Ejemplo n.º 1
0
/**
 * @package  DoceboSCS
 * @version  $Id: functions.php 113 2006-03-08 18:08:42Z ema $
 */
function getWriteBox(&$out, &$lang)
{
    require_once _base_ . '/lib/lib.form.php';
    $res = "";
    if (isset($_POST["refreshrate"])) {
        $_SESSION["refreshrate"] = (int) $_POST["refreshrate"];
    }
    $form = new Form();
    $res .= $form->openForm('refresh_form', getPopupBaseUrl() . '&amp;op=refresh') . '<div class="refresh_form">';
    $res .= '<label for="refreshrate">' . $lang->def("_AUTOREFRESH") . '</label>' . $form->getInputTextfield('refreshtext', 'refreshrate', 'refreshrate', $_SESSION["refreshrate"], strip_tags($lang->def("_AUTOREFRESH")), 1000, '');
    $res .= $lang->def("_SECONDS") . "\n";
    $res .= $form->getButton('refresh', 'refresh', $lang->def("_REFRESH"), 'button_refresh');
    $res .= '</div>' . $form->closeForm();
    $res .= $form->openForm('msg_form', getPopupBaseUrl() . '&amp;op=send') . '<div class="msg_form">';
    $res .= '<label for="msgtxt">' . $lang->def("_MSGTXT") . '</label>' . $form->getInputTextfield('msgtext', 'msgtxt', 'msgtxt', '', strip_tags($lang->def("_MSGTXT")), 1000, '');
    $res .= $form->getButton('send', 'send', $lang->def("_SEND"), 'button_send');
    $res .= $form->getButton('savechat', 'savechat', $lang->def("_SAVE"), 'button_save');
    $res .= '</div>' . $form->closeForm();
    $res .= "<script type=\"text/javascript\">\n";
    $res .= "document.forms[1].msgtxt.focus();";
    $res .= "</script>\n";
    $res .= '<div class="emoticons_container"><b>';
    $res .= $lang->def("_EMOTICONS") . "</b>:&nbsp;\n";
    $res .= $GLOBALS["chat_emo"]->emoticonList();
    $res .= '</div>';
    if ($_SESSION["refreshrate"] > 0) {
        $ref_meta = "<meta http-equiv=refresh content=\"" . $_SESSION["refreshrate"] . "; url=";
        $ref_meta .= getPopupBaseUrl() . "&amp;op=refresh\" />\n";
        $out->add($ref_meta, "page_head");
    }
    return $res;
}
Ejemplo n.º 2
0
function showWriteForm(&$out, &$lang)
{
    require_once _base_ . '/lib/lib.form.php';
    $form = new Form();
    $res = "";
    $res .= $form->openForm('msg_form', getPopupBaseUrl() . '&amp;op=send') . '<div class="msg_form">';
    $res .= '<label for="msgtxt">' . $lang->def("_MSGTXT") . '</label>' . $form->getInputTextfield('msgtext', 'msgtxt', 'msgtxt', '', strip_tags($lang->def("_MSGTXT")), 1000, '');
    $res .= $form->getButton('send', 'send', $lang->def("_SEND"), 'button_send');
    $res .= $form->getButton('savechat', 'savechat', $lang->def("_SAVE"), 'button_save');
    $res .= '</div>' . $form->closeForm();
    $res .= "<script type=\"text/javascript\">\n";
    $res .= "document.forms[0].msgtxt.focus();";
    $res .= "</script>\n";
    $res .= $GLOBALS["chat_emo"]->emoticonList();
    $out->add($res);
}
Ejemplo n.º 3
0
function select_media(&$out, &$lang)
{
    require_once _base_ . '/lib/lib.form.php';
    require_once _base_ . '/lib/lib.multimedia.php';
    $form = new Form();
    $from = importVar("from");
    $item_id = (int) importVar("item_id");
    $src = "";
    $title = "";
    $path = "";
    switch ($from) {
        case "cms":
            if (!canAccessCmsMedia()) {
                die("You can't access!");
            }
            $path = _FPATH_INTERNAL;
            $relative_path = _FPATH;
            $preview_path = _PPATH;
            $qtxt = "SELECT t1.fname, t1.real_fname, t1.media_url, t2.title FROM " . $GLOBALS["prefix_cms"] . "_media as t1 ";
            $qtxt .= "LEFT JOIN " . $GLOBALS["prefix_cms"] . "_media_info as t2 ON (t2.idm=t1.idMedia) ";
            $qtxt .= "WHERE t1.idMedia='" . $item_id . "' AND t1.publish='1'";
