function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid = 0)
{
global $board_config, $html_entities_match, $html_entities_replace;
//
// Clean up the message
//
$message = trim($message);
if ($html_on) {
// If HTML is on, we try to make it safe
// This approach is quite agressive and anything that does not look like a valid tag
// is going to get converted to HTML entities
$message = stripslashes($message);
$html_match = '#<[^\\w<]*(\\w+)((?:"[^"]*"|\'[^\']*\'|[^<>\'"])+)?>#';
$matches = array();
$message_split = preg_split($html_match, $message);
preg_match_all($html_match, $message, $matches);
$message = '';
foreach ($message_split as $part) {
$tag = array(array_shift($matches[0]), array_shift($matches[1]), array_shift($matches[2]));
$message .= preg_replace($html_entities_match, $html_entities_replace, $part) . clean_html($tag);
}
$message = addslashes($message);
$message = str_replace('"', '\\"', $message);
} else {
$message = preg_replace($html_entities_match, $html_entities_replace, $message);
}
if ($bbcode_on && $bbcode_uid != '') {
$message = bbencode_first_pass($message, $bbcode_uid);
}
return $message;
}
public function assign_smarty_vars()
{
$this->smarty->assign('artefacttype', 'internal');
$this->smarty->assign('artefactplugin', 'internal');
$this->smarty->assign('title', display_name($this->get('exporter')->get('user'), $this->get('exporter')->get('user')));
// If this ID is changed, you'll have to change it in author.tpl too
$this->smarty->assign('id', 'portfolio:artefactinternal');
$this->smarty->assign('leaptype', $this->get_leap_type());
$persondata = array();
$spacialdata = array();
foreach ($this->artefacts as $a) {
if (!($data = $this->data_mapping($a))) {
if ($a->get('artefacttype') == 'introduction') {
$this->smarty->assign('contenttype', 'html');
$this->smarty->assign('content', clean_html($a->get('title')));
}
continue;
}
$value = $a->render_self(array());
$value = $value['html'];
// TODO fix this when we non-js stuff
$data = array_merge(array('value' => $value, 'artefacttype' => $a->get('artefacttype'), 'artefactplugin' => 'internal'), $data);
if (array_key_exists('spacial', $data)) {
$spacialdata[] = (object) $data;
} else {
$data = array_merge($data, array('label' => get_string($a->get('artefacttype'), 'artefact.internal')));
$persondata[] = (object) $data;
}
}
if ($extras = $this->exporter->get('extrapersondata')) {
$persondata = array_merge($persondata, $extras);
}
$this->smarty->assign('persondata', $persondata);
$this->smarty->assign('spacialdata', $spacialdata);
}
function export_form_cell_html($element)
{
global $THEME;
$strclicktopreview = get_string('clicktopreview', 'export');
$strpreview = get_string('Preview');
$element['description'] = clean_html($element['description']);
return <<<EOF
<div class="checkbox">
{$element['html']}
{$element['labelhtml']}
<div class="text-small with-label plxs">
{$element['description']}
<a href="{$element['viewlink']}" class="viewlink nojs-hidden-inline" target="_blank">{$strclicktopreview}</a>
</div>
</div>
EOF;
}
function show_xls($_POST)
{
$OUT = show_report($_POST);
$OUT = clean_html($OUT);
require_lib("xls");
StreamXLS("Leave", $OUT);
}
public static function render_instance(BlockInstance $instance, $editing = false)
{
$configdata = $instance->get('configdata');
// this will make sure to unserialize it for us
$configdata['viewid'] = $instance->get('view');
$result = '';
$artefactid = isset($configdata['artefactid']) ? $configdata['artefactid'] : null;
if ($artefactid) {
$artefact = $instance->get_artefact_instance($artefactid);
if (!file_exists($artefact->get_path())) {
return;
}
$result = clean_html(file_get_contents($artefact->get_path()));
require_once get_config('docroot') . 'artefact/comment/lib.php';
require_once get_config('docroot') . 'lib/view.php';
$view = new View($configdata['viewid']);
list($commentcount, $comments) = ArtefactTypeComment::get_artefact_comments_for_view($artefact, $view, $instance->get('id'), true, $editing);
}
$smarty = smarty_core();
if ($artefactid) {
$smarty->assign('commentcount', $commentcount);
$smarty->assign('comments', $comments);
}
$smarty->assign('html', $result);
return $smarty->fetch('blocktype:html:html.tpl');
}
function prepare_message($message, $html_on, $bbcode_on, $smile_on)
{
global $config, $html_entities_match, $html_entities_replace;
// Clean up the message
$message = trim($message);
if ($html_on) {
// If HTML is on, we try to make it safe
// This approach is quite agressive and anything that does not look like a valid tag is going to get converted to HTML entities
$message = $message;
$html_match = '#<[^\\w<]*(\\w+)((?:"[^"]*"|\'[^\']*\'|[^<>\'"])+)?>#';
$matches = array();
$message_split = preg_split($html_match, $message);
preg_match_all($html_match, $message, $matches);
$message = '';
foreach ($message_split as $part) {
$tag = array(array_shift($matches[0]), array_shift($matches[1]), array_shift($matches[2]));
$message .= preg_replace($html_entities_match, $html_entities_replace, $part) . clean_html($tag);
//$message .= preg_replace($html_entities_match, $html_entities_replace, $part) . $tag;
}
$message = $message;
// Mighty Gorgon: This should not be needed any more...
