . ' ' . '<label for="_edit_form_notimestamp"><span class="small">' . $_button['notchangetimestamp'] . '</span></label>' . "\n" . $add_notimestamp . ' '; } // フォーム $body = <<<EOD <div id="guiedit"> \t<form id="guiedit_form" action="{$script}" method="post" style="margin-bottom:0px;"> \t{$template} \t\t<input type="hidden" name="cmd" value="guiedit" /> \t\t<input type="hidden" name="page" value="{$s_page}" /> \t\t<input type="hidden" name="digest" value="{$s_digest}" /> \t\t<input type="hidden" name="ticket" value="{$s_ticket}" /> \t\t<input type="hidden" name="id" value="{$s_id}" /> \t\t<textarea name="original" rows="1" cols="1" style="display:none">{$s_original}</textarea> \t\t<textarea name="msg" id="editor"></textarea> \t\t<div class="pull-left"> \t\t<button type="submit" name="write" accesskey="s" class="btn btn-primary">{$_button['update']}</button> \t\t<button type="button" name="preview" accesskey="p" class="btn btn-secondary">{$_button['preview']}</button> \t\t{$add_notimestamp} \t\t</div> \t</form> \t<form action="{$script}" method="post"> \t\t<input type="hidden" name="cmd" value="guiedit" /> \t\t<input type="hidden" name="page" value="{$s_page}" /> \t\t<input type="submit" name="cancel" value="{$_button['cancel']}" class="btn btn-warning" accesskey="c" /> \t</form> </div> EOD; $js_tags[] = array('type' => 'text/javascript', 'src' => COMMON_URI . 'js/ckeditor/ckeditor.js', 'defer' => 'defer'); $js_tags[] = array('type' => 'text/javascript', 'src' => COMMON_URI . 'js/ckeditor/adapters/jquery.js', 'defer' => 'defer'); $js_tags[] = array('type' => 'text/javascript', 'src' => COMMON_URI . 'js/plugin/guiedit/guiedit.js', 'defer' => 'defer'); return $body; }
/** * show institute basicdata page * * @param mixed $i_id Optional institute id * @throws AccessDeniedException */ public function index_action($i_id = false) { PageLayout::setTitle(_('Verwaltung der Grunddaten')); Navigation::activateItem('/admin/institute/details'); //get ID from an open Institut $i_view = $i_id ?: Request::option('i_view', $GLOBALS['SessSemName'][1]); if (!$i_view) { require_once 'lib/admin_search.inc.php'; // This search just died a little inside, so it should be safe to // continue here but we nevertheless return just to be sure return; } elseif ($i_view === 'new') { closeObject(); } // allow only inst-admin and root to view / edit if ($i_view && !$GLOBALS['perm']->have_studip_perm('admin', $i_view) && $i_view !== 'new') { throw new AccessDeniedException(); } //Change header_line if open object $header_line = getHeaderLine($i_view); if ($header_line) { PageLayout::setTitle($header_line . ' - ' . PageLayout::getTitle()); } if (Request::get('i_trykill')) { $message = _('Sind Sie sicher, dass Sie diese Einrichtung löschen wollen?'); $post['i_kill'] = 1; $post['studipticket'] = get_ticket(); $this->question = createQuestion2($message, $post, array(), $this->url_for('institute/basicdata/delete/' . $i_view)); } $lockrule = LockRules::getObjectRule($i_view); if ($lockrule->description && LockRules::CheckLockRulePermission($i_view, $lockrule['permission'])) { PageLayout::postMessage(MessageBox::info(formatLinks($lockrule->description))); } // Load institute data $institute = new Institute($i_view === 'new' ? null : $i_view); //add the free administrable datafields $datafields = array(); $localEntries = DataFieldEntry::getDataFieldEntries($institute->id, 'inst'); if ($localEntries) { $invalidEntries = $this->flash['invalid_entries'] ?: array(); foreach ($localEntries as $entry) { if (!