/** * @param IEvent $event * @param string $parameter The parameter to be formatted * @param bool $allowHtml Should HTML be used to format the parameter? * @param bool $verbose Should paths, names, etc be shortened or full length * @return string The formatted parameter */ public function format(IEvent $event, $parameter, $allowHtml, $verbose = false) { $displayName = $parameter; try { list($user, $server) = Helper::splitUserRemote($parameter); } catch (HintException $e) { $user = $parameter; $server = ''; } if (!$verbose && $server !== '') { $displayName = $user . '@…'; } try { $displayName = $this->getDisplayNameFromContact($parameter); } catch (\OutOfBoundsException $e) { } if ($allowHtml === null) { return '<federated-cloud-id display-name="' . Util::sanitizeHTML($displayName) . '" user="******" server="' . $server . '">' . Util::sanitizeHTML($parameter) . '</federated-cloud-id>'; } if ($allowHtml) { $title = ' title="' . Util::sanitizeHTML($parameter) . '"'; return '<strong class="has-tooltip"' . $title . '>' . Util::sanitizeHTML($displayName) . '</strong>'; } else { return $displayName; } }
/** * @param IEvent $event * @param string $parameter The parameter to be formatted * @param bool $allowHtml Should HTML be used to format the parameter? * @param bool $verbose Should paths, names, etc be shortened or full length * @return string The formatted parameter */ public function format(IEvent $event, $parameter, $allowHtml, $verbose = false) { // If the username is empty, the action has been performed by a remote // user, or via a public share. We don't know the username in that case if ($parameter === '') { if ($allowHtml === null) { return '<user display-name="' . Util::sanitizeHTML($this->l->t('"remote user"')) . '">' . Util::sanitizeHTML('') . '</user>'; } if ($allowHtml) { return '<strong>' . $this->l->t('"remote user"') . '</strong>'; } else { return $this->l->t('"remote user"'); } } $user = $this->manager->get($parameter); $displayName = $user ? $user->getDisplayName() : $parameter; $parameter = Util::sanitizeHTML($parameter); if ($allowHtml === null) { return '<user display-name="' . Util::sanitizeHTML($displayName) . '">' . Util::sanitizeHTML($parameter) . '</user>'; } if ($allowHtml) { $avatarPlaceholder = ''; if ($this->config->getSystemValue('enable_avatars', true)) { $avatarPlaceholder = '<div class="avatar" data-user="******"></div>'; } return $avatarPlaceholder . '<strong>' . Util::sanitizeHTML($displayName) . '</strong>'; } else { return $displayName; } }
/** * @param IEvent $event * @param string $parameter The parameter to be formatted * @return string The formatted parameter */ public function format(IEvent $event, $parameter) { $param = $this->fixLegacyFilename($parameter); // If the activity is about the very same file, we use the current path // for the link generation instead of the one that was saved. $fileId = ''; if (is_array($param)) { $fileId = key($param); $param = $param[$fileId]; $info = $this->infoCache->getInfoById($this->user, $fileId, $param); } elseif ($event->getObjectType() === 'files' && $event->getObjectName() === $param) { $fileId = $event->getObjectId(); $info = $this->infoCache->getInfoById($this->user, $fileId, $param); } else { $info = $this->infoCache->getInfoByPath($this->user, $param); } if ($info['is_dir']) { $linkData = ['dir' => $info['path']]; } else { $parentDir = substr_count($info['path'], '/') === 1 ? '/' : dirname($info['path']); $fileName = basename($info['path']); $linkData = ['dir' => $parentDir, 'scrollto' => $fileName]; } if ($info['view'] !== '') { $linkData['view'] = $info['view']; } $param = trim($param, '/'); $fileLink = $this->urlGenerator->linkToRouteAbsolute('files.view.index', $linkData); return '<file link="' . $fileLink . '" id="' . Util::sanitizeHTML($fileId) . '">' . Util::sanitizeHTML($param) . '</file>'; }
public static function printAutoLoginPage($user) { $user = \OCP\Util::sanitizeHTML($user); $title = 'Forwarding to ownCloud login page'; $body = '<form id="auto_login_form" action="' . \OC::$WEBROOT . '/index.php" method="post" enctype="application/x-www-form-urlencoded" target="_self" ><input type="hidden" id="user" name="user" value="' . $user . '"/><input type="hidden" id="password" name="password" value="irrelevant"/><noscript><input type="submit" name="login" value="Log in" /></noscript></form><script type="text/javascript" >document.getElementById("auto_login_form").submit();</script>'; self::printPage($title, $body); }