//$message = str_replace('"', '\"', $message);
} else {
$message = preg_replace($html_entities_match, $html_entities_replace, $message);
}
return $message;
}
/**
* clean
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Clean
* @author Henry Ruhs
*
* @param string $input
* @param integer $mode
* @return string
*/
function clean($input = '', $mode = '')
{
$output = $input;
/* if untrusted user */
if (FILTER == 1) {
if ($mode == 0) {
$output = clean_special($output);
}
if ($mode == 1) {
$output = clean_script($output);
$output = clean_html($output);
}
}
/* type related clean */
if ($mode == 2) {
$output = clean_alias($output);
}
if ($mode == 3) {
$output = clean_email($output);
}
if ($mode == 4) {
$output = clean_url($output);
}
/* mysql clean */
$output = clean_mysql($output);
return $output;
}
public static function render_instance(BlockInstance $instance, $editing = false)
{
$configdata = $instance->get('configdata');
$text = isset($configdata['text']) ? $configdata['text'] : '';
safe_require('artefact', 'file');
$text = ArtefactTypeFolder::append_view_url($text, $instance->get('view'));
return clean_html($text);
}
public function assign_smarty_vars()
{
$user = $this->get('exporter')->get('user');
$userid = $user->get('id');
$updated = get_record_sql('select ' . db_format_tsfield('max(mtime)', 'mtime') . ' from {artefact} a join {artefact_installed_type} t on a.artefacttype = t.name where t.plugin = \'internal\'');
$this->smarty->assign('artefacttype', 'internal');
$this->smarty->assign('artefactplugin', 'internal');
$this->smarty->assign('title', display_name($user, $user));
$this->smarty->assign('updated', PluginExportLeap::format_rfc3339_date($updated->mtime));
// If this ID is changed, you'll have to change it in author.tpl too
$this->smarty->assign('id', 'portfolio:artefactinternal');
$this->smarty->assign('leaptype', $this->get_leap_type());
$persondata = array();
$spacialdata = array();
usort($this->artefacts, array($this, 'artefact_sort'));
foreach ($this->artefacts as $a) {
if (!($data = $this->data_mapping($a))) {
if ($a->get('artefacttype') == 'introduction') {
$this->smarty->assign('contenttype', 'html');
$this->smarty->assign('content', clean_html($a->get('title')));
}
continue;
}
$value = $a->render_self(array());
$value = $value['html'];
// TODO fix this when we non-js stuff
$data = array_merge(array('value' => $value, 'artefacttype' => $a->get('artefacttype'), 'artefactplugin' => 'internal'), $data);
if (array_key_exists('spacial', $data)) {
$spacialdata[] = (object) $data;
} else {
$label = get_string($a->get('artefacttype'), 'artefact.internal');
if ($a->get('artefacttype') == 'socialprofile') {
$label = $a->get('description');
}
$data = array_merge($data, array('label' => $label));
$persondata[] = (object) $data;
}
}
if ($extras = $this->exporter->get('extrapersondata')) {
$persondata = array_merge($persondata, $extras);
}
$this->smarty->assign('persondata', $persondata);
$this->smarty->assign('spacialdata', $spacialdata);
// Grab profile icons and link to them, making sure the default is first
if ($icons = get_column_sql("SELECT id\n FROM {artefact}\n WHERE artefacttype = 'profileicon'\n AND \"owner\" = ?\n ORDER BY id = (\n SELECT profileicon FROM {usr} WHERE id = ?\n ) DESC, id", array($userid, $userid))) {
foreach ($icons as $icon) {
$icon = artefact_instance_from_id($icon);
$this->add_artefact_link($icon, 'related');
}
$this->smarty->assign('links', $this->links);
}
if (!($categories = $this->get_categories())) {
$categories = array();
}
$this->smarty->assign('categories', $categories);
}
function export_form_cell_html($element)
{
$strclicktopreview = get_string('clicktopreview', 'export');
$previewimg = theme_get_url('images/icon-display.png');
$strpreview = get_string('Preview');
$element['description'] = clean_html($element['description']);
return <<<EOF
<td>
{$element['html']} {$element['labelhtml']}
<div>{$element['description']}</div>
<div><a href="{$element['viewlink']}" class="viewlink nojs-hidden-inline" target="_blank">{$strclicktopreview}</a></div>
</td>
EOF;
}
function process_expired(&$trans_class, $mins, $cntLimit = 0)
{
echo "<p>processing expired subscriptions</p>";
$timeLimit = time() + $mins * 60;
$cnt = 1;
echo "\r\n\t<table>\r\n\t\t\t<tr>\r\n\t\t\t<td>Subscription ID</td><td> </td>\r\n\t\t\t<td>Count ID</td><td> </td>\r\n\t\t\t<td>Response</td><td> </td>\r\n\t\t\t</tr>\r\n\t";
while ((time() < $timeLimit || $mins == 0) && ($cnt < $cntLimit || $cntLimit == 0) && ($id = $trans_class->get_next_expired_rebill())) {
$trans_class->pull_subscription($id);
$res = $trans_class->update_account_status();
echo "\r\n\t\t\t<tr>\r\n\t\t\t<td>{$id}</td><td></td>\r\n\t\t\t<td>" . $cnt . "</td><td></td>\r\n\t\t\t<td>" . clean_html($res[1]['response']['body']) . "</td><td></td>\r\n\t\t\t</tr>\r\n\t\t";
flush();
$cnt++;
}
echo "\r\n\t</table>\r\n\t";
}
public static function render_instance(BlockInstance $instance, $editing = false)
{
$configdata = $instance->get('configdata');
// this will make sure to unserialize it for us
$configdata['viewid'] = $instance->get('view');
$result = '';
if (isset($configdata['artefactid'])) {
$html = $instance->get_artefact_instance($configdata['artefactid']);
if (!file_exists($html->get_path())) {
return;
}
$result = clean_html(file_get_contents($html->get_path()));
}
return $result;
}
function print_report()
{
$OUTPUT = clean_html(financialStatements::incomestmnt($_POST));
switch ($_POST["key"]) {
case ct("Print"):
require "../tmpl-print.php";
break;
case ct("Save"):
db_conn("core");
$sql = "INSERT INTO save_income_stmnt (output, gendate, div) VALUES ('" . base64_encode($OUTPUT) . "', current_date, '" . USER_DIV . "')";
