/**
* Get content for this formular means a PHP/XHTML source code executable
* representing full working form
*
* @param constant $actionParams : add some params to form execution (default : false, return form just as it is in db)
* - self::REMOVE_FORM_SUBMIT : form can't be submitted, throw js alert message
* - self::ALLOW_FORM_SUBMIT : form can be submitted, add form action, hidden fields, selected values, etc. (used in public mode)
* @param array $fieldsError : add an array of error fields' id
* @access public
* @return XHTML string
*/
function getContent($actionParams = false, $fieldsError = array())
{
global $cms_language;
if ($actionParams === false) {
return $this->_source;
}
$source = $this->_source;
switch ($actionParams) {
case self::REMOVE_FORM_SUBMIT:
//disable submit with javascript
$source = str_replace('<form ', '<form onsubmit="alert(\'' . addslashes($cms_language->getMessage(self::MESSAGE_CMS_FORMS_SUBMIT_NOT_ALLOWED, false, MOD_CMS_FORMS_CODENAME)) . '\');return false;" ', $source);
break;
case self::ALLOW_FORM_SUBMIT:
//get fields
$fields = $this->getFields(true);
$referer = isset($_REQUEST['referer']) ? sensitiveIO::sanitizeHTMLString($_REQUEST['referer']) : null;
//and add already selected values (from $_POST global values)
//$xml2Array = new CMS_xml2Array(str_replace('&', '&',io::decodeEntities($source)));
$xml2Array = new CMS_xml2Array($source, CMS_xml2Array::XML_ENCLOSE | CMS_xml2Array::XML_PROTECT_ENTITIES);
//parse XHTML form content
$xmlArray = $xml2Array->getParsedArray();
//add already selected values
$this->_fillSelectedFormValues($xmlArray, $fields, $fieldsError);
//then convert back into XHTML
$source = $xml2Array->toXML($xmlArray);
//add target and hidden fields
$source = preg_replace('#<form([^>]+)>#U', '<form action="' . $_SERVER["SCRIPT_NAME"] . (isset($_SERVER['QUERY_STRING']) ? '?' . sensitiveIO::sanitizeHTMLString($_SERVER['QUERY_STRING']) : '') . '#formAnchor' . $this->getID() . '" method="post" enctype="multipart/form-data"\\1>' . "\n" . '<input type="hidden" name="cms_action" value="validate" />' . "\n" . '<input type="hidden" name="atm-token" value="' . CMS_session::getToken(MOD_CMS_FORMS_CODENAME) . '" />' . "\n" . '<input type="hidden" name="formID" value="' . $this->getID() . '" />' . "\n" . '<input type="hidden" name="referer" value="' . $referer . '" />' . "\n", $source);
//pr(io::htmlspecialchars($source));
break;
}
return $source;
}
/**
* Get current session infos
*
* @return array : the user session infos
* @access public
* @static
*/
public static function getSessionInfos()
{
$sessionInfos = array();
$user = CMS_session::getUser();
if (!$user) {
return array();
}
$sessionInfos['fullname'] = $user->getFullName();
$sessionInfos['userId'] = $user->getUserId();
$sessionInfos['language'] = $user->getLanguage()->getCode();
$sessionInfos['scriptsInProgress'] = CMS_scriptsManager::getScriptsNumberLeft();
$sessionInfos['hasValidations'] = $user->hasValidationClearance();
$sessionInfos['awaitingValidation'] = CMS_modulesCatalog::getValidationsCount($user);
$sessionInfos['applicationLabel'] = APPLICATION_LABEL;
$sessionInfos['applicationVersion'] = AUTOMNE_VERSION;
$sessionInfos['systemLabel'] = CMS_grandFather::SYSTEM_LABEL;
$sessionInfos['token'] = CMS_session::getToken('admin');
$sessionInfos['sessionDuration'] = APPLICATION_SESSION_TIMEOUT;
$sessionInfos['permanent'] = CMS_session::getPermanent();
$sessionInfos['path'] = PATH_REALROOT_WR;
$sessionInfos['debug'] = '';
$sessionInfos['debug'] += SYSTEM_DEBUG ? 1 : 0;
$sessionInfos['debug'] += STATS_DEBUG ? 2 : 0;
$sessionInfos['debug'] += POLYMOD_DEBUG ? 4 : 0;
$sessionInfos['debug'] += VIEW_SQL ? 8 : 0;
return $sessionInfos;
}
/**
* Get a unique session token value for given token name
*
* @param string $name, token name to get value
* @return string : Token value
* @access public
*/
static function getToken($name)
{
return CMS_session::getToken($name);
}
$view->addJavascript($jscontent);
//set form HTML
$content = '<div class="x-panel x-form-label-left" style="width: 374px;">