/** * @param IEvent $event * @param string $parameter The parameter to be formatted * @param bool $allowHtml Should HTML be used to format the parameter? * @param bool $verbose Should paths, names, etc be shortened or full length * @return string The formatted parameter */ public function format(IEvent $event, $parameter, $allowHtml, $verbose = false) { if ($allowHtml) { return '<strong>' . Util::sanitizeHTML($parameter) . '</strong>'; } else { return $parameter; } }
/** * @param IEvent $event * @param string $parameter The parameter to be formatted * @return string The formatted parameter */ public function format(IEvent $event, $parameter) { // If the username is empty, the action has been performed by a remote // user, or via a public share. We don't know the username in that case if ($parameter === '') { return '<user display-name="' . Util::sanitizeHTML($this->l->t('"remote user"')) . '">' . Util::sanitizeHTML('') . '</user>'; } $user = $this->manager->get($parameter); $displayName = $user ? $user->getDisplayName() : $parameter; $parameter = Util::sanitizeHTML($parameter); return '<user display-name="' . Util::sanitizeHTML($displayName) . '">' . Util::sanitizeHTML($parameter) . '</user>'; }
/** * @param IEvent $event * @param string $parameter The parameter to be formatted * @return string The formatted parameter */ public function format(IEvent $event, $parameter) { $displayName = $parameter; try { list($user, $server) = Helper::splitUserRemote($parameter); } catch (HintException $e) { $user = $parameter; $server = ''; } if ($server !== '') { $displayName = $user . '@…'; } try { $displayName = $this->getDisplayNameFromContact($parameter); } catch (\OutOfBoundsException $e) { } return '<federated-cloud-id display-name="' . Util::sanitizeHTML($displayName) . '" user="******" server="' . Util::sanitizeHTML($server) . '">' . Util::sanitizeHTML($parameter) . '</federated-cloud-id>'; }
/** * @param IEvent $event * @param string $parameter The parameter to be formatted * @param bool $allowHtml Should HTML be used to format the parameter? * @param bool $verbose Should paths, names, etc be shortened or full length * @return string The formatted parameter */ public function format(IEvent $event, $parameter, $allowHtml, $verbose = false) { $displayName = $parameter; if (!$verbose) { try { list($user, ) = Helper::splitUserRemote($parameter); $displayName = $user . '@…'; } catch (HintException $e) { } } try { $displayName = $this->getDisplayNameFromContact($parameter); } catch (\OutOfBoundsException $e) { } if ($allowHtml) { $title = ' title="' . Util::sanitizeHTML($parameter) . '"'; return '<strong class="has-tooltip"' . $title . '>' . Util::sanitizeHTML($displayName) . '</strong>'; } else { return $displayName; } }
public function filetype($path) { $this->init(); $path = $this->cleanPath($path); try { $response = $this->client->propfind($this->encodePath($path), array('{DAV:}resourcetype')); $responseType = array(); if (isset($response["{DAV:}resourcetype"])) { $responseType = $response["{DAV:}resourcetype"]->resourceType; } return (count($responseType) > 0 and $responseType[0] == "{DAV:}collection") ? 'dir' : 'file'; } catch (\Exception $e) { error_log($e->getMessage()); \OCP\Util::writeLog("webdav client", \OCP\Util::sanitizeHTML($e->getMessage()), \OCP\Util::ERROR); return false; } }
/** * @param IEvent $event * @param string $parameter The parameter to be formatted * @param bool $allowHtml Should HTML be used to format the parameter? * @param bool $verbose Should paths, names, etc be shortened or full length * @return string The formatted parameter */ public function format(IEvent $event, $parameter, $allowHtml, $verbose = false) { $param = $this->fixLegacyFilename($parameter); // If the activity is about the very same file, we use the current path // for the link generation instead of the one that was saved. if ($event->getObjectType() === 'files' && $event->getObjectName() === $param) { $info = $this->infoCache->getInfoById($this->user, $event->getObjectId(), $param); } else { $info = $this->infoCache->getInfoByPath($this->user, $param); } if ($info['is_dir']) { $linkData = ['dir' => $info['path']]; } else { $parentDir = substr_count($info['path'], '/') === 1 ? '/' : dirname($info['path']); $fileName = basename($info['path']); $linkData = ['dir' => $parentDir, 'scrollto' => $fileName]; } if ($info['view'] !