//do some search and replace to allow use of js functions in returned code
$itemFields = str_replace('"scope":"this"', '"scope":this', $itemFields);
function replaceCallBack($parts)
{
return 'function(' . str_replace(array('\\"', '\\/'), array('"', '/'), $parts[1]) . '}';
}
$itemFields = preg_replace_callback('#"function\\((.*)}"#U', 'replaceCallBack', $itemFields);
//Append pub dates if object is a primary resource
$saveAndValidate = '';
$saveIconCls = $saveTooltip = '';
if ($object->isPrimaryResource()) {
if (!$item->getID()) {
$dt = new CMS_date();
$dt->setDebug(false);
$dt->setNow();
$pubStart = $dt->getLocalizedDate($cms_language->getDateFormat());
} else {
$pubStart = $item->getPublicationDateStart(false)->getLocalizedDate($cms_language->getDateFormat());
}
$pubEnd = $item->getPublicationDateEnd(false)->getLocalizedDate($cms_language->getDateFormat());
$dateMask = $cms_language->getDateFormatMask();
$itemFields .= "{\n\t\ttitle:\t\t\t'{$cms_language->getJSMessage(MESSAGE_PAGE_SUBTITLE_WEBSITE_PUBS, false, MOD_POLYMOD_CODENAME)}',\n\t\txtype:\t\t\t'fieldset',\n\t\tautoHeight:\t\ttrue,\n\t\tdefaultType:\t'datefield',\n\t\tlabelWidth:\t\t140,\n\t\tdefaults:\t\t{\n\t\t\twidth:\t\t\t100,\n\t\t\tanchor:\t\t\t'',\n\t\t\tformat:\t\t\t'{$cms_language->getDateFormat()}'\n\t\t},\n\t\titems:\t\t\t[{\n\t\t\tfieldLabel:\t'<span ext:qtip=\"{$cms_language->getJSMessage(MESSAGE_PAGE_FIELD_DATE_COMMENT, array($dateMask))}\" class=\"atm-help\"><span class=\"atm-red\">*</span> {$cms_language->getJSMessage(MESSAGE_PAGE_FIELD_PUBDATE_BEG)}</span>',\n\t\t\tname:\t\t'pubStart',\n\t\t\tallowBlank:\tfalse,\n\t\t\tvalue:\t\t'{$pubStart}'\n\t\t},{\n\t\t\tfieldLabel:\t'<span ext:qtip=\"{$cms_language->getJSMessage(MESSAGE_PAGE_FIELD_DATE_COMMENT, array($dateMask))}\" class=\"atm-help\">{$cms_language->getJSMessage(MESSAGE_PAGE_FIELD_PUBDATE_END)}</span>',\n\t\t\tname:\t\t'pubEnd',\n\t\t\tallowBlank:\ttrue,\n\t\t\tvalue:\t\t'{$pubEnd}'\n\t\t}]\n\t},";
if ($cms_user->hasValidationClearance($codename)) {
$saveAndValidate = ",{\n\t\t\tid:\t\t\t\t'{$winId}-save-validate',\n\t\t\txtype:\t\t\t'button',\n\t\t\ttext:\t\t\t'{$cms_language->getJSMessage(MESSAGE_PAGE_PUBLISH)}',\n\t\t\ttooltip:\t\t'{$cms_language->getJSMessage(MESSAGE_PAGE_SAVE_AND_VALID_DESC, false, MOD_POLYMOD_CODENAME)}',\n\t\t\ticonCls:\t\t'atm-pic-validate',\n\t\t\tname:\t\t\t'submitAndValidAdmin',\n\t\t\thandler:\t\tsubmitItem.createDelegate(this, ['save-validate']),\n\t\t\tscope:\t\t\tthis\n\t\t}";
$saveIconCls = 'atm-pic-draft-validation';
$saveTooltip = $cms_language->getJSMessage(MESSAGE_PAGE_SAVE_PRIMARY_DESC, false, MOD_POLYMOD_CODENAME);
}
$saveLabel = $cms_language->getJSMessage(MESSAGE_PAGE_SUBMIT_TO_VALID);
} else {
$saveLabel = $cms_language->getJSMessage(MESSAGE_PAGE_PUBLISH);
$saveIconCls = 'atm-pic-validate';
/**
* Return the needed form field tag for current object field
*
* @param array $values : parameters values array(parameterName => parameterValue) in :
* id : the form field id to set
* @param multidimentionnal array $tags : xml2Array content of atm-function tag
* @return string : the form field HTML tag
* @access public
*/
function getInput($fieldID, $language, $inputParams)
{
//hidden field : use parent method
if (isset($inputParams['hidden']) && ($inputParams['hidden'] == 'true' || $inputParams['hidden'] == 1)) {
return parent::getInput($fieldID, $language, $inputParams);
}
if (isset($inputParams['prefix'])) {
$prefixName = $inputParams['prefix'];
unset($inputParams['prefix']);