$svincRslt = db_exec($sql) or errDie("Unable to save the balance sheet to Cubit.");
return "<li class='err'>Income statement has been successfully saved to Cubit.</li>\n\t\t\t<table border=0 cellpadding='" . TMPL_tblCellPadding . "' cellspacing='" . TMPL_tblCellSpacing . "' width=25%>\n\t\t\t\t<tr><th>Quick Links</th></tr>\n\t\t\t\t<tr class=datacell><td align=center><a target=_blank href='../core/acc-new2.php'>Add account (New Window)</a></td></tr>\n\t\t\t\t<tr class=datacell><td align=center><a href='index-reports.php'>Financials</a></td></tr>\n\t\t\t\t<tr class=datacell><td align=center><a href='index-reports-stmnt.php'>Current Year Financial Statements</a></td></tr>\n\t\t\t\t<tr class=datacell><td align=center><a href='../main.php'>Main Menu</td></tr>\n\t\t\t</table>";
break;
case ct("Export to Spreadsheet"):
require_lib("xls");
StreamXLS("income_statement", $OUTPUT);
break;
}
}
function display()
{
extract($_REQUEST);
$fields = array();
$fields["from_year"] = date("Y");
$fields["from_month"] = date("m");
$fields["from_day"] = "01";
$fields["to_year"] = date("Y");
$fields["to_month"] = date("m");
$fields["to_day"] = date("d");
$fields["print"] = 0;
extract($fields, EXTR_SKIP);
if (!$print) {
$OUTPUT = "<center>\r\n\t\t<h3>Driver Collect/Deliver</h3>\r\n\t\t<form method='post' action='" . SELF . "'>\r\n\t\t<table " . TMPL_tblDflts . ">\r\n\t\t\t<tr><th colspan='4'>Date Range</th></tr>\r\n\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t<td>" . mkDateSelect("from", $from_year, $from_month, $from_day) . "</td>\r\n\t\t\t\t<td> <b>To</b> </td>\r\n\t\t\t\t<td>" . mkDateSelect("to", $to_year, $to_month, $to_day) . "</td>\r\n\t\t\t\t<td>\r\n\t\t\t\t\t<input type='submit' value='Select' style='font-weight: bold' />\r\n\t\t\t\t</td>\r\n\t\t\t</tr>\r\n\t\t\t<tr><td> </td></tr>\r\n\t\t\t<tr>\r\n\t\t\t\t<td colspan='4' align='center'>\r\n\t\t\t\t\t<input type='submit' name='print' value='Print' />\r\n\t\t\t\t</td>\r\n\t\t\t</tr>\r\n\t\t</table>\r\n\t\t</form>";
} else {
$OUTPUT = "";
}
$sql = "\r\n\tSELECT hire_invoices.invid, hire_invitems.collection, customers.surname,\r\n\t\tinvnum, branch_addr, branch_descrip, addr1, bustel, cellno\r\n\t\tFROM hire.hire_invitems\r\n\t\t\tLEFT JOIN hire.hire_invoices\r\n\t\t\t\tON hire_invitems.invid=hire_invoices.invid\r\n\t\t\tLEFT JOIN cubit.customers\r\n\t\t\t\tON hire_invoices.cusnum=customers.cusnum\r\n\t\t\tLEFT JOIN cubit.customer_branches\r\n\t\t\t\tON customers.cusnum=customer_branches.cusnum";
$item_rslt = db_exec($sql) or errDie("Unable to retrieve hire note items.");
$item_out = "";
while ($item_data = pg_fetch_array($item_rslt)) {
// Parse collection
$collection = explode(", ", $item_data["collection"]);
foreach ($collection as $value) {
if ($value == "Client Collect") {
continue;
}
if ($item_data["branch_addr"]) {
$address = nl2br($item_data["branch_descrip"]);
} else {
$address = nl2br($item_data["addr1"]);
}
$item_out .= "\r\n\t\t\t<table " . TMPL_tblDflts . " width='400' style='border: 1px solid #000'>\r\n\t\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t\t<td><b>{$item_data['surname']}</b></td>\r\n\t\t\t\t\t<td>" . ucfirst($value) . "</td>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t\t<td>Hire No: H" . getHirenum($item_data["invid"], 1) . "</td>\r\n\t\t\t\t\t<td>Date:_____________________</td>\r\n\t\t\t\t</td>\r\n\t\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t\t<td>Business Tel: {$item_data['bustel']}</td>\r\n\t\t\t\t\t<td>Cell No: {$item_data['cellno']}</td>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t\t<td colspan='2'>{$address}</td>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t\t<td style='padding-top: 10px'>Signature (Driver)</td>\r\n\t\t\t\t\t<td>___________________________</td>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t\t\t<td style='padding-top: 10px'>Signature (Recipient)</td>\r\n\t\t\t\t\t<td>___________________________</td>\r\n\t\t\t\t</tr>\r\n\t\t\t</table>\r\n\t\t\t<br />";
}
}
$OUTPUT .= "{$item_out}";
if ($print) {
$OUTPUT = clean_html($OUTPUT);
require "../tmpl-print.php";
} else {
return $OUTPUT;
}
}
public static function get_mails($user_id)
{
$user_id = intval($user_id);
$mails = [];
$sql = "SELECT * FROM mails WHERE recipient = {$user_id} ORDER BY unread DESC, send_date DESC LIMIT 30";
$req = Db::query($sql);
if ($req->rowCount() > 0) {
$result = $req->fetchAll(PDO::FETCH_ASSOC);
foreach ($result as $mail) {
$mails[$mail['id']] = $mail;
$mails[$mail['id']]['content'] = nl2br(clean_html($mail['content']));
$mails[$mail['id']]['topic'] = htmlentities($mail['topic']);
if ($mail['author'] == 0) {
$mails[$mail['id']]['author'] = 'admin';
} else {
$sender = new User($mail['author']);
$mails[$mail['id']]['author'] = htmlentities($sender->pseudo);
}
}
}
return $mails;
}
function display()
{
extract($_REQUEST);
$fields = array();
$fields["from_year"] = date("Y");
$fields["from_month"] = date("m");
$fields["from_day"] = "01";
$fields["to_year"] = date("Y");
$fields["to_month"] = date("m");
$fields["to_day"] = date("d");
$fields["perc_search"] = "100";
$fields["export"] = 0;
extract($fields, EXTR_SKIP);
$from_date = dateFmt($from_year, $from_month, $from_day);
$to_date = dateFmt($to_year, $to_month, $to_day);
$sql = "SELECT id, serial, des, grpname\r\n\t\t\tFROM cubit.assets\r\n\t\t\t\tLEFT JOIN cubit.assetgrp ON assets.grpid=assetgrp.grpid\r\n\t\t\tORDER BY serial ASC";
$asset_rslt = db_exec($sql) or errDie("Unable to retrieve assets.");
$asset_out = "";
while ($asset_data = pg_fetch_array($asset_rslt)) {
$percentage = utilisationPerc($asset_data["id"], $from_date, $to_date);
