/** * Créer une URL * * @param string $script * Nom du script à exécuter * @param string|array $args * Arguments à transmettre a l'URL, soit sous la forme d'un string * tel que `arg1=yy&arg2=zz` soit sous la forme d'un array tel que * `array( arg1 => yy, arg2 => zz )` * @param bool $no_entities * Si false : transforme les & en & * @param boolean $public * URL relative ? false : l’URL sera complète et contiendra l’URL du site. * true : l’URL sera relative. * @return string * URL */ function generer_url_action($script, $args = "", $no_entities = false, $public = false) { // si l'on est dans l'espace prive, on garde dans l'url // l'exec a l'origine de l'action, qui permet de savoir si il est necessaire // ou non de proceder a l'authentification (cas typique de l'install par exemple) $url = (_DIR_RACINE and !$public) ? generer_url_ecrire(_request('exec')) : generer_url_public('', '', false, false); $url = parametre_url($url, 'action', $script); if ($args) { $url .= quote_amp('&' . $args); } if ($no_entities) { $url = str_replace('&', '&', $url); } return $url; }
function redirige_formulaire($url, $equiv = '', $format = 'message') { if (!_AJAX and !headers_sent() and !_request('var_ajax')) { redirige_par_entete(str_replace('&', '&', $url), $equiv); } elseif ($format == 'ajaxform' and preg_match(',^#[0-9a-z\\-_]+$,i', $url)) { return array("<a href='{$url}' name='ajax_ancre' style='display:none;'>anchor</a>", ''); } else { // ne pas laisser passer n'importe quoi dans l'url $url = str_replace(array('<', '"'), array('<', '"'), $url); $url = strtr($url, "\n\r", " "); # en theorie on devrait faire ca tout le temps, mais quand la chaine # commence par ? c'est imperatif, sinon l'url finale n'est pas la bonne if ($url[0] == '?') { $url = url_de_base() . $url; } $url = str_replace('&', '&', $url); spip_log("redirige formulaire ajax: {$url}"); include_spip('inc/filtres'); if ($format == 'ajaxform') { return array('<a href="' . quote_amp($url) . '" name="ajax_redirect" style="display:none;">' . _T('navigateur_pas_redirige') . '</a>', '<br /><a href="' . quote_amp($url) . '">' . _T('navigateur_pas_redirige') . '</a>'); } else { return "<script type='text/javascript'>if (parent.window){parent.window.document.location.replace(\"{$url}\");} else {document.location.replace(\"{$url}\");}</script>" . http_img_pack('searching.gif', '') . '<br />' . '<a href="' . quote_amp($url) . '">' . _T('navigateur_pas_redirige') . '</a>'; } } }
/** * Ecrire le js pour relancer la procedure de dump * @param string $redirect * @return string */ function migrer_vers_relance($redirect){ if (!headers_sent()){ include_spip('inc/headers'); redirige_par_entete(str_replace('&','&',$redirect), $equiv); } // si Javascript est dispo, anticiper le Time-out return "<script type='text/javascript'>document.location.replace(\"$redirect\");</script>" . str_repeat(" ", 256)."<pre></pre>" . '<br />' . '<a href="'.quote_amp($redirect).'">'._T('navigateur_pas_redirige')."</a><br />\r\n"; }
function debusquer_navigation($tableau, $caption = array(), $id = 'debug-nav') { if (_request('exec') == 'valider_xml') { return ''; } $GLOBALS['bouton_admin_debug'] = true; $res = ''; $href = quote_amp(parametre_url($GLOBALS['REQUEST_URI'], 'var_mode', 'debug')); foreach ($tableau as $i => $err) { $boucle = $ligne = $skel = ''; list($msg, $lieu) = $err; if (is_object($lieu)) { $ligne = $lieu->ligne; $boucle = $lieu->id_boucle ? $lieu->id_boucle : ''; if (isset($lieu->descr['nom'])) { $nom_code = $lieu->descr['nom']; $skel = $lieu->descr['sourcefile']; $h2 = parametre_url($href, 'var_mode_objet', $nom_code); $h3 = parametre_url($h2, 'var_mode_affiche', 'squelette') . '#L' . $ligne; $skel = "<a href='{$h3}'><b>{$skel}</b></a>"; if ($boucle) { $h3 = parametre_url($h2 . $boucle, 'var_mode_affiche', 'boucle'); $boucle = "<a href='{$h3}'><b>{$boucle}</b></a>"; } } } $j = $i + 1; $res .