$entry->isVisible()) { continue; } $color = '#000000'; if (in_array($entry->getId(), $invalidEntries)) { $color = '#ff0000'; } $datafields[] = array('color' => $color, 'title' => $entry->getName(), 'value' => $GLOBALS['perm']->have_perm($entry->isEditable()) && !LockRules::Check($institute['Institut_id'], $entry->getId()) ? $entry->getHTML('datafields') : $entry->getDisplayValue()); } } // Read faculties if neccessary if (count($institute->sub_institutes) === 0) { if ($GLOBALS['perm']->have_perm('root')) { $this->faculties = Institute::findBySQL('Institut_id = fakultaets_id ORDER BY Name ASC', array($i_view)); } else { $temp = User::find($GLOBALS['user']->id)->institute_memberships->findBy('inst_perms', 'admin')->pluck('institute'); $institutes = SimpleORMapCollection::createFromArray($temp); $faculties = $institutes->filter(function ($institute) { return $institute->is_fak; }); $this->faculties = $faculties; } } // Indicates whether the current user is allowed to delete the institute $this->may_delete = $i_view !== 'new' && !(count($institute->home_courses) || count($institute->sub_institutes)) && ($GLOBALS['perm']->have_perm('root') || $GLOBALS['perm']->is_fak_admin() && get_config('INST_FAK_ADMIN_PERMS') == 'all'); if (!$this->may_delete) { //Set infotext for disabled delete-button $reason_txt = _('Löschen nicht möglich.'); if (count($institute->home_courses) > 0) { $reason_txt .= ' '; $reason_txt .= sprintf(ngettext('Es ist eine Veranstaltung zugeordnet.', 'Es sind %u Veranstaltungen zugeordnet.', count($institute->home_courses)), count($institute->home_courses)); } if (count($institute->sub_institutes) > 0) { $reason_txt .= ' '; $reason_txt .= sprintf(ngettext('Es ist eine Einrichtung zugeordnet.', 'Es sind %u Einrichtungen zugeordnet.', count($institute->sub_institutes)), count($institute->sub_institutes)); } } // Indicates whether the current user is allowed to change the faculty $this->may_edit_faculty = $GLOBALS['perm']->is_fak_admin() && !LockRules::Check($institute['Institut_id'], 'fakultaets_id') && ($GLOBALS['perm']->have_studip_perm('admin', $institute['fakultaets_id']) || $i_view === 'new'); // Prepare template $this->institute = $institute; $this->i_view = $i_view; $this->datafields = $datafields; $this->reason_txt = $reason_txt; }
/** * Generic verififcation dialog * * @param String $message Message to be displayed to the user * @param mixed $approved Arguments to pass to url_for if the user * approves the question * @param mixed $rejected Arguments to pass to url_for if the user * disapproves the question * @return String Rendered output of the verification dialog. */ public function verifyDialog($message, $approved, $rejected) { $template = $GLOBALS['template_factory']->open('shared/question'); // inject tickets into arguments $arguments = is_array(end($approved)) ? array_pop($approved) : array(); $arguments['studipticket'] = get_ticket(); $approved[] = $arguments; $template->approvalLink = call_user_func_array(array($this, 'url_for'), $approved); $template->disapprovalLink = call_user_func_array(array($this, 'url_for'), $rejected); $template->question = $message; return $template->render(); }
<? # Lifter010: TODO use Studip\Button, Studip\LinkButton; ?> <? if ($delete_role): ?> <?php echo $GLOBALS['template_factory']->render('shared/question', array('question' => sprintf(_('Wollen Sie wirklich die Rolle "%s" löschen?'), $roles[$delete_role]->getRolename()), 'approvalLink' => $controller->url_for('admin/role/remove_role', $delete_role) . '?ticket=' . get_ticket(), 'disapprovalLink' => $controller->url_for('admin/role'))); ?> <? endif ?> <table class="default"> <caption> <?php echo _('Vorhandene Rollen'); ?> </caption> <thead> <tr> <th><?php echo _('Name'); ?> </th> <th style="text-align: right;"><?php echo _('Benutzer'); ?> </th> <th style="text-align: right;"><?php echo _('Plugins'); ?> </th>