            $q = sql_query($qtxt);
            if ($q && mysql_num_rows($q) > 0) {
                $row = mysql_fetch_array($q);
                $src = $row["real_fname"];
                $title = $row["title"];
                if (!empty($row["media_url"])) {
                    $src = $row["media_url"];
                } else {
                    $src = $row["real_fname"];
                }
            }
            break;
        case "personal":
            if (!canAccessPersonalMedia()) {
                die("You can't access!");
            }
            $user_id = Docebo::user()->getIdSt();
            $path = _USER_FPATH_INTERNAL;
            $relative_path = _USER_FPATH;
            $preview_path = _USER_FPATH;
            $qtxt = "SELECT real_fname, media_url FROM " . $GLOBALS["prefix_fw"] . "_user_file ";
            $qtxt .= "WHERE id='" . $item_id . "' AND user_idst='" . $user_id . "' AND type='image'";
            $q = sql_query($qtxt);
            if ($q && mysql_num_rows($q) > 0) {
                $row = mysql_fetch_array($q);
                if (!empty($row["media_url"])) {
                    $src = $row["media_url"];
                } else {
                    $src = $row["real_fname"];
                }
            }
            break;
    }
    //	$src=rawurlencode($src);
    $res = "";
    $url = getPopupBaseUrl() . "&amp;op=main";
    if (!empty($row["media_url"])) {
        $media_url = $row["media_url"];
        $popup_file_path = $media_url;
    } else {
        $popup_file_path = $path . $src;
    }
    addMediaPopupJS($popup_file_path);
    // TODO: remove inline style
    if (file_exists($preview_path . $src)) {
        $style = "width: 100px; padding: 2px; border: 1px solid #AAAAAA; margin-bottom: 0.4em;";
        $res .= "<img style=\"" . $style . "\" src=\"" . $preview_path . $src . "\" alt=\"" . $title . "\" title=\"" . $title . "\" />\n";
    } else {
        $media_type = getMediaType($src);
        $style = "width: 64px; padding: 2px; border: 1px solid #AAAAAA; margin-bottom: 0.4em;";
        $res .= "<img style=\"" . $style . "\" src=\"" . getPathImage('fw') . "media/" . $media_type . ".png\" alt=\"" . $title . "\" title=\"" . $title . "\" />\n";
    }
    $res .= $form->openForm("popup_form", $url, false, false, '', "onSubmit=\"insItem();\" onReset=\"closePopup();\"");
    $res .= $form->openElementSpace();
    $type = getPopupSelType();
    switch ($type) {
        case "image":
            $res .= $form->getTextfield($lang->def("_ALT_TXT"), "alt_text", "alt_text", 255, $title);
            $res .= $form->getTextfield($lang->def("_TITLE"), "title_text", "title_text", 255, $title);
            //$res.=$form->getTextfield($lang->def("_BORDER"), "border", "border", 3, "0");
            break;
        case "flash":
            $flash_info = getSwfInfoArray($relative_path . $src);
            $res .= $form->getTextfield($lang->def("_WIDTH"), "width", "width", 4, $flash_info["width"]);
            $res .= $form->getTextfield($lang->def("_HEIGHT"), "height", "height", 4, $flash_info["height"]);
            $res .= $form->getTextfield($lang->def("_BGCOLOR"), "bgcolor", "border", 7, "#FFF");
            break;
        case "audio":
        case "video":
        case "streaming":
            require_once _base_ . '/lib/lib.json.php';
            $json = new Services_JSON();
            if (!empty($media_url)) {
                $code = getStreamingEmbed($media_url, FALSE, $src);
            } else {
                $cut_from = strlen($GLOBALS["where_files_relative"]);
                $base_relative_path = $GLOBALS["base_where_files_relative"] . substr($relative_path, $cut_from);