= "<tr id='req{$j}'><td style='text-align: right'>" . $j . " </td><td style='text-align: left'>" . (is_array($msg) ? implode('', $msg) : $msg) . "</td><td style='text-align: left'>" . ($skel ? $skel : " / ") . "</td><td class='spip-debug-arg' style='text-align: left'>" . ($boucle ? $boucle : " / ") . "</td><td style='text-align: right'>" . $ligne . "</td></tr>\n"; } return "\n<table id='{$id}'>" . "<caption onclick=\"x = document.getElementById('{$id}'); (x.style.display == '' ? x.style.display = 'none' : x.style.display = '');\">" . $caption[0] . "</caption>" . (!empty($caption[1]) ? $caption[1] : '') . "<tr><th>" . _T('numero') . "</th><th>" . _T('public:message') . "</th><th>" . _T('squelette') . "</th><th>" . _T('zbug_boucle') . "</th><th>" . _T('ligne') . "</th></tr>" . $res . "</table>"; }
function traiter_lien_explicite ($ref, $texte='', $pour='url', $connect='') { if (preg_match(_EXTRAIRE_LIEN, $ref)) return ($pour != 'tout') ? '' : array('','','',''); $lien = entites_html(trim($ref)); // Liens explicites if (!$texte) { $texte = str_replace('"', '', $lien); // evite l'affichage de trops longues urls. $lien_court = charger_fonction('lien_court', 'inc'); $texte = $lien_court($texte); $texte = "<html>".quote_amp($texte)."</html>"; } // petites corrections d'URL if (preg_match('/^www\.[^@]+$/S',$lien)) $lien = "http://".$lien; else if (strpos($lien, "@") && email_valide($lien)) { if (!$texte) $texte = $lien; $lien = "mailto:".$lien; } if ($pour == 'url') return $lien; if ($pour == 'titre') return $texte; return array('url' => $lien, 'titre' => $texte); }
function http_calendrier_avec_heure($evenement, $amj) { $jour_debut = substr($evenement['DTSTART'], 0,8); $jour_fin = substr($evenement['DTEND'], 0, 8); if ($jour_fin <= 0) $jour_fin = $jour_debut; if (($jour_debut <= 0) OR ($jour_debut > $amj) OR ($jour_fin < $amj)) return ""; $desc = PtoBR(propre($evenement['DESCRIPTION'])); $sum = $evenement['SUMMARY']; $u = $GLOBALS['meta']['pcre_u']; $sum = typo($sum); if (!$sum) $sum = $desc; if ($lieu = $evenement['LOCATION']) $sum .= '<br />' . $lieu; if ($perso = construire_personne_ics($evenement['ATTENDEE'])) $sum .= '<br />' . $perso; if ($evenement['URL']) $sum = http_href(quote_amp($evenement['URL']), $sum, attribut_html($desc), 'border: 0'); $sum = pipeline('agenda_rendu_evenement',array('args'=>array('evenement'=>$evenement,'type'=>'avec_heure'),'data'=>$sum)); $deb_h = substr($evenement['DTSTART'],-6,2); $deb_m = substr($evenement['DTSTART'],-4,2); $fin_h = substr($evenement['DTEND'],-6,2); $fin_m = substr($evenement['DTEND'],-4,2); $opacity = $evenement['CATEGORIES']; if ($amj != $jour_debut AND $amj != $jour_fin) { $opacity .= ' calendrier-opacity'; } else { if ($deb_h >0 OR $deb_m > 0) { if ((($deb_h > 0) OR ($deb_m > 0)) AND $amj == $jour_debut) { $deb = $deb_h . ':' . $deb_m;} else { $deb = '...'; } if ((($fin_h > 0) OR ($fin_m > 0)) AND $amj == $jour_fin) { $fin = $fin_h . ':' . $fin_m;} else { $fin = '...'; } $sum = "<div style='font-weight: bold;'>$deb-$fin</div>$sum"; } } return "\n<div class='calendrier-arial10 calendrier-evenement $opacity'>$sum\n</div>\n"; }
function action_crayons_store_args($store = 'crayons_store') { header("Content-Type: text/plain; charset=" . $GLOBALS['meta']['charset']); lang_select($GLOBALS['auteur_session']['lang']); $r = $store(); // Si on a ete appeles par jQuery, on renvoie tout, c'est le client // crayons.js qui va traiter l'affichage du resultat et status # Attention le test $_SERVER["HTTP_X_REQUESTED_WITH"] === "XMLHttpRequest" # n'est pas bon car le cas d'un fichier uploade via iframe n'est pas detecte // S'il y a une adresse de redirection, on renvoie vers elle // En cas d'erreur il faudrait ajouter &err=... dans l'url ? if (_request('redirect')) { if (!$r['$erreur'] or $r['$annuler']) { include_spip('inc/headers'); redirige_par_entete(_request('redirect')); } else { echo "<h4 class='status'>" . $r['$erreur'] . "</h4>\n"; foreach ($r as $wid => $v) { if ($wid !== '$erreur') { echo "<div id='{$wid}'>{$v}</div><hr />\n"; } } echo "<a href='" . quote_amp(_request('redirect')) . "'>" . quote_amp(_request('redirect')) . "</a>\n"; } } else { echo crayons_json_export($r); } exit; }