<?php /** on vérifie si une variable de session existe */ if (!isset($_SESSION['id'])) { /** retour à l'index */ header('Location: index.php'); } /** sinon on récupère les données des tickets */ include_once 'model/tickets.php'; /** on vérifie si des variables sont passés par l'url */ if (isset($_GET['a_recup'])) { /** @var array contient les données du ticket */ $ticket = get_ticket($_GET['a_recup']); /** on vérifie si l'utilisateur a l'autorisation */ if ($_SESSION['nm_grp'] != 'Techicien' && $ticket[0]['idVisiteur'] != $_SESSION['id'] && $ticket[0]['etat_ticket'] != 'Ouvert' && $ticket[0]['etat_ticket'] != 'En Attente') { /** retour à l'index */ header('Location: index.php?page=tickets'); } } /** @var array récupère tous les tickets */ $tickets = get_tickets(); /** @var array récupère tous les équipements */ $equipements = get_equipements(); /** on appel la view des tickets */ include_once 'view/tickets.php';
function plugin_bugtrack_print_form($base, $category) { global $_plugin_bugtrack, $script; static $id = 0; ++$id; $select_priority = "\n"; $count = count($_plugin_bugtrack['priority_list']); $selected = ''; for ($i = 0; $i < $count; ++$i) { if ($i == $count - 1) { $selected = ' selected="selected"'; } // The last one $priority_list = htmlspecialchars($_plugin_bugtrack['priority_list'][$i]); $select_priority .= ' <option value="' . $priority_list . '"' . $selected . '>' . $priority_list . '</option>' . "\n"; } $select_state = "\n"; for ($i = 0; $i < count($_plugin_bugtrack['state_list']); ++$i) { $state_list = htmlspecialchars($_plugin_bugtrack['state_list'][$i]); $select_state .= ' <option value="' . $state_list . '">' . $state_list . '</option>' . "\n"; } if (empty($category)) { $encoded_category = '<input name="category" id="_p_bugtrack_category_' . $id . '" type="text" />'; } else { $encoded_category = '<select name="category" id="_p_bugtrack_category_' . $id . '">'; foreach ($category as $_category) { $s_category = htmlspecialchars($_category); $encoded_category .= '<option value="' . $s_category . '">' . $s_category . '</option>' . "\n"; } $encoded_category .= '</select>'; } $ticket = md5(MUTIME); if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) { $keyword = 'B_' . $ticket; $_SESSION[$keyword] = md5(get_ticket() . $ticket); } $s_base = htmlspecialchars($base); $s_name = htmlspecialchars($_plugin_bugtrack['name']); $s_category = htmlspecialchars($_plugin_bugtrack['category']); $s_priority = htmlspecialchars($_plugin_bugtrack['priority']); $s_state = htmlspecialchars($_plugin_bugtrack['state']); $s_pname = htmlspecialchars($_plugin_bugtrack['pagename']); $s_pnamec = htmlspecialchars($_plugin_bugtrack['pagename_comment']); $s_version = htmlspecialchars($_plugin_bugtrack['version']); $s_versionc = htmlspecialchars($_plugin_bugtrack['version_comment']); $s_summary = htmlspecialchars($_plugin_bugtrack['summary']); $s_body = htmlspecialchars($_plugin_bugtrack['body']); $s_submit = htmlspecialchars($_plugin_bugtrack['submit']); $body = <<<EOD <form action="{$script}" method="post"> <table border="0"> <tr> <th><label for="_p_bugtrack_name_{$id}">{$s_name}</label></th> <td><input id="_p_bugtrack_name_{$id}" name="name" size="20" type="text" /></td> </tr> <tr> <th><label for="_p_bugtrack_category_{$id}">{$s_category}</label></th> <td>{$encoded_category}</td> </tr> <tr> <th><label for="_p_bugtrack_priority_{$id}">{$s_priority}</label></th> <td><select id="_p_bugtrack_priority_{$id}" name="priority">{$select_priority} </select></td> </tr> <tr> <th><label for="_p_bugtrack_state_{$id}">{$s_state}</label></th> <td><select id="_p_bugtrack_state_{$id}" name="state">{$select_state} </select></td> </tr> <tr> <th><label for="_p_bugtrack_pagename_{$id}">{$s_pname}</label></th> <td><input