/**
* Applies output filters, adds XSS protection to POST forms
* Note: XSS can be switched off by adding "xp-off" class to form
*
* @param string $output
* @return string
*/
function cot_outputfilters($output)
{
/* === Hook === */
foreach (cot_getextplugins('output') as $pl) {
include realpath(dirname(__FILE__) . '/..') . '/' . $pl;
}
/* ==== */
$output = preg_replace_callback('#<form\\s+[^>]*method=["\']?post["\']?[^>]*>#i', function ($m) {
return $m[0] . (preg_match('/class\\s*=\\s*["\']?.*?[\\s"\']xp-off[\\s"\'].*?["\']?/i', $m[0]) ? '' : cot_xp());
}, $output);
return $output;
}
/**
* Standard SED output filters, adds XSS protection to forms
*
* @param unknown_type $output
* @return unknown
*/
function cot_outputfilters($output)
{
/* === Hook === */
foreach (cot_getextplugins('output') as $pl) {
include realpath(dirname(__FILE__) . '/..') . '/' . $pl;
}
/* ==== */
$output = preg_replace('#<form\\s+[^>]*method=["\']?post["\']?[^>]*>#i', '$0' . cot_xp(), $output);
return $output;
}
* Subscribe widget form template
*
* @package Subscribe
* @author Kalnov Alexey <*****@*****.**>
* @copyright (c) Portal30 Studio http://portal30.ru
*/
/** @var subscribe_model_Subscribe $subscribe */
$subscribe = $this->subscribe;
if (!empty($subscribe)) {
?>
<div id="subscribe-me-<?php
echo $subscribe->id;
?>
" class="subscribe-me">
<?php
echo cot_xp();
?>
<div class="input-group marginbottom10">
<input type="text" name="email" class="form-control" placeholder="<?php
echo cot::$L['Email'];
?>
...">
<span class="input-group-btn">
<button class="btn btn-default subscribe-me-submit" type="button"><?php
echo cot::$L['subscribe_to_subscribe'];
?>
</button>
</span>
</div>
</div>
<?php
/**
* Used with cot_outputfilters
* It is needed because php 5.2 does not support anonymous functions. So during the installation we can not even show
* an error message.
* @param $m
* @return string
*/
function cot_outputfilters_callback($m)
{
return $m[0] . (preg_match('/class\\s*=\\s*["\']?.*?[\\s"\']xp-off[\\s"\'].*?["\']?/i', $m[0]) ? '' : cot_xp());
}
require_once cot_incfile($n, $is_module ? 'module' : 'plug');
}
}
if (!empty($a) && file_exists(cot_incfile('cateditor', 'plug', 'admin.' . $sub . '.' . $a))) {
require_once cot_incfile('cateditor', 'plug', 'admin.' . $sub . '.' . $a);
} elseif ($id > 0) {
require_once cot_incfile('cateditor', 'plug', 'admin.edit');
$status['editor'] = form_structure_editor($id);
} else {
$parentid = cot_import('parentid', 'G', 'INT');
require_once cot_incfile('cateditor', 'plug', 'admin.new');
$status['editor'] = form_structure_new($parentid);
}
/*
if (file_exists(cot_incfile('cateditor', 'plug', 'admin.'.$sub)))
{
$t = new XTemplate(cot_tplfile('cateditor.admin.'.$sub, 'plug'));
require_once cot_incfile('cateditor', 'plug', 'admin.'.$sub);
$t->parse('MAIN');
$adminmain = $t->text('MAIN');
}
*/
if ($status['editor']) {
$status['editor'] = preg_replace('#<form\\s+[^>]*method=["\']?post["\']?[^>]*>#i', '$0' . cot_xp(), $status['editor']);
}
cot_sendheaders('application/json');
$status['id'] = (int) $id;
$status['x'] = $sys['xk'];
//cot_watch($status, $_GET);
echo json_encode($status);
exit;
/**
* Чекбокс "Добавить к сравнению
*
* @param advboard_model_Advert $item
* @param string $title
* @return string
*/
function adv_compare_checkbox($item, $title = null)
{
static $loaded = false;
$choosen = false;
if ($item instanceof advboard_model_Advert) {
$id = $item->id;
} else {
$id = $item;
}
if ($id == 0) {
return '';
}
if (!empty($_SESSION['advboard_compare']) && !empty($_SESSION['advboard_compare'][cot::$sys['site_id']])) {
if (isset($_SESSION['advboard_compare'][cot::$sys['site_id']][$id]) && !empty($_SESSION['advboard_compare'][cot::$sys['site_id']][$id])) {
$choosen = true;
}
}
if (is_null($title)) {
$title = cot::$L['advboard_compare_add'];
}
$ret = cot_checkbox($choosen, 'advboard_comp[]', $title, array('class' => 'advboard_compare'), $id, 'input_check');
if (!$loaded) {
Resources::linkFileFooter(cot::$cfg["modules_dir"] . '/advboard/js/advboard.compare.form.js');
$loaded = true;
$ret .= cot_xp();
}
return $ret;
}
