/**
* Tests {@link Convert::raw2htmlatt()}
*/
function testRaw2HtmlAtt()
{
$val1 = '<input type="text">';
$this->assertEquals('ltinputtypequottextquotgt', Convert::raw2htmlatt($val1), 'Special characters are escaped');
$val2 = 'This is some normal text.';
$this->assertEquals('Thisissomenormaltext', Convert::raw2htmlatt($val2), 'Normal text is not escaped');
}
/**
* Tests {@link Convert::raw2htmlatt()}
*/
public function testRaw2HtmlAtt()
{
$val1 = '<input type="text">';
$this->assertEquals('<input type="text">', Convert::raw2htmlatt($val1), 'Special characters are escaped');
$val2 = 'This is some normal text.';
$this->assertEquals('This is some normal text.', Convert::raw2htmlatt($val2), 'Normal text is not escaped');
}
public function getFormField()
{
$v = $this->Default;
if (Controller::curr()->getRequest()->requestVar($this->Name)) {
$v = Convert::raw2htmlatt(Controller::curr()->getRequest()->requestVar($this->Name));
}
$field = HiddenField::create($this->Name, $this->EscapedTitle, $v)->setFieldHolderTemplate('UserFormsField_holder')->setTemplate('UserFormsField');
$this->doUpdateFormField($field);
return $field;
}
public function getOptions()
{
$odd = 0;
$source = $this->source;
$values = $this->value;
$items = array();
if (!$source) {
$source = array();
}
if ($values instanceof SS_List || is_array($values)) {
$items = $values;
} else {
if ($values === null) {
$items = array();
} else {
$items = explode(',', $values);
$items = str_replace('{comma}', ',', $items);
}
}
if (is_string($source)) {
$source = explode(',', $values);
$source = str_replace('{comma}', ',', $source);
} else {
if ($source instanceof SS_List) {
$source = $source->toArray();
} else {
if (is_array($source)) {
// nothing to do
} else {
throw new Exception(__CLASS__ . " only supports array, SS_List and strings as source");
}
}
}
// Detect a current custom value
$diff = array_diff($items, $source);
$last = '';
if (count($diff)) {
$last = end($diff);
}
$this->setAttribute('data-other-value', Convert::raw2htmlatt($last));
$source['_'] = $this->other_text;
$options = array();
foreach ($source as $value => $item) {
$title = $item;
$itemID = $this->ID() . '_' . preg_replace('/[^a-zA-Z0-9]/', '', $value);
$odd = ($odd + 1) % 2;
$extraClass = $odd ? 'odd' : 'even';
$extraClass .= ' val' . preg_replace('/[^a-zA-Z0-9\\-\\_]/', '_', $value);
$options[] = new ArrayData(array('ID' => $itemID, 'Class' => $extraClass, 'Name' => "{$this->name}[]", 'Value' => $title, 'Title' => $title, 'isChecked' => in_array($title, $items) || in_array($title, $this->defaultItems), 'isDisabled' => $this->disabled || in_array($title, $this->disabledItems)));
}
$options = new ArrayList($options);
return $options;
}
public function Field($properties = array())
{
if ($this->readonly) {
return '';
}
$label = $this->Title();
$id = $this->name;
$title = Convert::raw2htmlatt($this->text);
$fieldHtml = <<<HTML
\t\t<div id="{$id}" class="field formaction cancel">
\t\t<label class="left" for="Form_Form_action_storesubmission">{$label}</label>
\t\t<div class="middleColumn">
\t\t<input id="{$id}" class="action cancel" type="submit" title="{$title}" value="{$title}" name="action_storesubmission"/>
\t\t</div>
\t\t</div>
HTML;
return $fieldHtml;
}
public function HTMLATT()
{
return Convert::raw2htmlatt($this->value);
}
/**
* Renders the TextField and add button to the GridField.