if (!is_numeric($perc_search) || $percentage > $perc_search) {
continue;
}
$asset_out .= "<tr class='" . bg_class() . "'>\r\n\t\t\t<td>{$asset_data['grpname']}</td>\r\n\t\t\t<td>" . getSerial($asset_data["id"]) . "</td>\r\n\t\t\t<td>{$asset_data['des']}</td>\r\n\t\t\t<td align='center'>\r\n\t\t\t\t<b>" . utilisationDays($asset_data["id"], $from_date, $to_date) . "</b>\r\n\t\t\t</td>\r\n\t\t\t<td align='center' >\r\n\t\t\t\t<b>{$percentage}%</b>\r\n\t\t\t</td>\r\n\t\t\t<td width='2%' bgcolor='" . ext_progressColor($percentage) . "'> </td>\r\n\t\t</tr>";
}
if (empty($asset_out)) {
$asset_out = "<tr class='" . bg_class() . "'>\r\n\t\t\t<td colspan='6'><li>No results found</li></td>\r\n\t\t</tr>";
}
$OUTPUT = "<center>\r\n\t<h3>Hire Utilisation Report</h3>\r\n\t<form method='post' action='" . SELF . "'>\r\n\t<table " . TMPL_tblDflts . ">\r\n\t\t<tr>\r\n\t\t\t<th colspan='3'>Date Range</th>\r\n\t\t</tr>\r\n\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t<td>" . mkDateSelect("from", $from_year, $from_month, $from_day) . "</td>\r\n\t\t\t<td> <b> To </b> </td>\r\n\t\t\t<td>" . mkDateSelect("to", $to_year, $to_month, $to_day) . "</td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t\t<th colspan='3'>Utilisation Percentage Filter (Less Than or Equal)</th>\r\n\t\t</tr>\r\n\t\t<tr class='" . bg_class() . "'>\r\n\t\t\t<td colspan='3' align='center'>\r\n\t\t\t\t<input type='text' name='perc_search' value='{$perc_search}'\r\n\t\t\t\tsize='2' style='text-align: center' />%\r\n\t\t\t</td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t\t<td colspan='3' align='center'>\r\n\t\t\t\t<input type='submit' value='Apply to Report'\r\n\t\t\t\tstyle='font-weight: bold; font-size: 1.1em' />\r\n\t\t\t</td>\r\n\t\t</tr>\r\n\t</table>\r\n\t</form>";
$OUTPUT .= $xls_out = "\r\n\t<h3>Hire Utilisation Report For {$from_date} to {$to_date}</h3>\r\n\t<table " . TMPL_tblDflts . " width='70%'>\r\n\t\t<tr>\r\n\t\t\t<th>Group</th>\r\n\t\t\t<th>Serial</th>\r\n\t\t\t<th>Description</th>\r\n\t\t\t<th>Days Hired</th>\r\n\t\t\t<th>Utilisation Percentage</th>\r\n\t\t\t<th width='2%'> </th>\r\n\t\t</tr>\r\n\t\t{$asset_out}\r\n\t</table>";
$OUTPUT .= "\r\n\t<form method='post' action='" . SELF . "'>\r\n\t\t<input type='hidden' name='export' value='1' />\r\n\t\t<input type='submit' value='Export to Spreadsheet' />\r\n\t</form>\r\n\t</center>";
if ($export) {
$xls_out = clean_html($xls_out);
require_lib("xls");
StreamXLS("hire_utilisation", $xls_out);
}
return $OUTPUT;
}
$oBrick->local = post('local');
}
break;
case 'form':
$oBrick->email = post('email');
break;
case 'map':
$oBrick->lat = floatval(post('lat'));
$oBrick->lng = floatval(post('lng'));
$oBrick->zoom = intval(post('zoom'));
break;
case 'short':
$oBrick->value = htmlspecialchars(post('value'));
break;
case 'rich':
$oBrick->value = clean_html(post('value'));
break;
}
if (!$oBrick->save()) {
die("Can't save !");
}
DomParser::destroyCache();
$app->redirect(str_replace('http://' . $utils->globals->server('server_name') . '/', '/', $utils->globals->server('http_referer')));
});
$app->post('/admin/save/infos/:ref/', 'admin_middleware', function ($sRef) use($app) {
$oInfos = new Infos($sRef);
$oInfos->title = post('title');
$oInfos->description = post('description');
$oInfos->keywords = post('keywords');
if (!$oInfos->save()) {
die("Can't save !");
function export_data($_POST)
{
require_lib("xls");
extract($_POST);
$data = clean_html(printCenter($_POST));
//$data =get_data($_POST);
StreamXLS("report", "{$data}");
}
function wapreplace($content)
{
$content = clean_html($content);
$content = wapubb($content);
return $content;
}
/**
* Take a username and password and try to authenticate the
* user
*
* @param string $username
* @param string $password
* @return bool
*/
public function login($username, $password)
{
$sql = 'SELECT
*,
' . db_format_tsfield('expiry') . ',
' . db_format_tsfield('lastlogin') . ',
' . db_format_tsfield('lastlastlogin') . ',
' . db_format_tsfield('lastaccess') . ',
' . db_format_tsfield('suspendedctime') . ',
' . db_format_tsfield('ctime') . '
FROM
{usr}
WHERE
LOWER(username) = ?';
if (function_exists('mb_strtolower')) {
$user = get_record_sql($sql, array(mb_strtolower($username, 'UTF-8')));
} else {
$user = get_record_sql($sql, array(strtolower($username)));
}
if ($user == false) {
throw new AuthUnknownUserException("\"{$username}\" is not known");
}
if (isset($user->logintries) && $user->logintries >= MAXLOGINTRIES) {
global $SESSION;
$SESSION->add_error_msg(get_string('toomanytries', 'auth'));
return false;
}
if (is_site_closed($user->admin)) {
return false;
}
// Authentication instances that have parents do so because they cannot
// use Mahara's normal login mechanism - for example, XMLRPC. If the
// user is using one of these authentication instances, we look and try
// to use the parent.
//
// There's no code here that prevents the authinstance being tried if
// it has no parent, mainly because that's an extra database lookup for
// the general case, and the authentication will probably just fail
// anyway. (XMLRPC, for example, leaves implementation of
// authenticate_user_account to the parent Auth class, which says 'not
// authorised' by default).
$instanceid = $user->authinstance;
if ($parentid = get_field('auth_instance_config', 'value', 'field', 'parent', 'instance', $instanceid)) {
$instanceid = $parentid;
}
// Check for a suspended institution
// If a user in more than one institution and one of them is suspended
// make sure their authinstance is not set to the suspended institution
// otherwise they will not be able to login.