id="_p_bugtrack_pagename_{$id}" name="pagename" size="20" type="text" /> <small>{$s_pnamec}</small></td> </tr> <tr> <th><label for="_p_bugtrack_version_{$id}">{$s_version}</label></th> <td><input id="_p_bugtrack_version_{$id}" name="version" size="10" type="text" /> <small>{$s_versionc}</small></td> </tr> <tr> <th><label for="_p_bugtrack_summary_{$id}">{$s_summary}</label></th> <td><input id="_p_bugtrack_summary_{$id}" name="summary" size="60" type="text" /></td> </tr> <tr> <th><label for="_p_bugtrack_body_{$id}">{$s_body}</label></th> <td><textarea id="_p_bugtrack_body_{$id}" name="body" cols="60" rows="6"></textarea></td> </tr> <tr> <td colspan="2" align="center"> <input type="submit" value="{$s_submit}" /> <input type="hidden" name="plugin" value="bugtrack" /> <input type="hidden" name="ticket" value="{$ticket}" /> <input type="hidden" name="mode" value="submit" /> <input type="hidden" name="base" value="{$s_base}" /> </td> </tr> </table> </form> EOD; return $body; }
function plugin_comment_convert() { global $vars, $digest, $script; //, $_btn_comment, $_btn_name, $_msg_comment; static $numbers = array(); static $all_numbers = 0; static $comment_cols = PLUGIN_COMMENT_SIZE_MSG; $_btn_name = _("Name: "); $_btn_comment = _("Post Comment"); $_msg_comment = _("Comment: "); $auth_guide = ''; if (PKWK_READONLY == ROLE_AUTH) { exist_plugin('login'); $auth_guide = do_plugin_inline('login'); } // if (PKWK_READONLY) return ''; // Show nothing if (auth::check_role('readonly')) { return $auth_guide; } if (!isset($numbers[$vars['page']])) { $numbers[$vars['page']] = 0; } $comment_no = $numbers[$vars['page']]++; $comment_all_no = $all_numbers++; $options = func_num_args() ? func_get_args() : array(); list($user, $link, $disabled) = plugin_comment_get_nick(); if (in_array('noname', $options)) { $nametags = '<label for="_p_comment_comment_' . $comment_all_no . '">' . $_msg_comment . '</label>'; } else { $nametags = '<label for="_p_comment_name_' . $comment_all_no . '">' . $_btn_name . '</label>' . '<input type="text" name="name" id="_p_comment_name_' . $comment_all_no . '" size="' . PLUGIN_COMMENT_SIZE_NAME . '" value="' . htmlspecialchars($user) . '"' . $disabled . ' />' . "\n"; } $helptags = edit_form_assistant(); $nodate = in_array('nodate', $options) ? '1' : '0'; $above = in_array('above', $options) ? '1' : (in_array('below', $options) ? '0' : PLUGIN_COMMENT_DIRECTION_DEFAULT); $refpage = ''; $s_page = htmlspecialchars($vars['page']); $ticket = md5(MUTIME); if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) { $keyword = $ticket; $_SESSION[$keyword] = md5(get_ticket() . $digest); } $string = <<<EOD <br /> {$auth_guide} <form action="{$script}" method="post"> <div class="commentform" onmouseup="pukiwiki_pos()" onkeyup="pukiwiki_pos()"> <input type="hidden" name="refpage" value="{$refpage}" /> <input type="hidden" name="plugin" value="comment" /> <input type="hidden" name="refer" value="{$s_page}" /> <input type="hidden" name="comment_no" value="{$comment_no}" /> <input type="hidden" name="nodate" value="{$nodate}" /> <input type="hidden" name="above" value="{$above}" /> <input type="hidden" name="digest" value="{$digest}" /> <input type="hidden" name="ticket" value="{$ticket}" /> {$nametags} <input type="text" name="msg" id="_p_comment_comment_{$comment_all_no}" size="{$comment_cols}" /> <input type="submit" name="comment" value="{$_btn_comment}" /> {$helptags} </div> </form> EOD; return $string; }