*
* @param $girdField GridField
*
* @return string HTML
**/
public function getHTMLFragments($gridField)
{
$dataClass = $gridField->getList()->dataClass();
$obj = singleton($dataClass);
if (!$obj->canCreate()) {
return "";
}
$dbField = $this->getDataObjectField();
$textField = TextField::create("gridfieldaddbydbfield[" . $obj->ClassName . "][" . Convert::raw2htmlatt($dbField) . "]")->setAttribute("placeholder", $obj->fieldLabel($dbField))->addExtraClass("no-change-track");
$addAction = new GridField_FormAction($gridField, 'add', _t('GridFieldAddByDBField.Add', "Add {name}", "Add button text", array("name" => $obj->i18n_singular_name())), 'add', 'add');
$addAction->setAttribute('data-icon', 'add');
// Start thinking about rending this back to the GF
$forTemplate = new ArrayData(array());
$forTemplate->Fields = new ArrayList();
$forTemplate->Fields->push($textField);
$forTemplate->Fields->push($addAction);
return array($this->targetFragment => $forTemplate->renderWith("GridFieldAddByDBField"));
}
/**
* Renders the TextField and add button to the GridField.
*
* @param $gridField GridField
*
* @return string
*/
public function getHTMLFragments($gridField)
{
/**
* @var DataList $dataList
*/
$dataList = $gridField->getList();
$dataClass = $dataList->dataClass();
$obj = singleton($dataClass);
if (!$obj->canCreate()) {
return "";
}
$dbField = $this->getDataObjectField();
$textField = TextField::create(sprintf("gridfieldaddbydbfield[%s][%s]", $obj->ClassName, Convert::raw2htmlatt($dbField)))->setAttribute('placeholder', $obj->fieldLabel($dbField))->addExtraClass('no-change-track');
$addAction = new GridField_FormAction($gridField, 'add', _t('GridFieldAddByDBField.Add', 'Add {name}', "Add button text", array('name' => $obj->i18n_singular_name())), 'add', 'add');
$addAction->setAttribute('data-icon', 'add');
$forTemplate = new ArrayData(array());
$forTemplate->Fields = new ArrayList();
$forTemplate->Fields->push($textField);
$forTemplate->Fields->push($addAction);
return array($this->targetFragment => $forTemplate->renderWith('GridFieldAddByDBField'));
}
public function getURL()
{
return $this->Page() ? $this->Page()->Link() : Convert::raw2htmlatt($this->getCustomURL());
}
public function getURL()
{
if ($this->linkmode == "external") {
$url = $this->getCustomURL();
// add default http if no URL_SCHEME present
if (parse_url($url, PHP_URL_SCHEME) === null) {
$url = 'http://' . $url;
}
return Convert::raw2htmlatt($url);
} else {
if ($page = $this->Page()) {
return $page->AbsoluteLink();
}
}
}
/**
* Send this HTTPReponse to the browser
*/
public function output()
{
// Attach appropriate X-Include-JavaScript and X-Include-CSS headers
if (Director::is_ajax()) {
Requirements::include_in_response($this);
}
if (in_array($this->statusCode, self::$redirect_codes) && headers_sent($file, $line)) {
$url = Director::absoluteURL($this->headers['Location'], true);
$urlATT = Convert::raw2htmlatt($url);
$urlJS = Convert::raw2js($url);
$title = Director::isDev() ? "{$urlATT}... (output started on {$file}, line {$line})" : "{$urlATT}...";
echo <<<EOT
<p>Redirecting to <a href="{$urlATT}" title="Click this link if your browser does not redirect you">{$title}</a></p>
<meta http-equiv="refresh" content="1; url={$urlATT}" />
<script type="text/javascript">setTimeout(function(){
\twindow.location.href = "{$urlJS}";
}, 50);</script>";
EOT;
} else {
$line = $file = null;
if (!headers_sent($file, $line)) {
header($_SERVER['SERVER_PROTOCOL'] . " {$this->statusCode} " . $this->getStatusDescription());
foreach ($this->headers as $header => $value) {
header("{$header}: {$value}", true, $this->statusCode);
}
} else {
// It's critical that these status codes are sent; we need to report a failure if not.
if ($this->statusCode >= 300) {
user_error("Couldn't set response type to {$this->statusCode} because " . "of output on line {$line} of {$file}", E_USER_WARNING);
}
}
// Only show error pages or generic "friendly" errors if the status code signifies
// an error, and the response doesn't have any body yet that might contain
// a more specific error description.
if (Director::isLive() && $this->isError() && !$this->body) {
Debug::friendlyError($this->statusCode, $this->getStatusDescription());
} else {
echo $this->body;
}
}
}
/**
* render() generates the HTML for the component, including generic containment. Generally subclasses shouldn't
* override this, but will override renderContent. The parent component (typically layout components) can provide
* extra properties that affect the containment.