== '') { $linkData['view'] = $info['view']; } $param = trim($param, '/'); list($path, $name) = $this->splitPathFromFilename($param); if ($verbose || $path === '') { if (!$allowHtml) { return $param; } $fileLink = $this->urlGenerator->linkTo('files', 'index.php', $linkData); return '<a class="filename" href="' . $fileLink . '">' . Util::sanitizeHTML($param) . '</a>'; } if (!$allowHtml) { return $name; } $title = ' title="' . $this->l->t('in %s', array(Util::sanitizeHTML($path))) . '"'; $fileLink = $this->urlGenerator->linkTo('files', 'index.php', $linkData); return '<a class="filename has-tooltip" href="' . $fileLink . '"' . $title . '>' . Util::sanitizeHTML($name) . '</a>'; }
<?php /** @var $l OC_L10N */ vendor_script('jsTimezoneDetect/jstz'); script('core', ['visitortimezone', 'lostpassword', 'login']); ?> <!--[if IE 8]><style>input[type="checkbox"]{padding:0;}</style><![endif]--> <form method="post" name="login"> <fieldset> <?php if (!empty($_['redirect_url'])) { print_unescaped('<input type="hidden" name="redirect_url" value="' . \OCP\Util::sanitizeHTML($_['redirect_url']) . '">'); } ?> <?php if (isset($_['apacheauthfailed']) && $_['apacheauthfailed']) { ?> <div class="warning"> <?php p($l->t('Server side authentication failed!')); ?> <br> <small><?php p($l->t('Please contact your administrator.')); ?> </small> </div> <?php } ?>
foreach ($_['timezones'] as $timezone) { $ex = explode('/', $timezone, 2); //obtain continent,city if (!isset($ex[1])) { $ex[1] = $ex[0]; $ex[0] = "Other"; } if ($continent != $ex[0]) { if ($continent != "") { print_unescaped('</optgroup>'); } print_unescaped('<optgroup label="' . \OCP\Util::sanitizeHTML($ex[0]) . '">'); } $city = strtr($ex[1], '_', ' '); $continent = $ex[0]; print_unescaped('<option value="' . \OCP\Util::sanitizeHTML($timezone) . '"' . ($_['timezone'] == $timezone ? ' selected="selected"' : '') . '>' . \OCP\Util::sanitizeHTML($city) . '</option>'); } ?> </select> </div> </div> <div id="leftcontent"> <div id="leftcontentInner"> <div id="datepickerNav"></div> </div> </div>
?> <link><?php p($activity['link']); ?> </link> <?php } if (!empty($activity['timestamp'])) { ?> <pubDate><?php p(date('r', $activity['timestamp'])); ?> </pubDate> <?php } if (!empty($activity['message'])) { ?> <description><![CDATA[<?php print_unescaped(str_replace("\n", '<br />', \OCP\Util::sanitizeHTML($activity['message_prepared']))); ?> ]]></description> <?php } ?> </item> <?php } ?> </channel> </rss>
/** * @brief Data structure of properties * @param object $property * @return associative array * * returns an associative array with * ['name'] name of property * ['value'] htmlspecialchars escaped value of property * ['parameters'] associative array name=>value * ['checksum'] checksum of whole property * NOTE: $value is not escaped anymore. It shouldn't make any difference * but we should look out for any problems. */ public static function structureProperty(\Sabre\VObject\Property $property) { if (!in_array($property->name, App::$index_properties)) { return; } $value = $property->getValue(); if ($property->name == 'ADR' || $property->name == 'N' || $property->name == 'ORG' || $property->name == 'CATEGORIES') { $value = $property->getParts(); if ($property->name == 'CATEGORIES') { $value = str_replace(';', ',', $value); } if ($property->name == 'N') { //$value = stripslashes($value); // \OCP\Util::writeLog('contactsplus','NAME VAL: '.$value, \OCP\Util::DEBUG); } $value = array_map('trim', $value); } elseif ($property->name == 'BDAY') { if (strlen($value) >= 8 && is_int(substr($value, 0, 4)) && is_int(substr($value, 4, 2)) && is_int(substr($value, 6, 2))) { $value = substr($value, 0, 4) . '-' . substr($value, 4, 2) . '-' . substr($value, 6, 2); } else { if ($value[5] !== '-' || $value[7] !