<?php echo Button::create(_('Auswählen'), 'select', array('title' => _('Plugin auswählen'))); ?> </form> <? if ($pluginid): ?> <form action="<?php echo $controller->url_for('admin/role/save_plugin_role', $pluginid); ?> " method="POST"> <?php echo CSRFProtection::tokenTag(); ?> <input type="hidden" name="ticket" value="<?php echo get_ticket(); ?> "> <table class="default nohover"> <tr> <th style="text-align: center;"><?php echo _('Gegenwärtig zugewiesene Rollen'); ?> </th> <th></th> <th><?php echo _('Verfügbare Rollen'); ?> </th> </tr> <tr class="table_row_even">
/** * Displays a page. * * @param mixed $id Id of the page to display, optional - defaults to * first page in set. */ public function index_action($id = null) { $temp = StudipScmEntry::findByRange_id($GLOBALS['SessSemName'][1], 'ORDER BY position ASC'); $this->scms = SimpleORMapCollection::createFromArray($temp); $this->scm = $id ? $this->scms->find($id) : $this->scms->first(); if (!$this->scm) { throw new Trails_Exception(404, _('Es konnte keine freie Informationsseite mit der angegebenen Id gefunden werden.')); } if (Request::get('verify') == 'delete') { $this->verification = $GLOBALS['template_factory']->open('shared/question')->render(array('approvalLink' => $this->url_for('course/scm/delete/' . $this->scm->id . '?ticket=' . get_ticket()), 'disapprovalLink' => $this->url_for('course/scm/' . $this->scm->id), 'question' => _('Wollen Sie diese Seite wirklich löschen?'))); } $this->set_title($this->scm->tab_name); Navigation::activateItem('/course/scm/' . $this->scm->id); }
function plugin_guiedit_edit_form($page, $postdata, $digest = FALSE, $b_template = TRUE) { global $vars; global $load_template_func, $whatsnew; global $_button; global $notimeupdate; global $head_tags, $javascript; global $guiedit_use_fck; // Newly generate $digest or not if ($digest === FALSE) { $digest = md5(get_source($page, TRUE, TRUE)); } $s_id = isset($vars['id']) ? htmlspecialchars($vars['id']) : ''; if (!$guiedit_use_fck) { $body = edit_form($page, $postdata, $digest, $b_template); $pattern = "/(<input\\s+type=\"hidden\"\\s+name=\"cmd\"\\s+value=\")edit(\"\\s*\\/?>)/"; $replace = "\$1guiedit\$2\n" . ' <input type="hidden" name="id" value="' . $s_id . '" />' . ' <input type="hidden" name="text" value="1" />'; $body = preg_replace($pattern, $replace, $body); return $body; } require_once GUIEDIT_LIB_PATH . 'guiedit.ini.php'; // フォームの値の設定 $s_digest = htmlspecialchars($digest); $s_page = htmlspecialchars($page); $s_original = htmlspecialchars($vars['original']); $s_ticket = md5(MUTIME); if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) { // BugTrack/95 fix Problem: browser RSS request with session $_SESSION[$s_ticket] = md5(get_ticket() . $digest); $_SESSION['origin' . $s_ticket] = md5(get_ticket() . str_replace("\r", '', $s_original)); } // テンプレート $template = ''; if ($load_template_func) { global $guiedit_non_list; $pages = array(); foreach (get_existpages() as $_page) { if ($_page == $whatsnew || check_non_list($_page)) { continue; } foreach ($guiedit_non_list as $key) { $pos = strpos($_page . '/', $key . '/'); if ($pos !== FALSE && $pos == 0) { continue 2; } } $_s_page = htmlspecialchars($_page); $pages[$_page] = ' <option value="' . $_s_page . '">' . $_s_page . '</option>'; } ksort($pages); $s_pages = join("\n", $pages); $template = <<<EOD <select name="template_page" onchange="Template()"> <option value="">-- {$_button['template']} --</option> {$s_pages} </select> <br /> EOD; } // チェックボックス「タイムスタンプを変更しない」 $add_notimestamp = ''; if ($notimeupdate != 0) { $checked_time = isset($vars['notimestamp']) ? ' checked="checked"' : ''; // if ($notimeupdate == 2) { if ($notimeupdate == 2 && auth::check_role('role_adm_contents')) { $add_notimestamp = ' ' . '<input type="password" name="pass" size="12" />' . "\n"; } $add_notimestamp = '<input type="checkbox" name="notimestamp" ' . 