function chrono_requete($temps) { $total = 0; $hors = "<i>" . _T('zbug_hors_compilation') . "</i>"; $t = $q = $n = $d = array(); // Totaliser les temps et completer le Explain foreach ($temps as $key => $v) { list($dt, $nb, $boucle, $query, $explain, $res, $contexte) = $v; if (is_array($contexte)) { $k = ($contexte[0] . " $boucle"); include_spip('public/compiler'); $env = reconstruire_contexte_compil($contexte); } else $k = $env = $boucle; $total += $dt; $t[$key] = $dt; $q[$key] = $nb; $d[$k]+= $dt; if ($k) @++$n[$k]; if (!is_array($explain)) $explain = array(); foreach($explain as $j => $v) { $explain[$j] = "<tr><th>$j</th><td>" . str_replace(';','<br />',$v) . "</td></tr>"; } $e = "<table class='explain'>" . "<caption>" . $query . "</caption>" . "<tr><th>Time</th><td>$dt</td></tr>" . "<tr><th>Order</th><td>$nb</td></tr>" . "<tr><th>Res</th><td>$res</td></tr>" . join('', $explain) . "</table>"; $temps[$key] = array($e, $env, $k); } // Trier par temps d'execution decroissant array_multisort($t, SORT_DESC, $q, $temps); arsort($d); $i = 1; $t = array(); // Fabriquer les liens de navigations dans le tableau des temps foreach($temps as $k => $v) { $titre = strip_tags($v[2]); $href = quote_amp($GLOBALS['REQUEST_URI'])."#req$i"; $t[$v[2]][]= "<span class='spip-debug-arg'> " . "<a title='$titre' href='$href'>$i</a>" . '</span>' . ((count($t[$v[2]]) % 10 == 9) ? "<br />" : ''); $i++; } if ($d['']) { $d[$hors] = $d['']; $n[$hors] = $n['']; $t[$hors] = $t['']; } unset($d['']); // Fabriquer le tableau des liens de navigation dans le grand tableau foreach ($d as $k => $v) { $d[$k] = $n[$k] . "</td><td>$k</td><td class='time'>$v</td><td class='liste-reqs'>" . join('',$t[$k]); } $navigation = _T('zbug_statistiques') . "<table style='text-align: left; border: 1px solid;'><tr><td>" . join("</td></tr>\n<tr><td>", $d) . "</td></tr>\n" . (# _request('var_mode_objet') ? '' : ("<tr><td>" . count($temps) . "</td><td>" . _T('info_total') . '</td><td class="time">' . $total . "</td><td></td></tr>")) . "</table>"; return array($temps, $navigation); }
function couper($texte, $taille = 50, $suite = ' (...)') { if (!($length = strlen($texte)) or $taille <= 0) { return ''; } $offset = 400 + 2 * $taille; while ($offset < $length and strlen(preg_replace(",<[^>]+>,Uims", "", substr($texte, 0, $offset))) < $taille) { $offset = 2 * $offset; } if ($offset < $length && ($p_tag_ouvrant = strpos($texte, '<', $offset)) !== NULL) { $p_tag_fermant = strpos($texte, '>', $offset); if ($p_tag_fermant && $p_tag_fermant < $p_tag_ouvrant) { $offset = $p_tag_fermant + 1; } // prolonger la coupe jusqu'au tag fermant suivant eventuel } $texte = substr($texte, 0, $offset); /* eviter de travailler sur 10ko pour extraire 150 caracteres */ // on utilise les \r pour passer entre les gouttes $texte = str_replace("\r\n", "\n", $texte); $texte = str_replace("\r", "\n", $texte); // sauts de ligne et paragraphes $texte = preg_replace("/\n\n+/", "\r", $texte); $texte = preg_replace("/<(p|br)( [^>]*)?" . ">/", "\r", $texte); // supprimer les traits, lignes etc $texte = preg_replace("/(^|\r|\n)(-[-#\\*]*|_ )/", "\r", $texte); // supprimer les tags $texte = supprimer_tags($texte); $texte = trim(str_replace("\n", " ", $texte)); $texte .= "\n"; // marquer la fin // travailler en accents charset $texte = unicode2charset(html2unicode($texte, true)); if (!function_exists('nettoyer_raccourcis_typo')) { include_spip('inc/lien'); } $texte = nettoyer_raccourcis_typo($texte); // corriger la longueur de coupe // en fonction de la presence de caracteres utf if ($GLOBALS['meta']['charset'] == 'utf-8') { $long = charset2unicode($texte); $long = spip_substr($long, 0, max($taille, 1)); $nbcharutf = preg_match_all('/(&#[0-9]{3,5};)/S', $long, $matches); $taille += $nbcharutf; } // couper au mot precedent $long = spip_substr($texte, 0, max($taille - 4, 1)); $u = $GLOBALS['meta']['pcre_u']; $court = preg_replace("/([^\\s][\\s]+)[^\\s]*\n?