$authinstance = get_record_sql('
SELECT i.suspended, i.displayname
FROM {institution} i JOIN {auth_instance} a ON a.institution = i.name
WHERE a.id = ?', array($instanceid));
if ($authinstance->suspended) {
$sitename = get_config('sitename');
throw new AccessTotallyDeniedException(get_string('accesstotallydenied_institutionsuspended', 'mahara', $authinstance->displayname, $sitename));
return false;
}
$auth = AuthFactory::create($instanceid);
// catch the AuthInstanceException that allows authentication plugins to
// fail but pass onto the next possible plugin
try {
if ($auth->authenticate_user_account($user, $password)) {
$this->authenticate($user, $auth->instanceid);
return true;
}
} catch (AuthInstanceException $e) {
return false;
}
// Display a message to users who are only allowed to login via their
// external application.
if ($auth->authloginmsg != '') {
global $SESSION;
$SESSION->add_error_msg(clean_html($auth->authloginmsg), false, 'loginbox');
}
if (empty($user->logintries)) {
$user->logintries = 0;
}
if ($user->logintries < MAXLOGINTRIES) {
$record = get_record('usr', 'id', $user->id, null, null, null, null, 'id, logintries');
$record->logintries = $user->logintries + 1;
update_record('usr', $record, false);
}
return false;
}
/**
* The CSV file is parsed here so validation errors can be returned to the
* user. The data from a successful parsing is stored in the <var>$CVSDATA</var>
* array so it can be accessed by the submit function
*
* @param Pieform $form The form to validate
* @param array $values The values submitted
*/
function uploadcsv_validate(Pieform $form, $values)
{
global $CSVDATA, $ALLOWEDKEYS, $MANDATORYFIELDS, $FORMAT, $USER, $UPDATES, $MEMBERS, $GROUPS;
// Don't even start attempting to parse if there are previous errors
if ($form->has_errors()) {
return;
}
if ($values['file']['size'] == 0) {
$form->set_error('file', $form->i18n('rule', 'required', 'required', array()));
return;
}
$institution = $values['institution'];
if (!$USER->can_edit_institution($institution)) {
$form->set_error('institution', get_string('notadminforinstitution', 'admin'));
return;
}
require_once 'csvfile.php';
$csvgroups = new CsvFile($values['file']['tmp_name']);
$csvgroups->set('allowedkeys', $ALLOWEDKEYS);
$csvgroups->set('mandatoryfields', $MANDATORYFIELDS);
$csvdata = $csvgroups->get_data();
if (!empty($csvdata->errors['file'])) {
$form->set_error('file', $csvdata->errors['file']);
return;
}
$csverrors = new CSVErrors();
$formatkeylookup = array_flip($csvdata->format);
$shortnames = array();
$hadadmin = array();
$num_lines = count($csvdata->data);
foreach ($csvdata->data as $key => $line) {
// If headers exists, increment i = key + 2 for actual line number
$i = $csvgroups->get('headerExists') ? $key + 2 : $key + 1;
// In adding 5000 groups, this part was approx 8% of the wall time.
if (!($key % 25)) {
set_progress_info('uploadgroupmemberscsv', $key, $num_lines * 10, get_string('validating', 'admin'));
}
// Trim non-breaking spaces -- they get left in place by File_CSV
foreach ($line as &$field) {
$field = preg_replace('/^(\\s|\\xc2\\xa0)*(.*?)(\\s|\\xc2\\xa0)*$/', '$2', $field);
}
$shortname = $line[$formatkeylookup['shortname']];
$username = $line[$formatkeylookup['username']];
$role = $line[$formatkeylookup['role']];
$gid = get_field('group', 'id', 'shortname', $shortname, 'institution', $institution);
if (!$gid) {
$csverrors->add($i, get_string('uploadgroupmemberscsverrornosuchshortname', 'admin', $i, $shortname, $institution));
continue;
}
$uid = get_field_sql('SELECT id FROM {usr} WHERE LOWER(username) = ?', array(strtolower($username)));
if (!$uid) {
$csverrors->add($i, get_string('uploadgroupmemberscsverrornosuchusername', 'admin', $i, $username));
continue;
}
if ($institution != 'mahara' && !record_exists('usr_institution', 'usr', $uid, 'institution', $institution)) {
$csverrors->add($i, get_string('uploadgroupmemberscsverrorusernotininstitution', 'admin', $i, $username, $institution));
continue;
}
if (!in_array($role, array_keys(group_get_role_info($gid)))) {
$csverrors->add($i, get_string('uploadgroupmemberscsverrorinvalidrole', 'admin', $i, $role));
continue;
}
if (!isset($MEMBERS[$gid])) {
$MEMBERS[$gid] = array();
}
if (isset($MEMBERS[$gid][$uid])) {
$csverrors->add($i, get_string('uploadgroupmemberscsverrorduplicateusername', 'admin', $i, $shortname, $username));
continue;
}
$MEMBERS[$gid][$uid] = $role;
$GROUPS[$gid] = $shortname;
if ($role == 'admin') {
$hasadmin[$shortname] = 1;
}
}
foreach ($GROUPS as $shortname) {
if (!isset($hasadmin[$shortname])) {
$csverrors->add($i, get_string('uploadgroupmemberscsverrornoadminlisted', 'admin', $i, $shortname));
}
}
if ($errors = $csverrors->process()) {
$form->set_error('file', clean_html($errors));
return;
}
$FORMAT = $csvdata->format;
$CSVDATA = $csvdata->data;
}
?>
<div><strong><?php echo Dwoo_Plugin_str($this, 'Views', 'view', null, null, null, null, null);?>:</strong> <?php echo (is_string($tmp=$this->scope["sitedata"]["views"]) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp);?><br />
<?php echo (is_string($tmp=$this->scope["sitedata"]["strviewsperuser"]) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp);?></div>
<?php
}?>
<div><strong><?php echo Dwoo_Plugin_str($this, 'databasesize', 'admin', null, null, null, null, null);?>:</strong> <?php echo display_size((is_string($tmp=(isset($this->scope["sitedata"]["dbsize"]) ? $this->scope["sitedata"]["dbsize"]:null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp));?></div>
<?php if ((is_string($tmp=(isset($this->scope["sitedata"]["diskusage"]) ? $this->scope["sitedata"]["diskusage"]:null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp)) {
?>