'id="_edit_form_notimestamp" value="true"' . $checked_time . ' />' . "\n" . ' ' . '<label for="_edit_form_notimestamp"><span class="small">' . $_button['notchangetimestamp'] . '</span></label>' . "\n" . $add_notimestamp . ' '; } // フォーム $body = <<<EOD <div class="edit_form"> <form id="edit_form" action="{$script}" method="post" style="margin-bottom:0px;"> {$template} <input type="hidden" name="cmd" value="guiedit" /> <input type="hidden" name="page" value="{$s_page}" /> <input type="hidden" name="digest" value="{$s_digest}" /> <input type="hidden" name="ticket" value="{$s_ticket}" /> <input type="hidden" name="id" value="{$s_id}" /> <textarea name="msg" rows="1" cols="1" style="display:none"></textarea> <div style="float:left;"> <input type="submit" name="write" value="{$_button['update']}" accesskey="s" onclick="Write()" /> <input type="button" name="preview" value="{$_button['preview']}" accesskey="p" onclick="Preview()" /> {$add_notimestamp} </div> <textarea name="original" rows="1" cols="1" style="display:none">{$s_original}</textarea> </form> <form action="{$script}" method="post" style="margin-top:0px;"> <input type="hidden" name="cmd" value="guiedit" /> <input type="hidden" name="page" value="{$s_page}" /> <input type="submit" name="cancel" value="{$_button['cancel']}" accesskey="c" /> </form> </div> <div id="preview_indicator" style="display:none"></div> <div id="preview_area" style="display:none"></div> EOD; // JavaScript を有効にする $javascript = 1; $root = get_baseuri('abs'); // ヘッダの設定 $head_tags[] = ' <link rel="stylesheet" type="text/css" href="' . GUIEDIT_LIB_PATH . 'guiedit.css" charset="UTF-8" />'; $head_tags[] = ' <script type="text/javascript" src="' . GUIEDIT_FCK_PATH . 'fckeditor.js" charset="UTF-8"></script>'; $head_tags[] = ' <script type="text/javascript" src="' . GUIEDIT_LIB_PATH . 'ajax.js" charset="UTF-8"></script>'; $head_tags[] = ' <script type="text/javascript" src="' . GUIEDIT_LIB_PATH . 'guiedit.js" charset="UTF-8"></script>'; $head_tags[] = ' <script type="text/javascript">'; $head_tags[] = ' <!-- <![CDATA['; $head_tags[] = ' var SMILEY_PATH="' . $root . IMAGE_URI . "face/" . '";'; $head_tags[] = ' var FCK_PATH="' . $root . GUIEDIT_FCK_PATH . '";'; $head_tags[] = ' var GUIEDIT_PATH="' . $root . GUIEDIT_LIB_PATH . '";'; $head_tags[] = ' //]]>-->'; $head_tags[] = ' </script>'; return $body; }
function plugin_tracker_action() { global $post, $vars, $now; // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing'); if (auth::check_role('readonly')) { die_message(_('PKWK_READONLY prohibits editing')); } if (auth::is_check_role(PKWK_CREATE_PAGE)) { die_message(_('PKWK_CREATE_PAGE prohibits editing')); } $base = isset($post['_base']) ? $post['_base'] : ''; $refer = isset($post['_refer']) ? $post['_refer'] : ''; $createProxy = isset($post['_createProxy']) ? $post['_createProxy'] : ''; // $page name to add will be decided here $num = 0; $name = isset($post['_name']) ? $post['_name'] : ''; if (isset($post['_page'])) { $real = $page = $post['_page']; } else { $real = is_pagename($name) ? $name : ++$num; $page = get_fullname('./' . $real, $base); } if (!is_pagename($page)) { $page = $base; } while (is_page($page)) { $real = ++$num; $page = $base . '/' . $real; } $config = isset($post['_config']) ? $post['_config'] : ''; $createProxy = isset($post['_createProxy']) ? $post['_createProxy'] : ''; // Petit SPAM Check (Client(Browser)-Server Ticket Check) $spam = FALSE; if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) { $s_tracker = md5(get_ticket() . $config_name); error_log("\$s_tracker: " . $s_tracker); error_log("\$_SESSION['tracker']: " . $_SESSION['tracker']); // if ($_SESSION['tracker'] != $s_tracker) { // $spam = TRUE; // } } else { if (isset($post['encode_hint']) && $post['encode_hint'] != '') { if (PKWK_ENCODING_HINT != $post['encode_hint']) { $spam = TRUE; } } else { if (PKWK_ENCODING_HINT != '') { $spam = TRUE; } } if (is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT)) { $spam = TRUE; } } if ($spam) { honeypot_write(); return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>'); } // TODO: Why here // Default $_post = array_merge($post, $_FILES); $_post['_date'] = $now; $_post['_page'] = $page; $_post['_name'] = $name; $_post['_real'] = $real; // $_post['_refer'] = $_post['refer']; // TODO: Why here => See BugTrack/662 // Creating an empty page, before attaching files pkwk_touch_file(get_filename($page)); $from = $to = array(); $tracker_form =& new Tracker_form(); if (!$tracker_form->init($base, $refer, $config)) { return array('msg' => 'Cannot write', 'body' => htmlspecialchars($tracker_form->error)); } // Load $template $template_page = $tracker_form->config->page . '/' . PLUGIN_TRACKER_DEFAULT_PAGE; $template = plugin_tracker_get_source($template_page); if ($template === FALSE || empty($template)) { return array('msg' => 'Cannot write', 'body' => 'Page template (' . htmlspecialchars($template_page) . ') not found'); } if (!$tracker_form->initFields(plugin_tracker_field_pickup(implode('', $template)))) { return array('msg' => 'Cannot write', 'body' => htmlspecialchars($tracker_form->error)); } $fields = $tracker_form->fields; unset($tracker_form); foreach (array_keys($fields) as $field) { $from[] = '[' . $field . ']'; $to[] = isset($_post[$field]) ? $fields[$field]->format_value($_post[$field]) : ''; unset($fields[$field]); } // Repalace every [$field]s (found inside $template) to real values $subject = $escape = array(); foreach (array_keys($template) as $linenum) { if (trim($template[$linenum]) == '') { continue; } // Escape some TextFormattingRules $letter = $template[$linenum][0]; if ($letter == '|' || $letter == ':') { $escape['|'][$linenum] = $template[$linenum]; } else { if ($letter == ',') { $escape[','][$linenum] = $template[$linenum]; } else { // TODO: Escape "\n" except multiline-allowed fields $subject[$linenum] = $template[$linenum]; } } } foreach (str_replace($from, $to, $subject) as $linenum => $line) { $template[$linenum] = $line; } if ($escape) { // Escape for some TextFormattingRules foreach (array_keys($escape) as $hint) { $to_e = plugin_tracker_escape($to, $hint); foreach (str_replace($from, $to_e, $escape[$hint]) as $linenum => $line) { $template[$linenum] = $line; } } unset($to_e); } unset($from, $to); // Write $template, without touch page_write($page, join('', $template)); // Create proxy page if ($createProxy && ($proxyPage = isset($_post[$createProxy]) ? $_post[$createProxy] : '')) { page_write($proxyPage, '#include(' . $page . ',notitle)'); } pkwk_headers_sent(); header('Location: ' . get_page_location_uri($page)); exit; }
function plugin_tracker_action() { global $vars, $now, $config_name, $_string, $session; // if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing'); // Plus! code start if (Auth::check_role('readonly')) { die_message($_string['prohibit']); } if (Auth::is_check_role(PKWK_CREATE_PAGE)) { die_message(_('PKWK_CREATE_PAGE prohibits editing')); } $base = isset($vars['_base']) ? $vars['_base'] : null; $refer = isset($vars['_refer']) ? $vars['_refer'] : null; if (isset($vars['cancel'])) { Utility::redirect(Router::get_page_uri($refer)); } $tracker_form = new Tracker_form(); // Petit SPAM Check (Client(Browser)-Server Ticket Check) $config = $tracker_form->config_name; // Rescan if ($session->offsetGet('tracker') !