== '-') { try { // Skype exports as e.g. Jan 14, 1996 $date = new \DateTime($value); $value = $date->format('Y-m-d'); } catch (\Exception $e) { \OCP\Util::writeLog('contactsplus', __METHOD__ . ' Error parsing date: ' . $value, \OCP\Util::DEBUG); return; } } } } elseif ($property->name == 'PHOTO') { $value = true; } elseif ($property->name == 'IMPP') { if (strpos($value, ':') !== false) { $value = explode(':', $value); $protocol = array_shift($value); if (!isset($property['X-SERVICE-TYPE'])) { $property['X-SERVICE-TYPE'] = strtoupper($protocol); } $value = implode('', $value); } } if (is_string($value)) { $value = strtr($value, array('\\,' => ',', '\\;' => ';')); } $temp = array('value' => $value, 'parameters' => array()); // This cuts around a 3rd off of the json response size. if (in_array($property->name, App::$multi_properties)) { $temp['checksum'] = substr(md5($property->serialize()), 0, 8); } foreach ($property->parameters as $parameter) { // Faulty entries by kaddressbook // Actually TYPE=PREF is correct according to RFC 2426 // but this way is more handy in the UI. Tanghus. if ($parameter->name == 'TYPE' && strtoupper($parameter->getValue()) == 'PREF') { $parameter->name = 'PREF'; $parameter->setValue('1'); } // NOTE: Apparently Sabre_VObject_Reader can't always deal with value list parameters // like TYPE=HOME,CELL,VOICE. Tanghus. // TODO: Check if parameter is has commas and split + merge if so. if ($parameter->name == 'TYPE') { $pvalue = $parameter->getValue(); if (is_string($pvalue) && strpos($pvalue, ',') !== false) { $pvalue = array_map('trim', explode(',', $pvalue)); } $pvalue = is_array($pvalue) ? $pvalue : array($pvalue); if (isset($temp['parameters'][$parameter->name])) { $temp['parameters'][$parameter->name][] = \OCP\Util::sanitizeHTML($pvalue); } else { $temp['parameters'][$parameter->name] = \OCP\Util::sanitizeHTML($pvalue); } } else { //$value = strtr($value, array('\,' => ',', '\;' => ';')); $temp['parameters'][$parameter->name] = \OCP\Util::sanitizeHTML($parameter->getValue()); } } return $temp; }
/** * Process the template * @return boolean|string * * This function process the template. If $this->renderAs is set, it * will produce a full page. */ public function fetchPage() { $data = parent::fetchPage(); if ($this->renderAs) { $page = new OC_TemplateLayout($this->renderAs, $this->app); // Add custom headers $headers = ''; foreach (OC_Util::$headers as $header) { $headers .= '<' . \OCP\Util::sanitizeHTML($header['tag']); foreach ($header['attributes'] as $name => $value) { $headers .= ' ' . \OCP\Util::sanitizeHTML($name) . '="' . \OCP\Util::sanitizeHTML($value) . '"'; } if ($header['text'] !== null) { $headers .= '>' . \OCP\Util::sanitizeHTML($header['text']) . '</' . \OCP\Util::sanitizeHTML($header['tag']) . '>'; } else { $headers .= '/>'; } } $page->assign('headers', $headers); $page->assign('content', $data); return $page->fetchPage(); } return $data; }
/** * @brief use to create HTML emails and send them * @param $eventid The event id * @param $location The location * @param $description The description * @param $dtstart The start date * @param $dtend The end date * */ public static function sendEmails($eventid, $summary, $dtstart, $dtend, $emails) { $user = \OCP\User::getDisplayName(); $useremail = \OCP\Util::getDefaultEmailAddress('sharing-noreply'); $eventsharees = array(); $eventShareesNames = array(); //$emails = array(); //$data = App::getEventObject($eventid, true); $data = Export::export($eventid, Export::EVENT); $tmpStartDate = strtotime($dtstart); $myFile = date('Ymd', $tmpStartDate) . '.ics'; $fh = fopen(\OCP\User::getHome($user) . '/files/' . $myFile, "x+"); fwrite($fh, $data); fclose($fh); $attach['path'] = \OCP\User::getHome($user) . '/files/' . $myFile; $attach['name'] = $myFile; //$useremail = Calendar::getUsersEmails($user); //$testEmail=explode(",",$emails); //if(count($testEmail)>1) foreach ($emails as $email) { if ($email === null) { continue; } $subject = 'Termineinladung/ Calendar Invitation'; $message = '<b>' . $user . '</b> informiert Sie über das Ereignis<b> ' . \OCP\Util::sanitizeHTML($summary) . '</b> , geplant für <b>' . date('d.m.Y', $tmpStartDate) . '.</b> Um das Ereignis zum Kalender hinzuzufügen, klicken Sie auf den Link.<br><br>'; \OC_MAIL::send($email, "User", $subject, $message, $useremail, $user, $html = 1, $altbody = '', $ccaddress = '', $ccname = '', $bcc = '', $attach); } unlink(\OCP\User::getHome($user) . '/files/' . $myFile); }