\$/" . $u, "\\1", $long); $points = $suite; // trop court ? ne pas faire de (...) if (spip_strlen($court) < max(0.75 * $taille, 2)) { $points = ''; $long = spip_substr($texte, 0, $taille); $texte = preg_replace("/([^\\s][\\s]+)[^\\s]*\n?\$/" . $u, "\\1", $long); // encore trop court ? couper au caractere if (spip_strlen($texte) < 0.75 * $taille) { $texte = $long; } } else { $texte = $court; } if (strpos($texte, "\n")) { // la fin est encore la : c'est qu'on n'a pas de texte de suite $points = ''; } // remettre les paragraphes $texte = preg_replace("/\r+/", "\n\n", $texte); // supprimer l'eventuelle entite finale mal coupee $texte = preg_replace('/&#?[a-z0-9]*$/S', '', $texte); return quote_amp(trim($texte)) . $points; }
function afficher_site($id_syndic, $id_rubrique, $nom_site, $row){ global $spip_lang_right; $cherche_mot = _request('cherche_mot'); $select_groupe = _request('select_groupe'); $id_secteur = $row["id_secteur"]; $url_site = $row["url_site"]; $url_syndic = $row["url_syndic"]; $syndication = $row["syndication"]; $statut = $row["statut"]; $date_heure = $row["date"]; $date_syndic = $row['date_syndic']; $flag_administrable = autoriser('modifier','site',$id_syndic); $flag_editable = ($flag_administrable OR ($GLOBALS['meta']["proposer_sites"] > 0 AND ($statut == 'prop'))); $meme_rubrique = charger_fonction('meme_rubrique', 'inc'); $iconifier = charger_fonction('iconifier', 'inc'); if ($flag_editable AND ($statut == 'publie')) $dater = charger_fonction('dater', 'inc'); $editer_mots = charger_fonction('editer_mots', 'inc'); if ($flag_administrable) $instituer_site = charger_fonction('instituer_site','inc'); echo debut_grand_cadre(true); echo afficher_hierarchie($id_rubrique); echo fin_grand_cadre(true); echo debut_gauche('', true); echo debut_boite_info(true); echo pipeline ('boite_infos', array('data' => '', 'args' => array( 'type'=>'site', 'id' => $id_syndic, 'row' => $row ) )); echo fin_boite_info(true); echo $iconifier('id_syndic', $id_syndic, 'sites', false, $flag_administrable); echo pipeline('affiche_gauche',array('args'=>array('exec'=>'sites','id_syndic'=>$id_syndic),'data'=>'')); echo creer_colonne_droite('', true); echo $meme_rubrique($id_rubrique, $id_syndic, 'syndic'); echo pipeline('affiche_droite',array('args'=>array('exec'=>'sites','id_syndic'=>$id_syndic),'data'=>'')); echo bloc_des_raccourcis( icone_horizontale(_T('icone_voir_sites_references'), generer_url_ecrire("sites_tous",""), "site-24.gif","rien.gif", false) ); echo debut_droite('', true); if ($syndication == 'off' OR $syndication == 'sus') $droit = $id_rubrique; else $droit = 0; $url_affichee = $url_site; if (strlen($url_affichee) > 40) $url_affichee = substr($url_affichee, 0, 30)."..."; $actions = ($flag_editable ? icone_inline(_T('icone_modifier_site'), generer_url_ecrire('sites_edit',"id_syndic=$id_syndic"), "site-24.gif", "edit.gif",$spip_lang_right) : ""); $haut = "<div class='bandeau_actions'>$actions</div>". gros_titre($nom_site?$nom_site:"("._T('info_sans_titre_2').")", '' , false) . "<a href='$url_site' class='url_site'>$url_affichee</a>"; $type = 'site'; $contexte = array('id'=>$id_syndic,'id_rubrique'=>$id_rubrique); $fond = recuperer_fond("prive/contenu/$type",$contexte); // permettre aux plugin de faire des modifs ou des ajouts $fond = pipeline('afficher_contenu_objet', array( 'args'=>array( 'type'=>$type, 'id_objet'=>$id_syndic, 'contexte'=>$contexte), 'data'=> $fond)); $fond = "<div id='wysiwyg'>$fond</div>"; $onglet_contenu = (_INTERFACE_ONGLETS? ($statut == 'prop' ? "<p class='site_prop'>"._T('info_site_propose')." <b>".affdate($date_heure)." </b></p>" : "") . $fond:"") . (($syndication == "oui" OR $syndication == "off" OR $syndication == "sus") ? "<p class='site_syndique'><a href='".htmlspecialchars($url_syndic)."'>" . http_img_pack('feed.png', 'RSS'). '</a>'._T('info_site_syndique').'