* @param $context Context for binding.
* @param $extras Map that can contain the following keys:
* - "classes" - an array of CSS class names to be added.
* - "styles" - a map of style definitions that are aggregated into the style attribute
* of the container.
* - "attrs" - a map of additional attributes to add to the containment tag. This
* shouldn't include "class" or "style" keys. Values should not be quoted.
* @return string
*/
function render($context, $extras = null)
{
$lm = $this->view->getLayoutManager();
// Give the layout manager the first opportunity to render. If it handles this component,
// it is expected to handle the entire component render. This is not the normal case, it's
// just a hook.
$r = $lm->render($this, $this->view, $context, $extras);
if ($r !== FALSE) {
return $r;
}
// This is a more common case, where the layout manager is given the opportunity to
// provide extra classes or attributes for this component.
$extras = $lm->augmentExtras($this, $this->context, $extras);
// Determine the CSS classes of the container.
$classes = $this->containerClasses($context);
if (isset($extras["classes"])) {
$classes = array_merge($classes, $extras["classes"]);
}
$cssClasses = implode(" ", array_unique($classes));
// Determine the styles of the container.
$styles = array();
if (isset($extras["styles"])) {
foreach ($extras["styles"] as $name => $value) {
$styles[] = $name . ":" . $value;
}
}
$styles = implode(";", $styles);
// Determine the attributes of the container.
$attrs = array();
if (isset($extras["attrs"])) {
foreach ($extras["attrs"] as $name => $value) {
$attrs[] = $name . "=\"" . Convert::raw2htmlatt($value) . "\"";
}
}
$attrs = implode(" ", $attrs);
$componentTag = $this->getMetadataValue("display") == "block" ? "div" : "span";
return $this->customise(new ArrayData(array("Tag" => $componentTag, "Content" => $this->renderContent($context), "ClassName" => get_class($this), "ExtraClasses" => $cssClasses, "ExtraStyles" => $styles, "ExtraAttrs" => $attrs)))->renderWith("NLComponentContainment");
}
public function getURL()
{
switch ($this->linkmode) {
case "external":
// legacy
// legacy
case "URL":
$url = $this->getCustomURL();
// add default http if no URL_SCHEME present (NO, relative urls should be possible)
// if( parse_url($url, PHP_URL_SCHEME) === null ){
// $url = 'http://' . $url;
// }
return Convert::raw2htmlatt($url);
case "Shortcode":
// Should probably be handled differently from template (<% if IsShortcode ...)
return '';
case "internal":
// legacy
// legacy
case "Page":
$url = '';
if ($page = $this->Page()) {
$url = $page->AbsoluteLink();
}
if ($anchor = $this->getPageAnchor()) {
$url .= "#{$anchor}";
}
return Convert::raw2htmlatt($url);
case "Email":
return Convert::raw2htmlatt($this->getEmail());
default:
// File
if ($file = $this->File()) {
return $file->AbsoluteLink();
}
}
}
function slideLabel()
{
return $this->Label ? Convert::raw2htmlatt($this->Label) : false;
}
/**
*
* @return FormField
*/
public function getFieldForProduct(Product $product, $value = null)
{
if ($this->Options) {
//if HasImages?
$finalOptions = array();
$optionArray = explode(",", $this->Options);
foreach ($optionArray as $option) {
$option = trim($option);
$finalOptions[Convert::raw2htmlatt($option)] = $option;
}
if ($this->HasImages) {
return new ProductQuestionImageSelectorField($this->getFieldForProductName($product), $this->Question, $finalOptions, $value, $this->FolderID);
} else {
$formFieldClass = $this->DefaultFormField;
if (!$formFieldClass) {
$formFieldClass = "DropdownField";
}
$finalOptions = array("" => _t("ProductQuestion.PLEASE_SELECT", " -- please select --")) + $finalOptions;
return $formFieldClass::create($this->getFieldForProductName($product), $this->Question, $finalOptions, $value);
}
} else {
$formFieldClass = $this->DefaultFormField;
if (!$formFieldClass) {
$formFieldClassd = "TextField";
}
return $formFieldClass::create($this->getFieldForProductName($product), $this->Question, $value);
}
}