/** * @param \Horde_Mime_Part $p * @param int $partNo */ private function handleTextMessage($p, $partNo) { $data = $this->loadBodyData($p, $partNo); $data = Util::sanitizeHTML($data); $this->plainMessage .= trim($data) . "\n\n"; }
public static function prepareUserDisplayOutput($sUser) { $displayName = \OCP\User::getDisplayName($sUser); $sUser = \OCP\Util::sanitizeHTML($sUser); $displayName = \OCP\Util::sanitizeHTML($displayName); return '<div class="avatar" data-user="******"></div><strong>' . $displayName . '</strong>'; }
/** * Prepares a file parameter for usage * * Removes the path from filenames and adds highlights * * @param string $param * @param bool $stripPath Shall we remove the path from the filename * @param bool $highlightParams * @return string */ protected function prepareFileParam($param, $stripPath, $highlightParams) { $param = $this->fixLegacyFilename($param); $is_dir = $this->rootView->is_dir('/' . User::getUser() . '/files' . $param); if ($is_dir) { $parent_dir = $param; } else { $parent_dir = substr_count($param, '/') == 1 ? '/' : dirname($param); } $fileLink = Util::linkTo('files', 'index.php', array('dir' => $parent_dir)); $param = trim($param, '/'); if (!$stripPath) { if (!$highlightParams) { return $param; } return '<a class="filename" href="' . $fileLink . '">' . Util::sanitizeHTML($param) . '</a>'; } if (!$highlightParams) { return $this->stripPathFromFilename($param); } $title = $param; $title = ' title="' . Util::sanitizeHTML($title) . '"'; $newParam = $this->stripPathFromFilename($param); return '<a class="filename tooltip" href="' . $fileLink . '"' . $title . '>' . Util::sanitizeHTML($newParam) . '</a>'; }
* Copyright (c) 2011, Robin Appelman <*****@*****.**> * This file is licensed under the Affero General Public License version 3 or later. * See the COPYING-README file. */ /** @var $_ mixed[]|\OCP\IURLGenerator[] */ /** @var \OC_Defaults $theme */ ?> <div id="app-navigation"> <ul> <?php foreach ($_['forms'] as $form) { if (isset($form['anchor'])) { $anchor = '#' . $form['anchor']; $sectionName = $form['section-name']; print_unescaped(sprintf("<li><a href='%s'>%s</a></li>", \OCP\Util::sanitizeHTML($anchor), \OCP\Util::sanitizeHTML($sectionName))); } } ?> </ul> </div> <div id="app-content"> <div id="quota" class="section"> <div style="width:<?php p($_['usage_relative']); ?> %" <?php if ($_['usage_relative'] > 80) {
function html_select_options($options, $selected, $params = array()) { if (!is_array($selected)) { $selected = array($selected); } if (isset($params['combine']) && $params['combine']) { $options = array_combine($options, $options); } $value_name = $label_name = false; if (isset($params['value'])) { $value_name = $params['value']; } if (isset($params['label'])) { $label_name = $params['label']; } $html = ''; foreach ($options as $value => $label) { if ($value_name && is_array($label)) { $value = $label[$value_name]; } if ($label_name && is_array($label)) { $label = $label[$label_name]; } $select = in_array($value, $selected) ? ' selected="selected"' : ''; $html .= '<option value="' . \OCP\Util::sanitizeHTML($value) . '"' . $select . '>' . \OCP\Util::sanitizeHTML($label) . '</option>' . "\n"; } return $html; }
/** * @brief use to create HTML emails and send them * @param $eventid The event id * @param $location The location * @param $description The description * @param $dtstart The start date * @param $dtend The end date * */ public static function sendEmails($eventid, $summary, $location, $description, $dtstart, $dtend) { $user = \OCP\User::getUser(); $eventsharees = array(); $eventShareesNames = array(); $emails = array(); $sharedwithByEvent = \OCP\Share::getItemShared('event', $eventid); if (is_array($sharedwithByEvent)) { foreach ($sharedwithByEvent as $share) { if ($share['share_type'] === \OCP\Share::SHARE_TYPE_USER || $share['share_type'] === \OCP\Share::SHARE_TYPE_GROUP) { $eventsharees[] = $share; } } foreach ($eventsharees as $sharee) { $shwth = $sharee['share_with']; if ($sharee['share_type'] == \OCP\Share::SHARE_TYPE_GROUP) { foreach (OC_Group::usersInGroup($shwth) as $u) { if (!in_array($u, $eventShareesNames)) { $eventShareesNames[] = $u; } } } else { if (!in_array($shwth, $eventShareesNames)) { $eventShareesNames[] = $shwth; } } } } foreach ($eventShareesNames as $name) { $result = OC_Calendar_Calendar::getUsersEmails($name); $emails[] = $result; } $adminmail = \OCP\Util::getDefaultEmailAddress('no-reply'); foreach ($emails as $email) { if ($email === null) { continue; } $subject = 'Calendar Event Shared'; $message = '<html><body>'; $message .