<div><strong><?php echo Dwoo_Plugin_str($this, 'diskusage', 'admin', null, null, null, null, null);?>:</strong> <?php echo display_size((is_string($tmp=(isset($this->scope["sitedata"]["diskusage"]) ? $this->scope["sitedata"]["diskusage"]:null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp));?></div>
<?php
}?>
<div><strong><?php echo Dwoo_Plugin_str($this, 'maharaversion', 'admin', null, null, null, null, null);?>:</strong> <?php echo (is_string($tmp=$this->scope["sitedata"]["release"]) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp);
if ((is_string($tmp=(isset($this->scope["sitedata"]["strlatestversion"]) ? $this->scope["sitedata"]["strlatestversion"]:null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp)) {
?> (<?php echo clean_html((isset($this->scope["sitedata"]["strlatestversion"]) ? $this->scope["sitedata"]["strlatestversion"]:null));?>)<?php
}?></div>
<div><strong><?php echo Dwoo_Plugin_str($this, 'Cron', 'admin', null, null, null, null, null);?>:</strong> <?php if ((is_string($tmp=(isset($this->scope["sitedata"]["cronrunning"]) ? $this->scope["sitedata"]["cronrunning"]:null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp)) {
echo Dwoo_Plugin_str($this, 'runningnormally', 'admin', null, null, null, null, null);
}
else {
echo Dwoo_Plugin_str($this, 'cronnotrunning1', 'admin', null, null, null, null, null);
}?></div>
</div>
<?php /* end template body */
return $this->buffer . ob_get_clean();
?>
$query = $db->query($sql);
$row = $db->fetch_array($query);
$uname = $row['user_name'];
$uname = iconv("GB2312", "UTF-8", $uname);
if (!$uname) {
$err = "1022";
} else {
$err = "1009";
}
echo "<?xml version=\"1.0\" encoding=\"gbk\"?>\n" . "<root>\n" . "<err>{$err}</err>\n" . "<info>\n" . "<pg>\n" . "<num>{$count}</num>\n" . "<total>{$total}</total>\n" . "</pg>\n" . "<us>\n" . "<me>{$uname}</me>\n" . "<mesn>{$id}</mesn>\n" . "</us>\n";
$sql = "SELECT s.*,u.user_name,u.user_head,u.user_info FROM et_content AS s,et_users AS u where s.user_id=u.user_id && s.user_id='{$id}' order by posttime desc limit {$count}";
$query = $db->query($sql);
while ($data = $db->fetch_array($query)) {
$xml_sid = $data['content_id'];
$xml_uid = $data['user_id'];
$xml_uname = $data['user_name'];
$xml_uinfo = $data['user_info'];
$xml_uhead = $data['user_head'] ? "{$webaddr}/attachments/head/" . $data['user_head'] : "images/noavatar.jpg";
$xml_cbody = trim(clean_html($data['content_body'])) == "" ? "此条TALK暂时无法显示" : trim(clean_html($data['content_body']));
$xml_cbody = apiurlreplace($xml_cbody);
$xml_cbody = iconv("GB2312", "UTF-8", $xml_cbody);
$xml_stime = $data['posttime'];
$xml_stime = gmdate('y-m-d H:m:s', $xml_stime + 8 * 3600);
$xml_type = $data['type'];
$xml_type = iconv("GB2312", "UTF-8", $xml_type);
$t = "<ml>\n" . "<id>{$xml_sid}</id>\n" . "<uid>{$xml_uid}</uid>\n" . "<cn>{$xml_cbody}</cn>\n" . "<t>{$xml_stime}</t>\n" . "<sr>{$xml_type}</sr>\n" . "</ml>\n";
$res = $res . $t;
}
$res = $res ? "<md>\n" . $res . "</md>\n" : "";
echo "{$res}</info>\n" . "</root>\n";
}
/**
* Render the import entry request for social profile fields
*/
public static function render_import_entry_request($entry_content)
{
$html = '<strong>' . $entry_content['description'] . ':</strong> ' . $entry_content['title'];
return clean_html($html);
}
function init_param($para_types, $var, $type = '', $default = NO_DEFAULT_PARAM, $must_exist = false, $set_global = true, $global_override = true)
{
if (!is_array($para_types)) {
if ($para_types) {
$para_tmp = $para_types;
$para_types = array();
$para_types[] = $para_tmp;
} else {
$para_types = array('POST', 'GET');
}
}
$para_found = false;
foreach ($para_types as $para_type) {
switch (strtoupper($para_type)) {
case 'POST':
if (isset($_POST[$var])) {
$para_value = remove_magic_quotes($_POST[$var]);
$para_found = true;
}
break;
case 'GET':
if (isset($_GET[$var])) {
$para_value = remove_magic_quotes($_GET[$var]);
$para_found = true;
}
break;
case 'COOKIE':
if (isset($_COOKIE[$var])) {
$para_value = remove_magic_quotes($_COOKIE[$var]);
$para_found = true;
}
break;
case 'SESSION':
if (isset($_SESSION[$var])) {
$para_value = $_SESSION[$var];
$para_found = true;
}
break;
default:
}
if ($para_found) {
break;
}
}
if ($must_exist && !$para_found) {
redirect_header("", 5, "Required parameter isn't set. [" . $var . "]");
}
if (!$para_found) {
if ($default !== NO_DEFAULT_PARAM) {
$para_value = $default;
} elseif ($type == 'string-yn') {
$para_value = 'N';
} elseif ($type == 'check-01') {
$para_value = '0';
}
}
if (isset($para_value)) {
if (!empty($type)) {
// Force the type
switch ($type) {
case 'html':
// do nothing
break;
case 'clean-html':
$para_value = trim(clean_html($para_value));
break;
case 'string':
$para_value = trim(strip_tags($para_value));
break;
case 'string-yn':
$para_value = $para_value == 'Y' ? 'Y' : 'N';
break;
case 'check-01':
$para_value = $para_value == '1' ? '1' : '0';
break;
case 'array-int':
settype($para_value, 'array');
array_walk($para_value, '_array_int_callback');
break;
default:
settype($para_value, $type);
}
}
set_param($var, $para_value);
}
if ($set_global) {
if ($global_override || empty($GLOBALS[$var])) {
if (!empty($GLOBALS[$var])) {
unset($GLOBALS[$var]);
}
if (!empty($para_value)) {
$GLOBALS[$var] = $para_value;
}
}
}
if (!empty($para_value)) {
return $para_value;
} else {
return false;
}
}
/**
* @param array $data Parameters:
* - viewid (int)
* - annotationid (int)
*/
public function __construct($data, $cron = false)
{
parent::__construct($data, $cron);
$annotation = new ArtefactTypeAnnotation($this->annotationid);
$annotationfeedback = new ArtefactTypeAnnotationfeedback($this->annotationfeedbackid);
$this->overridemessagecontents = true;
if ($onartefact = $annotation->get('artefact')) {
// Feedback on artefact.