</p>' . (($syndication == "off" OR $syndication=="sus") ? "<div class='site_syndique_probleme'>" . _T('avis_site_syndique_probleme', array('url_syndic' => quote_amp($url_syndic))) . redirige_action_auteur('editer_site', $id_syndic, 'sites', '', "<input type='hidden' name='reload' value='oui' /> <input type='submit' value=\"" . attribut_html(_T('lien_nouvelle_recuperation')) . "\" class='spip_xx-small' />") . "</div>" : "") . afficher_objets('syndic_article',_T('titre_articles_syndiques'), array('FROM' => 'spip_syndic_articles', 'WHERE' => "id_syndic=$id_syndic", 'ORDER BY' => "date DESC"), $id_syndic) . ($date_syndic ? "<div class='date_syndic'>" . _T('info_derniere_syndication').' '.affdate_heure($date_syndic) .".</div>" : "") . "<div class='mise_a_jour_syndic'>" . redirige_action_post('editer_site', $id_syndic, 'sites', "id_syndic=$id_syndic", "<input type='hidden' name='reload' value='oui' /> <input type='submit' value=\"" . attribut_html(_T('lien_mise_a_jour_syndication')) . "\" class='spip_xx-small' />") . "</div>" : choix_feed($id_syndic, $id_rubrique, $nom_site, $row)) . (_INTERFACE_ONGLETS?"":($flag_administrable ? options_moderation($row) : "")) ; $onglet_proprietes = (_INTERFACE_ONGLETS?"": $fond . ($statut == 'prop' ? "<p class='site_prop'>"._T('info_site_propose')." <b>".affdate($date_heure)." </b></p>" : "") ) . afficher_site_rubrique($id_syndic, $id_rubrique, $id_secteur) . ($dater ? $dater($id_syndic, $flag_editable, $statut, 'syndic', 'sites', $date_heure) : "") . $editer_mots('syndic', $id_syndic, $cherche_mot, $select_groupe, $flag_editable, true, 'sites') . (_INTERFACE_ONGLETS?($flag_administrable ? options_moderation($row) : ""):"") . pipeline('affiche_milieu',array('args'=>array('exec'=>'sites','id_syndic'=>$id_syndic),'data'=>'')) ; $discuter = charger_fonction('discuter', 'inc'); $onglet_discuter = $discuter($id_syndic, 'sites', 'id_syndic'); $onglet_documents = "" ; $onglet_interactivite = ""; echo "<div class='fiche_objet'>" . $haut . afficher_onglets_pages(array( 'voir' => _T('onglet_contenu'), 'props' => _T('onglet_proprietes'), 'docs' => _T('onglet_documents'), 'interactivite' => _T('onglet_interactivite'), 'discuter' => _T('onglet_discuter')), _INTERFACE_ONGLETS? array( 'voir'=>$onglet_contenu, 'props'=>$onglet_proprietes, 'docs'=>$onglet_documents, 'interactivite'=>$onglet_interactivite, 'discuter'=>$onglet_discuter) :array( 'props'=>$onglet_proprietes, 'voir'=>$onglet_contenu ) ) . "</div>" . (_INTERFACE_ONGLETS?"":$onglet_discuter); }
function redirige_formulaire($url, $equiv = '', $format='message') { if (!_AJAX AND !headers_sent() AND !_request('var_ajax')) { redirige_par_entete(str_replace('&','&',$url), $equiv); } // si c'est une ancre, fixer simplement le window.location.hash elseif($format=='ajaxform' AND preg_match(',^#[0-9a-z\-_]+$,i',$url)) { return array( // on renvoie un lien masque qui sera traite par ajaxCallback.js "<a href='$url' name='ajax_ancre' style='display:none;'>anchor</a>", // et rien dans le message ok ''); } else { // ne pas laisser passer n'importe quoi dans l'url $url = str_replace(array('<','"'),array('<','"'),$url); $url = strtr($url, "\n\r", " "); # en theorie on devrait faire ca tout le temps, mais quand la chaine # commence par ? c'est imperatif, sinon l'url finale n'est pas la bonne if ($url[0]=='?') $url = url_de_base().(_DIR_RESTREINT?'':_DIR_RESTREINT_ABS).$url; $url = str_replace('&','&',$url); spip_log("redirige formulaire ajax: $url"); include_spip('inc/filtres'); if ($format=='ajaxform') return array( // on renvoie un lien masque qui sera traite par ajaxCallback.js '<a href="'.quote_amp($url).'" name="ajax_redirect" style="display:none;">'._T('navigateur_pas_redirige').'</a>', // et un message au cas ou '<br /><a href="'.quote_amp($url).'">'._T('navigateur_pas_redirige').'</a>' ); else // format message texte, tout en js inline return // ie poste les formulaires dans une iframe, il faut donc rediriger son parent "<script type='text/javascript'>if (parent.window){parent.window.document.location.replace(\"$url\");} else {document.location.replace(\"$url\");}</script>" . http_img_pack('searching.gif','') . '<br />' . '<a href="'.quote_amp($url).'">'._T('navigateur_pas_redirige').'</a>'; } }