                $current_pl = Get::cur_plat();
                $site_file_path = getPLSetting($current_pl, "url") . $base_relative_path;
                $code = getEmbedPlay($site_file_path, $src, FALSE, FALSE, FALSE, FALSE, FALSE, FALSE, TRUE);
            }
            $code = '<div>' . $code . '</div>';
            $core_url = getPLSetting("framework", "url");
            $bad_path = $GLOBALS["where_framework_relative"] . "/addons/players/";
            $good_path = $core_url . "addons/players/";
            $code = str_replace($bad_path, $good_path, $code);
            $content = array("code" => $code);
            $embed_code = $json->encode($content);
            $res .= $form->getHidden("embed_code", "embed_code", rawurlencode($embed_code));
            $res .= $src;
            break;
    }
    $res .= $form->closeElementSpace();
    $res .= $form->openButtonSpace();
    $res .= $form->getButton('apply', 'apply', $lang->def('_SAVE'));
    $res .= $form->getReset('undo', 'undo', $lang->def('_UNDO'));
    $res .= $form->closeButtonSpace();
    $res .= $form->closeForm();
    $out->add($res);
}
Ejemplo n.º 4
0
// check for remote file inclusion attempt -------------------------------
$list = array('GLOBALS', '_POST', '_GET', '_COOKIE', '_SESSION');
while (list(, $elem) = each($list)) {
    if (isset($_REQUEST[$elem])) {
        die('Request overwrite attempt detected');
    }
}
require_once dirname(__FILE__) . "/header.php";
YuiLib::load();
if (!isset($_GET['op'])) {
    $_GET['op'] = 'default';
}
switch ($_GET['op']) {
    case "getmess":
        ob_clean();
        echo getMsgBuffer($lang, false, true);
        if (Docebo::user()->isLoggedIn()) {
            Docebo::user()->SaveInSession();
        }
        exit;
        break;
    default:
        $script = "\r\n\t\t<script type=\"text/javascript\">\r\n\t\t<!--\r\n\t\t\r\n\t\tfunction loadXMLDoc(url)\r\n\t\t{\r\n\t\t\tvar callback =\r\n\t\t\t{\r\n\t\t\t\tsuccess: function(req)\r\n\t\t\t\t{\r\n\t\t\t\t\tvar write = document.getElementById(\"write_here\");\r\n\t\t\t\t\tif(write)\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\twhile( write.childNodes.length > 200 )\r\n\t\t\t\t\t\t\twrite.removeChild( write.firstChild );\r\n\t\t\t\t\t\t\r\n\t\t\t\t\t\tif(req.responseText.length != 0)\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\tvar newline = document.createElement(\"div\");\r\n\t\t\t\t\t\t\tnewline.innerHTML = req.responseText;\r\n\t\t\t\t\t\t\twrite.appendChild(newline);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\r\n\t\t\t\t\t\tscroll(1, 10000000);\r\n\t\t\t\t\t}\r\n\t\t\t\t\telse\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\talert(\"where to write not found\");\r\n\t\t\t\t\t\twindow.clearInterval(id_interval);\r\n\t\t\t\t\t}\r\n\t\t\t\t},\r\n\t\t\t\t\r\n\t\t\t\tfailure: {}, \r\n\t\t\t\t\r\n\t\t\t\tcache: false\r\n\t\t\t}\r\n\t\t\tvar transaction = YAHOO.util.Connect.asyncRequest('GET', url, callback, null);\r\n\t\t}\r\n\t\t\r\n\t\tfunction sd() {\r\n\t\t\tscroll(1, 10000000);\r\n\t\t}\r\n\t\t\r\n\t\tfunction endRefresh() {\r\n\t\t\twindow.clearInterval(id_interval);\r\n\t\t}\r\n\t\t\r\n\t\t-->\r\n\t\t</script>\r\n\t";
        $out->add($script, "page_head");
        $out->add('<div class="intestation_2">' . $lang->def('_CHAT') . '</div>' . '<div class="chatText" id="write_here">' . '<div>' . getMsgBuffer($lang) . '</div>' . '</div>' . '<script type="text/javascript">
			var id_interval 	= window.setInterval("loadXMLDoc(\'' . getPopupBaseUrl() . '&op=getmess\')", ' . _REFRESH_RATE . ' * 1000);
			sd();
		</script>');
}