== md5(get_ticket() . $config_name)) { honeypot_write(); return array('msg' => 'Cannot write', 'body' => 'Prohibits editing'); } // Plus! code end // $page name to add will be decided here $num = 0; $name = isset($vars['_name']) ? $vars['_name'] : null; if (isset($vars['_page'])) { $real = $page = $vars['_page']; } else { $real = is_pagename($name) ? $name : ++$num; $page = get_fullname('./' . $real, $base); } if (!is_pagename($page)) { $page = $base; } while (is_page($page)) { $real = ++$num; $page = $base . '/' . $real; } $config = isset($vars['_config']) ? $vars['_config'] : null; // TODO: Why here // Default if (isset($_FILES)) { $_post = array_merge($vars, $_FILES); } $_post['_date'] = $now; $_post['_page'] = $page; $_post['_name'] = $name; $_post['_real'] = $real; // $_post['_refer'] = $_post['refer']; // TODO: Why here => See BugTrack/662 // Creating an empty page, before attaching files $from = $to = array(); $tracker_form = new Tracker_form(); if (!$tracker_form->init($base, $refer, $config)) { return array('msg' => 'Cannot write', 'body' => '<p class="alert alert-warning">' . Utility::htmlsc($tracker_form->error) . '</p>'); } // Load $template $template_page = $tracker_form->config->page . '/' . PLUGIN_TRACKER_DEFAULT_PAGE; $template = plugin_tracker_get_source($template_page); if ($template === FALSE || empty($template)) { return array('msg' => 'Cannot write', 'body' => '<p class="alert alert-warning">Page template (' . Utility::htmlsc($template_page) . ') not found</p>'); } if (!$tracker_form->initFields(plugin_tracker_field_pickup(implode(null, $template)))) { return array('msg' => 'Cannot write', 'body' => '<p class="alert alert-warning">' . Utility::htmlsc($tracker_form->error) . '</p>'); } $fields = $tracker_form->fields; unset($tracker_form); foreach (array_keys($fields) as $field) { $from[] = '[' . $field . ']'; $to[] = isset($_post[$field]) ? $fields[$field]->format_value($_post[$field]) : null; unset($fields[$field]); } // Repalace every [$field]s (found inside $template) to real values $subject = $escape = array(); foreach (array_keys($template) as $linenum) { if (trim($template[$linenum]) == null) { continue; } // Escape some TextFormattingRules $letter = $template[$linenum][0]; if ($letter == '|' || $letter == ':') { $escape['|'][$linenum] = $template[$linenum]; } else { if ($letter == ',') { $escape[','][$linenum] = $template[$linenum]; } else { // TODO: Escape "\n" except multiline-allowed fields $subject[$linenum] = $template[$linenum]; } } } foreach (str_replace($from, $to, $subject) as $linenum => $line) { $template[$linenum] = $line; } if ($escape) { // Escape for some TextFormattingRules foreach (array_keys($escape) as $hint) { $to_e = plugin_tracker_escape($to, $hint); foreach (str_replace($from, $to_e, $escape[$hint]) as $linenum => $line) { $template[$linenum] = $line; } } unset($to_e); } unset($from, $to); if (isset($vars['preview'])) { global $_button; unset($vars['preview']); $form[] = '<p class="alert alert-success">' . T_('It will be sent with the contents of the following.') . '</p>'; $form[] = '<form action="' . Router::get_script_uri() . '"enctype="multipart/form-data" method="post" class="form-horizontal plugin-tracker-form">'; foreach ($vars as $key => $value) { $form[] = '<input type="hidden" name="' . $key . '" value="' . $value . '" />'; } $form[] = '<button type="submit" class="btn btn-primary" name="write" accesskey="s"><span class="fa fa-check"></span>' . $_button['update'] . '</button>'; $form[] = '<button type="submit" class="btn btn-warning" name="cancel" accesskey="c"><span class="fa fa-ban"></span>' . $_button['cancel'] . '</button>'; $form[] = '</form>'; $form[] = '<hr />'; $form[] = RendererFactory::factory($template); return array('msg' => 'Preview', 'body' => join("\n", $form)); } else { // Write $template, without touch $wiki = Factory::Wiki($page); $wiki->set($template); Utility::redirect($wiki->uri()); } exit; }