function referers_group($nbvisites, $id_article, $lesliensracine, $lesreferermd5, $lesreferers, $lesurls) { global $spip_lang_right, $source_vignettes; $vign = ((strlen($source_vignettes) > 0) && $GLOBALS['meta']["activer_captures_referers"]!='non'); $aff = array(); foreach($nbvisites as $numero => $visites) { if (!$numero) next; $referermd5 = $lesreferermd5[$numero]; $bouton = $ret = ""; if ($vign) $ret = "\n<a href=\"http://".$lesurls[$numero]."\"><img src=\"$source_vignettes".rawurlencode($lesurls[$numero])."\"\nstyle=\"float: $spip_lang_right; margin-bottom: 3px; margin-left: 3px;\" alt='' /></a>"; if ($visites > 5) $bouton .= "<span class='visites visites3'>$visites "._T('info_visites')."</span> "; else if ($visites > 1) $bouton .= "<span class='visites visites2'>$visites "._T('info_visites')."</span> "; else $bouton .= "<span class='visites visites1'>$visites "._T('info_visite')."</span> "; if ($numero == "(email)") { $ret .= $bouton . "<b>".$numero."</b>"; } else { $n = count($lesreferers[$numero]); if (($n > 1) || ($n > 0 && substr(supprimer_tags($lesreferers[$numero][0]),0,1) != '/')) { $rac = $lesliensracine[$numero]; $bouton .= "<a href=\"http://".attribut_html($lesurls[$numero])."\" style='font-weight: bold;'>".$numero."</a>" . (!$rac ? '': (" <span class='spip_x-small'>(" . $rac .")</span>")); $ret .= bouton_block_depliable($bouton,false) . debut_block_depliable(false) . "\n<ul><li>" . join ("</li><li>",$lesreferers[$numero]) . "</li></ul>" . fin_block(); } else { $ret .= $bouton; $lien = $n ? $lesreferers[$numero][0] : ''; if (preg_match(",^(<a [^>]+>)([^ ]*)( \([0-9]+\))?,i", $lien, $regs)) { $lien = quote_amp($regs[1]).$numero.$regs[2]; if (!strpos($lien, '</a>')) $lien .= '</a>'; } else $lien = "<a href=\"http://".attribut_html($numero)."\">".$numero."</a>"; $ret .= "<b>".quote_amp($lien)."</b>" . ($id_article ? '' : referes($referermd5)); } } $aff[]= $ret; } return $aff; }
function debusquer_navigation($tableau, $caption='', $id='debug-nav') { if (_request('exec')=='valider_xml') return ''; $GLOBALS['bouton_admin_debug'] = true; $res = ''; $href = quote_amp(parametre_url($GLOBALS['REQUEST_URI'], 'var_mode', 'debug')); foreach ($tableau as $i => $err) { $boucle = $ligne = $skel = ''; list($msg, $lieu) = $err; if (is_object($lieu)) { $ligne = $lieu->ligne; $boucle = $lieu->id_boucle ? $lieu->id_boucle : ''; if (isset($lieu->descr['nom'])) { $nom_code = $lieu->descr['nom']; $skel = $lieu->descr['sourcefile']; $h2 = parametre_url($href, 'var_mode_objet', $nom_code); $h3 = parametre_url($h2, 'var_mode_affiche', 'squelette') . '#L' . $ligne; $skel = "<a href='$h3'><b>$skel</b></a>"; if ($boucle) { $h3 = parametre_url($h2.$boucle, 'var_mode_affiche', 'boucle'); $boucle = "<a href='$h3'><b>$boucle</b></a>"; } } } $j = ($i+1); $res .= "<tr id='req$j'><td style='text-align: right'>" . $j . " </td><td style='text-align: left'>" . $msg . "</td><td style='text-align: left'>" . ($skel ? $skel : " / ") . "</td><td class='spip-debug-arg' style='text-align: left'>" . ($boucle ? $boucle : " / ") . "</td><td style='text-align: right'>" . $ligne . "</td></tr>\n"; } return "\n<table id='$id'>" . "<caption>" . $caption ## aide locale courte a ecrire, avec lien vers une grosse page de documentation # aide('erreur_compilation'), . "</caption>" . "<tr><th>" . _T('numero') . "</th><th>" . _T('message') . "</th><th>" . _T('squelette') . "</th><th>" . _T('boucle') . "</th><th>" . _T('ligne') . "</th></tr>" . $res . "</table>"; }