$userid = null;
require_once get_config('docroot') . 'artefact/lib.php';
$artefactinstance = artefact_instance_from_id($onartefact);
if ($artefactinstance->feedback_notify_owner()) {
$userid = $artefactinstance->get('owner');
$groupid = $artefactinstance->get('group');
$institutionid = $artefactinstance->get('institution');
}
if (empty($this->url)) {
$this->url = 'artefact/artefact.php?artefact=' . $onartefact . '&view=' . $this->viewid;
}
} else {
if ($onview = $annotation->get('view')) {
// Feedback on view.
if (!($viewrecord = get_record('view', 'id', $onview))) {
throw new ViewNotFoundException(get_string('viewnotfound', 'error', $onview));
}
$userid = $viewrecord->owner;
$groupid = $viewrecord->group;
$institutionid = $viewrecord->institution;
if (empty($this->url)) {
$this->url = 'view/view.php?id=' . $onview;
}
} else {
// Something is wrong.
throw new ViewNotFoundException(get_string('invalidannotationfeedbacklinkerror', 'artefact.annotation'));
}
}
// Now fetch the users that will need to get notified about this event
// depending on whether the page has an owner, group, or institution id set.
if (!empty($userid)) {
$this->users = activity_get_users($this->get_id(), array($userid));
} else {
if (!empty($groupid)) {
require_once get_config('docroot') . 'lib/group.php';
$sql = "SELECT u.*\n FROM {usr} u, {group_member} m, {group} g\n WHERE g.id = m.group\n AND m.member = u.id\n AND m.group = ?\n AND (g.feedbacknotify = " . GROUP_ROLES_ALL . "\n OR (g.feedbacknotify = " . GROUP_ROLES_NONMEMBER . " AND (m.role = 'tutor' OR m.role = 'admin'))\n OR (g.feedbacknotify = " . GROUP_ROLES_ADMIN . " AND m.role = 'admin')\n )";
$this->users = get_records_sql_array($sql, array($groupid));
} else {
if (!empty($institutionid)) {
require_once get_config('libroot') . 'institution.php';
$institution = new Institution($institutionid);
$admins = $institution->institution_and_site_admins();
$this->users = get_records_sql_array("SELECT * FROM {usr} WHERE id IN (" . implode(',', $admins) . ")", array());
}
}
}
if (empty($this->users)) {
// no one to notify - possibe if group 'feedbacknotify' is set to 0
return;
}
$title = $onartefact ? $artefactinstance->get('title') : $viewrecord->title;
$this->urltext = $title;
$body = $annotationfeedback->get('description');
$posttime = strftime(get_string('strftimedaydatetime'), $annotationfeedback->get('ctime'));
// Internal
$this->message = strip_tags(str_shorten_html($body, 200, true));
// Seen as things like emaildigest base the message on $this->message
// we need to set the language for the $removedbyline here based on first user.
$user = $this->users[0];
$lang = empty($user->lang) || $user->lang == 'default' ? get_config('lang') : $user->lang;
// Comment deleted notification
if ($deletedby = $annotationfeedback->get('deletedby')) {
$this->strings = (object) array('subject' => (object) array('key' => 'annotationfeedbackdeletednotificationsubject', 'section' => 'artefact.annotation', 'args' => array($title)));
$deletedmessage = ArtefactTypeAnnotationfeedback::deleted_by_types_description();
$removedbyline = get_string_from_language($lang, $deletedmessage[$deletedby], 'artefact.annotation');
$this->message = $removedbyline . ":\n" . $this->message;
foreach ($this->users as $key => $user) {
if (empty($user->lang) || $user->lang == 'default') {
// check to see if we need to show institution language
$instlang = get_user_institution_language($user->id);
$lang = empty($instlang) || $instlang == 'default' ? get_config('lang') : $instlang;
} else {
$lang = $user->lang;
}
// For email we can send the message in the user's preferred language
$removedbyline = get_string_from_language($lang, $deletedmessage[$deletedby], 'artefact.annotation');
$this->users[$key]->htmlmessage = get_string_from_language($lang, 'annotationfeedbackdeletedhtml', 'artefact.annotation', hsc($title), $removedbyline, clean_html($body), get_config('wwwroot') . $this->url, hsc($title));
$this->users[$key]->emailmessage = get_string_from_language($lang, 'annotationfeedbackdeletedtext', 'artefact.annotation', $title, $removedbyline, trim(html2text(htmlspecialchars($body))), $title, get_config('wwwroot') . $this->url);
}
return;
}
$this->strings = (object) array('subject' => (object) array('key' => 'newannotationfeedbacknotificationsubject', 'section' => 'artefact.annotation', 'args' => array($title)));
$this->url .= '&showcomment=' . $annotationfeedback->get('id');
// Email
$author = $annotationfeedback->get('author');
foreach ($this->users as $key => $user) {
$authorname = empty($author) ? $annotationfeedback->get('authorname') : display_name($author, $user);
if (empty($user->lang) || $user->lang == 'default') {
// check to see if we need to show institution language
$instlang = get_user_institution_language($user->id);
$lang = empty($instlang) || $instlang == 'default' ? get_config('lang') : $instlang;
} else {
$lang = $user->lang;
}
$this->users[$key]->htmlmessage = get_string_from_language($lang, 'annotationfeedbacknotificationhtml', 'artefact.annotation', hsc($authorname), hsc($title), $posttime, clean_html($body), get_config('wwwroot') . $this->url);
$this->users[$key]->emailmessage = get_string_from_language($lang, 'annotationfeedbacknotificationtext', 'artefact.annotation', $authorname, $title, $posttime, trim(html2text(htmlspecialchars($body))), get_config('wwwroot') . $this->url);
}
}
function format_notification_whitespace($message, $type = null)
{
// OVERWRITE 3: replacement, changed from (? was removed from two lines to prevent php parsing error):
// $message = preg_replace('/<br( ?\/)/', '', $message);
// $message = preg_replace('/^(\s| |\xc2\xa0)*/', '', $message);
// $message = format_whitespace($message);
// @todo: Sensibly distinguish html notifications, notifications where the full text
// appears on another page and this is just an abbreviated preview, and text-only
// notifications where the entire text must appear here because there's nowhere else
// to see it.
// $replace = ($type == 'newpost' || $type == 'feedback') ? '<br>' : '<br><br>';
// return preg_replace('/(<br( ?\/)>\s*){2,}/', $replace, $message);
return clean_html($message);
// END OVERWRITE 3
}
/**
* Builds data for the artefact chooser.