= '<table style="border:1px solid black;" cellpadding="10">'; $message .= "<tr style='background: #eee;'><td colspan='2'><strong>" . $user . '</strong><strong> has shared with you an event</strong></td></tr>'; $message .= '<tr><td><strong>Summary:</strong> </td><td>' . \OCP\Util::sanitizeHTML($summary) . '</td></tr>'; $message .= '<tr><td><strong>Location:</strong> </td><td>' . \OCP\Util::sanitizeHTML($location) . '</td></tr>'; $message .= '<tr><td><strong>Description:</strong> </td><td>' . \OCP\Util::sanitizeHTML($description) . '</td></tr>'; $message .= '</table>'; $message .= '</body></html>'; OCP\Util::sendMail($email, \OCP\User::getDisplayName(), $subject, $message, $adminmail, $user, $html = 1); } }
?> <link><?php p($activity['link']); ?> </link> <?php } if (!empty($activity['timestamp'])) { ?> <pubDate><?php p(date('r', $activity['timestamp'])); ?> </pubDate> <?php } if (!empty($activity['message'])) { ?> <description><![CDATA[<?php print_unescaped(str_replace("\n", '<br />', \OCP\Util::sanitizeHTML($activity['messageformatted']['full']))); ?> ]]></description> <?php } ?> </item> <?php } ?> </channel> </rss>
$("a[rel=images]").fancybox({ 'titlePosition': 'inside' }); }); </script> <div id="controls"><?php $sr = trim($root, '/'); if (!empty($sr)) { $paths = explode('/', $sr); $path = '/'; for ($i = 0; $i < count($paths); $i++) { $path .= urlencode($paths[$i]) . '/'; $classess = 'crumb' . ($i == count($paths) - 1 ? ' last' : ''); echo '<div class="' . $classess . '" style="background-image:url(\'' . \OCP\image_path('core', 'breadcrumb.png') . '\')"><a href="' . \OCP\Util::linkTo('gallery', 'index.php') . '&root=' . $path . '">' . \OCP\Util::sanitizeHTML($paths[$i]) . '</a></div>'; } } ?> <!--<a href="javascript:shareGallery();"><input type="button" value="<?php echo $l->t('Share'); ?> " /></a>--><br/> </div> <div id="gallerycontent"> <?php include 'apps/gallery/lib/tiles.php'; $root = empty($_GET['root']) ? '/' : $_GET['root']; $images = \OC_FileCache::searchByMime('image', null, '/' . \OCP\USER::getUser() . '/files' . $root); sort($images); $tl = new \OC\Pictures\TilesLine();
/** * @NoAdminRequired * @param string $importurl */ public function checkImportUrl($importurl) { $externUriFile = trim(urldecode($importurl)); $newUrl = ''; $bExistUri = false; $getProtocol = explode('://', $externUriFile); if (strtolower($getProtocol[0]) === 'webcal') { $newUrl = 'https://' . $getProtocol[1]; $aMetaHttps = $this->stream_last_modified($newUrl); if ($aMetaHttps['fileaccess'] !== true) { $newUrl = 'http://' . $getProtocol[1]; $aMetaHttp = $this->stream_last_modified($newUrl); if ($aMetaHttp['fileaccess'] !== true) { $bExistUri = false; } else { $bExistUri = true; } } else { $bExistUri = true; } } else { $protocol = $getProtocol[0]; if (preg_match('%index.php/apps/calendarplus/s/(/.*)?%', $externUriFile)) { $temp = explode('/s/', $externUriFile); $externUriFile = $temp[0] . '/exporteventscalendar?t=' . $temp[1]; } $newUrl = $externUriFile; $aMeta = $this->stream_last_modified($newUrl); if ($aMeta['fileaccess'] === true) { $bExistUri = true; } } $opts = array($protocol => array('method' => 'GET', 'header' => "Content-Type: text/calendar\r\n", 'timeout' => 60)); $bError = false; if ($bExistUri === true) { $context = stream_context_create($opts); try { $file = file_get_contents($newUrl, false, $context); //\OCP\Util::writeLog('calendarplus','FILE: '.$newUrl, \OCP\Util::DEBUG); $import = new \OCA\CalendarPlus\Import($file); $import->setUserID($this->userId); $guessedcalendarname = \OCP\Util::sanitizeHTML($import->guessCalendarName()); $testColor = $import->guessCalendarColor(); $guessedcalendarcolor = $testColor !== null ? $testColor : '006DCC'; $params = ['status' => 'success', 'file' => $file, 'externUriFile' => $externUriFile, 'guessedcalendarname' => $guessedcalendarname, 'guessedcalendarcolor' => $guessedcalendarcolor]; $response = new JSONResponse($params); return $response; } catch (Exception $e) { $params = ['status' => 'error', 'message' => (string) $this->l10n->t('Subscribed url is not valid')]; $response = new JSONResponse($params); return $response; } } else { $params = ['status' => 'error', 'message' => (string) $this->l10n->t('Subscribed url is not valid')]; $response = new JSONResponse($params); return $response; } }