function show_login($cible, $prive = 'prive', $message_login = '') { $error = ''; $login = _request('var_login'); $logout = _request('var_logout'); // If the cookie fails, inc_auth tried to redirect to lcm_cookie who // then tried to put a cookie. If it is not there, it is "cookie failed" // who is there, and it's probably a bookmark on privet=yes and not // a cookie failure. $cookie_failed = ""; if (_request('var_cookie_failed')) { $cookie_failed = $_COOKIE['lcm_session'] != 'cookie_test_failed'; } global $author_session; global $lcm_session; global $clean_link; if (!$cible) { // cible = destination $cible = new Link(_request('var_url', 'index.php')); } $cible->delVar('var_erreur'); $cible->delVar('var_url'); $cible->delVar('var_cookie_failed'); $clean_link->delVar('var_erreur'); $clean_link->delVar('var_login'); $clean_link->delVar('var_cookie_failed'); $url = $cible->getUrl(); // This populates the $author_session variable include_lcm('inc_session'); verifier_visiteur(); if ($author_session and !$logout and ($author_session['status'] == 'admin' or $author_session['status'] == 'normal')) { if ($url != $GLOBALS['clean_link']->getUrl()) { lcm_header("Location: " . $cible->getUrlForHeader()); } // [ML] This is making problems for no reason, we use login only // for one mecanism (entering the system). // echo "<a href='$url'>"._T('login_this_way')."</a>\n"; echo "<a class='content_link' href='index.php'>" . _T('login_this_way') . "</a>\n"; return; } if (_request('var_erreur') == 'pass') { $error = _T('login_password_incorrect'); } // The login is memorized in the cookie for a possible future admin login if (!$login && isset($_COOKIE['lcm_admin'])) { if (preg_match("/^@(.*)\$/", $_COOKIE['lcm_admin'], $regs)) { $login = $regs[1]; } } else { if ($login == '-1') { $login = ''; } } // other sources for authentication $flag_autres_sources = isset($GLOBALS['ldap_present']) ? $GLOBALS['ldap_present'] : ''; // What informations to pass? if ($login) { $status_login = 0; // unknown status $login = clean_input($login); $query = "SELECT id_author, status, password, prefs, alea_actuel, alea_futur \n\t\t\t\t\tFROM lcm_author \n\t\t\t\t\tWHERE username='******'"; $result = lcm_query($query); if ($row = lcm_fetch_array($result)) { if ($row['status'] == 'trash' or $row['password'] == '') { $status_login = -1; // deny } else { $status_login = 1; // known login // Which infos to pass for the javascript ? $id_author = $row['id_author']; $alea_actuel = $row['alea_actuel']; // for MD5 $alea_futur = $row['alea_futur']; // Button for lenght of connection if ($row['prefs']) { $prefs = unserialize($row['prefs']); $rester_checked = $prefs['cnx'] == 'perma' ? ' checked=\'checked\'' : ''; } } } // Unknown login (except LDAP) or refused if ($status_login == -1 or $status_login == 0 and !$flag_autres_sources) { $error = _T('login_identifier_unknown', array('login' => htmlspecialchars(clean_output($login)))); $login = ''; // [ML] Not sure why this was here, but headers are already sent // therefore it causes an error message (which is not shown, but // might make a mess, knowing how PHP runs differently everywhere..) // @lcm_setcookie('lcm_admin', '', time() - 3600); } } // Javascript for the focus if ($login) { $js_focus = 'document.form_login.session_password.focus();'; } else { $js_focus = 'document.form_login.var_login.focus();'; } // [ML] we should probably add a help link here, since tech, but let's see // how many users complain first, since this should affect only tech users if ($cookie_failed == "yes") { $error = _T('login_warning_cookie'); } echo open_login(); // [ML] Looks like there is no reason why to use $clean_link (defined in inc_version.php) // It would cause very strange bugs when the "feed_globals()" were removed from inc_version // and in the end, well, it looks rather useless. // // Strange bugs were caused because $action would be "./" and therefore it // would call index.php -> listcases.php -> includes inc_auth.php who then // calls auth(), who redirects to the login page. $action = $clean_link->getUrl(); // $action = "lcm_login.php"; if ($login) { // Shows the login form, including the MD5 javascript $flag_challenge_md5 = true; if ($flag_challenge_md5) { echo '<script type="text/javascript" src="inc/md5.js"></script>'; } echo "\n"; echo '<form name="form_login" action="lcm_cookie.php" method="post"'; if ($flag_challenge_md5) { echo " onsubmit='if (this.session_password.value) {\n\t\t\t\tthis.session_password_md5.value = calcMD5(\"{$alea_actuel}\" + this.session_password.value);\n\t\t\t\tthis.next_session_password_md5.value = calcMD5(\"{$alea_futur}\" + this.session_password.value);\n\t\t\t\tthis.session_password.value = \"\"; }'"; } echo ">\n"; echo "<div class='main_login_box' style='text-align:" . $GLOBALS["lcm_lang_left"] . ";'>\n"; if ($error) { echo "<div style='color:red;'><b>" . _T('login_access_denied') . " {$error}</b></div><br />\n"; } if ($flag_challenge_md5) { // This is printed with javascript so that it is hidden from navigators not // using JS, since they will see the username field anyway. echo "<script type=\"text/javascript\"><!