<div class="x-panel-tl">
<div class="x-panel-tr">
<div class="x-panel-tc"></div>
</div>
</div>
<div class="x-panel-bwrap">
<div class="x-panel-ml">
<div class="x-panel-mr">
<div class="x-panel-mc">
<div style="width: 362px; height: 126px;" class="x-panel-body">
<form id="loginForm" class="x-form" method="post" action="' . $_SERVER['SCRIPT_NAME'] . '">
<input name="cms_action" value="login" type="hidden" />
<input name="atm-token" value="' . CMS_session::getToken('login') . '" type="hidden" />
<div class="x-form-item" tabindex="-1">
<label for="loginField" style="width: 90px;" class="x-form-item-label">' . $cms_language->getMessage(MESSAGE_PAGE_LOGIN) . ':</label>
<div class="x-form-element" style="padding-left: 95px;">
<input style="width: 240px;" class="x-form-text x-form-field" autocomplete="on" id="loginField" name="login" type="text" value="' . (isset($_POST['login']) ? io::htmlspecialchars($_POST['login']) : '') . '" />
</div>
<div class="x-form-clear-left"></div>
</div>
<div class="x-form-item" tabindex="-1">
<label for="passField" style="width: 90px;" class="x-form-item-label">' . $cms_language->getMessage(MESSAGE_PAGE_PASSWORD) . ':</label>
<div class="x-form-element" style="padding-left: 95px;">
<input style="width: 240px;" class="x-form-text x-form-field" autocomplete="on" id="passField" name="pass" type="password" value="' . (isset($_POST['pass']) ? io::htmlspecialchars($_POST['pass']) : '') . '" />
</div>
<div class="x-form-clear-left"></div>
</div>
<div class="x-form-item" tabindex="-1">
/**
* Writes html header
*
* @return void
* @access private
*/
private function _showHead($returnValue = false)
{
switch ($this->_displayMode) {
case self::SHOW_JSON:
case self::SHOW_RAW:
case self::SHOW_XML:
$return = '';
if ($this->hasErrors()) {
$return .= ' <error>1</error>' . "\n" . ' <errormessage><![CDATA[' . $this->_espaceCdata($this->getErrors(true)) . ']]></errormessage>' . "\n";
} else {
$return .= ' <error>0</error>' . "\n";
}
if ($this->_secure && CMS_session::tokenIsExpired('admin')) {
$token = CMS_session::getToken('admin');
//pr('new token : '.$token);
$return .= ' <token><![CDATA[' . $token . ']]></token>' . "\n";
}
if ($this->hasRawDatas()) {
$return .= ' <rawdatas><![CDATA[' . $this->_espaceCdata($this->getRawDatas(true)) . ']]></rawdatas>' . "\n";
}
if ($this->_actionmessage) {
$return .= ' <message><![CDATA[' . $this->_espaceCdata($this->_actionmessage) . ']]></message>' . "\n";
}
if ($this->_title) {
$return .= ' <title><![CDATA[' . $this->_espaceCdata($this->_title) . ']]></title>' . "\n";
}
if ($this->_disconnected) {
$return .= ' <disconnected>1</disconnected>' . "\n";
}
$scripts = CMS_scriptsManager::getScriptsNumberLeft();
if ($scripts) {
$return .= ' <scripts>' . $scripts . '</scripts>' . "\n";
}
if (SYSTEM_DEBUG && STATS_DEBUG) {
$return .= ' <stats><![CDATA[' . $this->_espaceCdata(CMS_stats::view(true)) . ']]></stats>' . "\n";
}
$jsfiles = CMS_view::getJavascript(array(), 'screen', true);
if ($jsfiles) {
$files = array('files' => $jsfiles, 'manager' => CMS_view::getJSManagerURL());
$return .= ' <jsfiles><![CDATA[' . $this->_espaceCdata(sensitiveIO::jsonEncode($files)) . ']]></jsfiles>' . "\n";
}
$cssfiles = CMS_view::getCSS(array(), 'screen', true);
if ($cssfiles) {
$files = array('files' => $cssfiles, 'manager' => CMS_view::getCSSManagerURL());
$return .= ' <cssfiles><![CDATA[' . $this->_espaceCdata(sensitiveIO::jsonEncode($files)) . ']]></cssfiles>' . "\n";
}
if (!$returnValue) {
echo $return;
} else {
return $return;
}
break;
case self::SHOW_HTML:
default:
$title = $this->_title ? '<title>' . APPLICATION_LABEL . ' :: ' . $this->_title . '</title>' : '';
echo '<head>
<meta http-equiv="Content-Type" content="text/html; charset=' . APPLICATION_DEFAULT_ENCODING . '" />
' . $title . '
' . $this->_copyright() . '
<meta name="generator" content="' . CMS_grandFather::SYSTEM_LABEL . '" />
' . CMS_view::getCSS() . '
' . CMS_view::getJavascript();
if (APPLICATION_GCF_SUPPORT) {
echo '<meta http-equiv="X-UA-Compatible" content="chrome=1">';
}
echo '</head>';
break;
}
}