// -------------------------------------------------------------------
require_once dirname(__FILE__) . "/footer.php";
Ejemplo n.º 5
0
function showWikiSelect(&$out, &$lang)
{
    require_once _base_ . "/lib/lib.form.php";
    require_once _base_ . '/lib/lib.urlmanager.php';
    require_once $GLOBALS["where_framework"] . "/lib/lib.wiki.php";
    $um =& UrlManager::getInstance();
    $um->setStdQuery("sn=" . Get::cur_plat() . "&op=wiki_sel");
    //$um->setBaseUrl($_SERVER["script_name"]);
    $wiki_id = getEditorWikiId();
    $cwp = new CoreWikiPublic($wiki_id);
    $form = new Form();
    $from = importVar("from");
    $item_id = (int) importVar("item_id");
    $title = "";
    $res = "";
    //$res.=$cwp->getWikiLangFlags();
    $url = getPopupBaseUrl() . "&amp;op=wiki_sel";
    addLinkPopupJS();
    $res .= $form->openForm("popup_form", $url, false, false, '', "onReset=\"closePopup();\"");
    $res .= $form->openElementSpace();
    $type = getPopupSelType();
    /*
    $res.=$form->getTextfield($lang->def("_PAGE_TITLE"), "title", "title", 255);
    $res.=$form->getTextfield($lang->def("_EXTENDED_TITLE"), "ext_title", "ext_title", 255);
    */
    $wiki_lang = $cwp->getWikiLanguage();
    // TODO: change getLanguage() with the current wiki language;
    // try to pass arguments in a better way, like using GET.. [?]
    $wiki_page_db = new TreeDb_WikiDb($cwp->wikiManager->getWikiPageTable(), $cwp->wikiManager->getWikiPageInfoTable(), $wiki_id, $wiki_lang);
    $treeView = new TreeView_WikiView($wiki_page_db, 'wiki_tree');
    $treeView->hideAction();
    $treeView->parsePositionData($_POST, $_POST, $_POST);
    $folder_id = $treeView->getSelectedFolderId();
    $folder_name = $treeView->getFolderPrintName($wiki_page_db->getFolderById($folder_id));
    $res .= $treeView->autoLoad();
    if ($folder_id > 0) {
        $other_param = 'onClick="insItem();"';
        $page_id =& $folder_id;
        $page_info = $cwp->wikiManager->getPageInfo($wiki_id, $wiki_lang, FALSE, $page_id);
        $res .= $form->getHidden("title", "title", $page_info["title"]);
        $res .= $form->getHidden("page_code", "page_code", $page_info["page_code"]);
    } else {
        $other_param = 'disabled="disabled"';
    }
    $res .= $form->closeElementSpace();
    $res .= $form->openButtonSpace();
    $res .= $form->getButton('apply', 'apply', $lang->def('_SAVE'), FALSE, $other_param);
    $res .= $form->getReset('undo', 'undo', $lang->def('_UNDO'));
    $res .= $form->closeButtonSpace();
    $res .= $form->closeForm();
    $out->add($res);
}
Ejemplo n.º 6
0
function sendChatMsg()
{
    $room = $_SESSION["chat_room_id"];
    $backurl = getPopupBaseUrl() . "&amp;op=write";
    if (!isset($_SESSION["chat_user_id"]) || !userCanPost()) {
        Util::jump_to($backurl);
    } else {
        $id_user = $_SESSION["chat_user_id"];
        $userid = $_SESSION["chat_user_name"];
    }
    $txt = $GLOBALS["chat_emo"]->drawEmoticon(htmlentities($_POST["msgtxt"], ENT_COMPAT, 'UTF-8'));
    if ($userid != "Anonymous") {
        $qtxt = "INSERT INTO " . $GLOBALS["prefix_scs"] . "_chat_msg (id_user, id_room, userid, sent_date, text) ";
        $qtxt .= "VALUES('" . $id_user . "', '" . $room . "', '" . $userid . "', '" . date("Y-m-d H:i:s") . "', '" . $txt . "')";
        $q = sql_query($qtxt);
        sql_query("UPDATE " . $GLOBALS['prefix_lms'] . "_tracksession" . " SET lastTime = '" . date('Y-m-d H:i:s') . "'," . " lastFunction = 'chat'" . " WHERE idEnter = '" . $_SESSION['id_enter_course'] . "'" . " AND idCourse = '" . $_SESSION['idCourse'] . "'" . " AND idUser = '******'");
    }
    Util::jump_to($backurl);
}