--\n" . "document.write('" . addslashes(_T('login_login')) . " <b>{$login}</b><br/>" . "<font size=\\'2\\'><a href=\\'lcm_cookie.php?cookie_admin=no&url=" . rawurlencode($action) . "\\' class=\\'link_btn\\'>" . _T('login_other_identifier') . "</a></font>');\n" . "//--></script>\n"; // If javascript is active, we pass the login in the hidden field echo "<input type='hidden' name='session_login_hidden' value='{$login}' />"; // If javascript is not active, the login is still modifiable // (since the challenge is not used) echo "<noscript>"; } echo "\t<label for='session_login'><b>" . _T('login_login') . "</b> (" . _T('login_info_login') . ")<br /></label>"; echo "\t<input type='text' name='session_login' id='session_login' class='forml' value=\"{$login}\" size='40' />\n"; if ($flag_challenge_md5) { echo "</noscript>\n"; } echo "\t<p />\n"; echo "\t<label for='session_password'><b>" . _T('login_password') . "</b><br /></label>"; echo "\t<input type='password' name='session_password' id='session_password' class='forml' value=\"\" size='40' />\n"; echo "\t<input type='hidden' name='essai_login' value='oui' />\n"; echo "\t<br /> <input type='checkbox' name='session_remember' value='yes' id='session_remember'{$rester_checked} /> "; echo "\t<label for='session_remember'>" . _T('login_remain_logged_on') . "</label>"; echo "\t<input type='hidden' name='url' value='{$url}' />\n"; echo "\t<input type='hidden' name='session_password_md5' value='' />\n"; echo "\t<input type='hidden' name='next_session_password_md5' value='' />\n"; echo "<div align='right'><input class='button_login' type='submit' value='" . _T('button_validate') . "' /></div>\n"; echo "</div>"; echo "</form>"; } else { // Ask only for the login/username $action = quote_amp($action); echo "<form name='form_login' action='{$action}' method='post'>\n"; echo "<div class='main_login_box' style='text-align:" . $GLOBALS["lcm_lang_left"] . ";'>"; if ($error) { echo "<span style='color:red;'><b>" . _T('login_access_denied') . " {$error}</b></span><p />"; } echo "<label><b>" . _T('login_login') . '</b> (' . _T('login_info_login') . ')' . "<br /></label>"; echo "<input type='text' name='var_login' class='forml' value=\"\" size='40' />\n"; echo "<input type='hidden' name='var_url' value='{$url}' />\n"; echo "<div align='right'><input class='button_login' type='submit' value='" . _T('button_validate') . "' /></div>\n"; echo "</div>"; echo "</form>"; } // Focus management echo "<script type=\"text/javascript\"><!--\n" . $js_focus . "\n//--></script>\n"; // Start the login footer echo "<div align='left' style='font-size: 12px;' >"; echo "<div class='lang_combo_box'>" . menu_languages() . "</div>\n"; // button for "forgotten password" include_lcm('inc_mail'); if (server_can_send_email()) { echo '<a href="lcm_pass.php?pass_forgotten=yes" target="lcm_pass" onclick="' . "javascript:window.open(this.href, 'lcm_pass', 'scrollbars=yes, resizable=yes, width=640, height=280'); return false;\" class=\"link_btn\">" . _T('login_password_forgotten') . '</a>'; } $register_popup = 'href="lcm_pass.php?register=yes" target="lcm_pass" ' . ' onclick="' . "javascript:window.open('lcm_pass.php?register=yes', 'lcm_pass', 'scrollbars=yes, resizable=yes, width=640, height=500'); return false;\""; $open_subscription = read_meta("site_open_subscription"); if ($open_subscription == 'yes' || $open_subscription == 'moderated') { echo " <a {$register_popup} class=\"link_btn\">" . _T('login_register') . '</a>'; } echo "</div>\n"; echo close_login(); }