/** * @brief use to create HTML emails and send them * @param $eventid The event id * @param $location The location * @param $description The description * @param $dtstart The start date * @param $dtend The end date * */ public static function sendEmails($eventid, $summary, $location, $description, $dtstart, $dtend) { $user = \OCP\User::getUser(); $eventsharees = array(); $eventShareesNames = array(); $emails = array(); $sharedwithByEvent = \OCP\Share::getItemShared('event', $eventid); if (is_array($sharedwithByEvent)) { foreach ($sharedwithByEvent as $share) { if ($share['share_type'] === \OCP\Share::SHARE_TYPE_USER || $share['share_type'] === \OCP\Share::SHARE_TYPE_GROUP) { $eventsharees[] = $share; } } foreach ($eventsharees as $sharee) { $eventShareesNames[] = $sharee['share_with']; } } foreach ($eventShareesNames as $name) { $result = OC_Calendar_Calendar::getUsersEmails($name); $emails[] = $result; } $useremail = OC_Calendar_Calendar::getUsersEmails($user); foreach ($emails as $email) { if ($email === null) { continue; } $subject = 'Calendar Event Shared'; $headers = 'MIME-Version: 1.0\\r\\n'; $headers .= 'Content-Type: text/html; charset=utf-8\\r\\n'; $headers .= 'From:' . $useremail; $message = '<html><body>'; $message .= '<table style="border:1px solid black;" cellpadding="10">'; $message .= "<tr style='background: #eee;'><td colspan='2'><strong>" . $user . '</strong><strong> has shared with you an event</strong></td></tr>'; $message .= '<tr><td><strong>Summary:</strong> </td><td>' . \OCP\Util::sanitizeHTML($summary) . '</td></tr>'; $message .= '<tr><td><strong>Location:</strong> </td><td>' . \OCP\Util::sanitizeHTML($location) . '</td></tr>'; $message .= '<tr><td><strong>Description:</strong> </td><td>' . \OCP\Util::sanitizeHTML($description) . '</td></tr>'; $message .= '</table>'; $message .= '</body></html>'; OCP\Util::sendMail($email, "User", $subject, $message, $useremail, $user, $html = 1, $altbody = '', $ccaddress = '', $ccname = '', $bcc = ''); } }
/** * Returns a list of grouped parameters * * 2 parameters are joined by "and": * => A and B * Up to 5 parameters are joined by "," and "and": * => A, B, C, D and E * More than 5 parameters are joined by "," and trimmed: * => A, B, C and #n more * * @param array $parameterList * @param array $plainParameterList * @param bool $highlightParams * @return string */ protected function joinParameterList($parameterList, $plainParameterList, $highlightParams) { if (empty($parameterList)) { return ''; } $count = sizeof($parameterList); $lastItem = array_pop($parameterList); if ($count === 1) { return $lastItem; } else { if ($count === 2) { $firstItem = array_pop($parameterList); return $this->l->t('%s and %s', array($firstItem, $lastItem)); } else { if ($count <= 5) { $list = implode($this->l->t(', '), $parameterList); return $this->l->t('%s and %s', array($list, $lastItem)); } } } $firstParams = array_slice($parameterList, 0, 3); $firstList = implode($this->l->t(', '), $firstParams); $trimmedParams = array_slice($plainParameterList, 3); $trimmedList = implode($this->l->t(', '), $trimmedParams); if ($highlightParams) { return $this->l->n('%s and <strong %s>%n more</strong>', '%s and <strong %s>%n more</strong>', $count - 3, array($firstList, 'class="has-tooltip" title="' . Util::sanitizeHTML($trimmedList) . '"')); } return $this->l->n('%s and %n more', '%s and %n more', $count - 3, array($firstList)); }