*
* This builds three pieces of information:
*
* - HTML containing table rows
* - Pagination HTML and Javascript
* - The total number of artefacts found
* - Artefact fields to return
*/
public static function build_artefactchooser_data($data, $group = null, $institution = null)
{
global $USER;
// If lazyload is set, immediately return an empty resultset
// In the case of forms using lazyload, lazyload is set to false by subsequent requests via ajax,
// for example in views/artefactchooser.json.php, at which time the full resultset is returned.
if (isset($data['lazyload']) && $data['lazyload']) {
$result = '';
$pagination = build_pagination(array('id' => $data['name'] . '_pagination', 'class' => 'ac-pagination', 'url' => View::make_base_url() . (param_boolean('s') ? '&s=1' : ''), 'count' => 0, 'limit' => 0, 'offset' => 0, 'datatable' => $data['name'] . '_data', 'jsonscript' => 'view/artefactchooser.json.php', 'firsttext' => '', 'previoustext' => '', 'nexttext' => '', 'lasttext' => '', 'numbersincludefirstlast' => false, 'extradata' => array('value' => $data['defaultvalue'], 'blocktype' => $data['blocktype'], 'group' => $group, 'institution' => $institution)));
return array($result, $pagination, 0, 0, array());
}
$search = '';
if (!empty($data['search']) && param_boolean('s')) {
$search = param_variable('search', '');
// Maybe later, depending on performance - don't search if there's
// not enough characters. Prompts should be added to the UI too.
//if (strlen($search) < 3) {
// $search = '';
//}
}
$data['search'] = $search;
$data['offset'] -= $data['offset'] % $data['limit'];
safe_require('blocktype', $data['blocktype']);
$blocktypeclass = generate_class_name('blocktype', $data['blocktype']);
$data['sortorder'] = array(array('fieldname' => 'title', 'order' => 'ASC'));
if (method_exists($blocktypeclass, 'artefactchooser_get_sort_order')) {
$data['sortorder'] = call_static_method($blocktypeclass, 'artefactchooser_get_sort_order');
}
list($artefacts, $totalartefacts) = self::get_artefactchooser_artefacts($data, $USER, $group, $institution);
$selectone = $data['selectone'];
$value = $data['defaultvalue'];
$elementname = $data['name'];
$template = $data['template'];
$returnfields = isset($data['returnfields']) ? $data['returnfields'] : null;
$returnartefacts = array();
$result = '';
if ($artefacts) {
if (!empty($data['ownerinfo'])) {
require_once get_config('docroot') . 'artefact/lib.php';
$userid = $group || $institution ? null : $USER->get('id');
foreach (artefact_get_owner_info(array_keys($artefacts)) as $k => $v) {
if ($artefacts[$k]->owner !== $userid || $artefacts[$k]->group !== $group || $artefacts[$k]->institution !== $institution) {
$artefacts[$k]->ownername = $v->name;
$artefacts[$k]->ownerurl = $v->url;
}
}
}
foreach ($artefacts as &$artefact) {
safe_require('artefact', get_field('artefact_installed_type', 'plugin', 'name', $artefact->artefacttype));
if (method_exists($blocktypeclass, 'artefactchooser_get_element_data')) {
$artefact = call_static_method($blocktypeclass, 'artefactchooser_get_element_data', $artefact);
}
// Build the radio button or checkbox for the artefact
$formcontrols = '';
if ($selectone) {
$formcontrols .= '<input type="radio" class="radio" id="' . hsc($elementname . '_' . $artefact->id) . '" name="' . hsc($elementname) . '" value="' . hsc($artefact->id) . '"';
if ($value == $artefact->id) {
$formcontrols .= ' checked="checked"';
}
$formcontrols .= '>';
} else {
$formcontrols .= '<input type="checkbox" id="' . hsc($elementname . '_' . $artefact->id) . '" name="' . hsc($elementname) . '[' . hsc($artefact->id) . ']"';
if ($value && in_array($artefact->id, $value)) {
$formcontrols .= ' checked="checked"';
}
$formcontrols .= ' class="artefactid-checkbox checkbox">';
$formcontrols .= '<input type="hidden" name="' . hsc($elementname) . '_onpage[]" value="' . hsc($artefact->id) . '" class="artefactid-onpage">';
}
$smarty = smarty_core();
$smarty->assign('artefact', $artefact);
$smarty->assign('elementname', $elementname);
$smarty->assign('formcontrols', $formcontrols);
$result .= $smarty->fetch($template) . "\n";
if ($returnfields) {
$returnartefacts[$artefact->id] = array();
foreach ($returnfields as $f) {
if ($f == 'safedescription') {
$returnartefacts[$artefact->id]['safedescription'] = clean_html($artefact->description);
continue;
}
if ($f == 'attachments') {
// Check if the artefact has attachments - we need to update the instance config form
// to have those attachments selected.
$attachment_ids = get_column('artefact_attachment', 'attachment', 'artefact', $artefact->id);
$returnartefacts[$artefact->id]['attachments'] = $attachment_ids;
continue;
}
$returnartefacts[$artefact->id][$f] = $artefact->{$f};
}
}
}
if ($returnfields && !empty($data['getblocks'])) {
// Get ids of the blocks containing these artefacts
$blocks = get_records_select_array('view_artefact', 'artefact IN (' . join(',', array_fill(0, count($artefacts), '?')) . ')', array_keys($artefacts));
if (!empty($blocks)) {
// For each artefact, attach a list of block ids of all the blocks
// that contain it.
foreach ($blocks as $block) {
if (empty($returnartefacts[$block->artefact]['blocks'])) {
$returnartefacts[$block->artefact]['blocks'] = array();
}
$returnartefacts[$block->artefact]['blocks'][] = $block->block;
}
}
}
}
$pagination = build_pagination(array('id' => $elementname . '_pagination', 'class' => 'ac-pagination', 'url' => View::make_base_url() . (param_boolean('s') ? '&s=1' : ''), 'count' => $totalartefacts, 'limit' => $data['limit'], 'offset' => $data['offset'], 'datatable' => $elementname . '_data', 'jsonscript' => 'view/artefactchooser.json.php', 'firsttext' => '', 'previoustext' => '', 'nexttext' => '', 'lasttext' => '', 'numbersincludefirstlast' => false, 'extradata' => array('value' => $value, 'blocktype' => $data['blocktype'], 'group' => $group, 'institution' => $institution)));
return array($result, $pagination, $totalartefacts, $data['offset'], $returnartefacts);
}
function export($_POST)
{
$OUT = printOrd($_POST, true);
$OUT = clean_html($OUT);
require_lib("xls");
Stream("Orders Received", $OUT);
}
function excel()
{
$OUTPUT = clean_html(printAgeInv($_POST, FALSE));
require_lib("xls");
StreamXLS("Debtors Age Analysis", $OUTPUT);
}