/** * @brief Data structure of properties * @param object $property * @return associative array * * returns an associative array with * ['name'] name of property * ['value'] htmlspecialchars escaped value of property * ['parameters'] associative array name=>value * ['checksum'] checksum of whole property * NOTE: $value is not escaped anymore. It shouldn't make any difference * but we should look out for any problems. */ public static function structureProperty($property) { if (!in_array($property->name, App::$index_properties)) { return; } $value = $property->getValue(); if ($property->name == 'ADR' || $property->name == 'N' || $property->name == 'ORG') { $value = $property->getParts(); $value = array_map('trim', $value); } elseif ($property->name == 'BDAY') { if (strpos($value, '-') === false) { if (strlen($value) >= 8) { $value = substr($value, 0, 4) . '-' . substr($value, 4, 2) . '-' . substr($value, 6, 2); } else { return null; // Badly malformed :-( } } } elseif ($property->name == 'PHOTO') { $value = true; } elseif ($property->name == 'CATEGORIES') { $value = strtr($value, array('\\,' => ',', '\\;' => ';')); $tmp = explode(',', $value); $value = array_map('trim', $tmp); } elseif ($property->name == 'IMPP') { if (strpos($value, ':') !== false) { $value = explode(':', $value); $protocol = array_shift($value); if (!isset($property['X-SERVICE-TYPE'])) { $property['X-SERVICE-TYPE'] = strtoupper(\OCP\Util::sanitizeHTML($protocol)); } $value = implode('', $value); } } if (is_string($value)) { $value = strtr($value, array('\\,' => ',', '\\;' => ';')); } $temp = array('value' => $value, 'parameters' => array()); // This cuts around a 3rd off of the json response size. if (in_array($property->name, App::$multi_properties)) { $temp['checksum'] = substr(md5($property->serialize()), 0, 8); } foreach ($property->parameters as $parameter) { // Faulty entries by kaddressbook // Actually TYPE=PREF is correct according to RFC 2426 // but this way is more handy in the UI. Tanghus. if ($parameter->name == 'TYPE' && strtoupper($parameter->getValue()) == 'PREF') { $parameter->name = 'PREF'; $parameter->setValue('1'); } // NOTE: Apparently Sabre_VObject_Reader can't always deal with value list parameters // like TYPE=HOME,CELL,VOICE. Tanghus. // TODO: Check if parameter is has commas and split + merge if so. if ($parameter->name == 'TYPE') { $pvalue = $parameter->getValue(); if (is_string($pvalue) && strpos($pvalue, ',') !== false) { $pvalue = array_map('trim', explode(',', $pvalue)); } $pvalue = is_array($pvalue) ? $pvalue : array($pvalue); if (isset($temp['parameters'][$parameter->name])) { $temp['parameters'][$parameter->name][] = \OCP\Util::sanitizeHTML($pvalue); } else { $temp['parameters'][$parameter->name] = \OCP\Util::sanitizeHTML($pvalue); } } else { //$value = strtr($value, array('\,' => ',', '\;' => ';')); $temp['parameters'][$parameter->name] = \OCP\Util::sanitizeHTML($parameter->getValue()); } } return $temp; }
/** * Prepares a file parameter for usage * * Removes the path from filenames and adds highlights * * @param string $param * @param bool $stripPath Shall we remove the path from the filename * @param bool $highlightParams * @return string */ protected function prepareFileParam($param, $stripPath, $highlightParams) { $param = $this->fixLegacyFilename($param); $is_dir = $this->rootView->is_dir('/' . User::getUser() . '/files' . $param); if ($is_dir) { $fileLink = Util::linkTo('files', 'index.php', array('dir' => $param)); } else { $parentDir = substr_count($param, '/') == 1 ? '/' : dirname($param); $fileName = basename($param); $fileLink = Util::linkTo('files', 'index.php', array('dir' => $parentDir, 'scrollto' => $fileName)); } $param = trim($param, '/'); list($path, $name) = $this->splitPathFromFilename($param); if (!$stripPath || $path === '') { if (!$highlightParams) { return $param; } return '<a class="filename" href="' . $fileLink . '">' . Util::sanitizeHTML($param) . '</a>'; } if (!$highlightParams) { return $name; } $title = ' title="' . $this->l->t('in %s', array(Util::sanitizeHTML($path))) . '"'; return '<a class="filename tooltip" href="' . $fileLink . '"' . $title . '>' . Util::sanitizeHTML($name) . '</a>'; }
public function get() { $r = '<div class="title gallery_div">' . \OCP\Util::sanitizeHTML($this->stack_name) . '</div>'; for ($i = 0; $i < count($this->tiles_array); $i++) { $top = rand(-5, 5); $left = rand(-5, 5); $img_w = $this->tiles_array[$i]->getWidth(); $extra = ''; if ($img_w < IMAGE_WIDTH) { $extra = 'width:' . $img_w . 'px;'; } $r .= '<div class="miniature_border gallery_div" style="background-image:url(\'' . $this->tiles_array[$i]->getMiniatureSrc() . '\');margin-top:' . $top . 'px; margin-left:' . $left . 'px;' . $extra . '"></div>'; } return $r; }