} else {
$prefixName = '';
}
$params = $this->getParamsValues();
//serialize all htmlparameters
$htmlParameters = $this->serializeHTMLParameters($inputParams);
$html = '';
//instanciate sending date object
$sendingDate = new CMS_date();
$sendingDate->setFromDBValue($this->_subfieldValues[1]->getValue());
//append field id to html field parameters (if not already exists)
$htmlParameters .= !isset($inputParams['id']) ? ' id="' . $prefixName . $this->_field->getID() . '_0"' : '';
if ($params['chooseSendEmail']) {
$checked = $this->_subfieldValues[0]->getValue() == '1' ? 'checked="checked"' : '';
$html .= '
<input' . $htmlParameters . ' type="checkbox" ' . $checked . ' name="' . $prefixName . $this->_field->getID() . '_0" value="1" />
<input type="hidden" name="' . $prefixName . $this->_field->getID() . '_1" value="' . $sendingDate->getLocalizedDate($language->getDateFormat()) . '" />
<input type="hidden" name="' . $prefixName . $this->_field->getID() . '_2" value="0" />';
} else {
$html .= '
<input type="hidden" name="' . $prefixName . $this->_field->getID() . '_0" value="1" />
<input type="hidden" name="' . $prefixName . $this->_field->getID() . '_1" value="' . $sendingDate->getLocalizedDate($language->getDateFormat()) . '" />
<input type="hidden" name="' . $prefixName . $this->_field->getID() . '_2" value="0" />';
}
//append html hidden field which store field name
if ($html) {
$html .= '<input type="hidden" name="polymodFields[' . $this->_field->getID() . ']" value="' . $this->_field->getID() . '" />';
}
if (POLYMOD_DEBUG) {
$html .= '<span class="admin_text_alert"> (Field : ' . $fieldID . ' - Value : ' . $this->_subfieldValues[0]->getValue() . ' - ' . $this->_subfieldValues[1]->getValue() . ')</span>';
}
return $html;
}
}
break;
case 'searchType':
//nothing, this is not a search parameter
break;
case 'publication date after':
case 'publication date before':
// Dates
//create object CMS_date
$date = new CMS_date();
if (isset($data["value"]['search'][$searchName][$paramType])) {
$date->setFromDBValue($data["value"]['search'][$searchName][$paramType]);
}
$label = $paramType == 'publication date after' ? MESSAGE_PAGE_FIELD_PUBLISHED_FROM : MESSAGE_PAGE_FIELD_PUBLISHED_TO;
//$date_mask = $cms_language->getDateFormatMask();
$value = $date->getLocalizedDate($cms_language->getDateFormat()) ? $date->getLocalizedDate($cms_language->getDateFormat()) : '';
$mandatory = $paramValue == true ? '<span class="atm-red">*</span> ' : '';
$searchParamContent[] = array('fieldLabel' => $mandatory . $cms_language->getMessage($label, false, MOD_POLYMOD_CODENAME), 'name' => 'value[search][' . $searchName . '][' . $paramType . ']', 'width' => 100, 'format' => $cms_language->getDateFormat(), 'anchor' => false, 'xtype' => 'datefield', 'allowBlank' => !$mandatory, 'value' => $value);
break;
default:
$paramType = trim($paramType, '()');
//remove bracket around field id
if (sensitiveIO::isPositiveInteger($paramType)) {
//subobjects
$field = $objectFields[$paramType];
if (is_object($field)) {
//check if field has a method to provide a list of names
$objectType = $field->getTypeObject();
if (method_exists($objectType, 'getListOfNamesForObject')) {
//check if we can associate unused objects
$params = $objectType->getParamsValues();
define("MESSAGE_PAGE_NO_SCRIPTS_IN_PROGRESS", 739);
define("MESSAGE_PAGE_NO_SCRIPTS_QUEUED", 740);
//Controler vars
$details = sensitiveIO::request('details') == 'true' ? true : false;
$queue = sensitiveIO::request('queue') == 'true' ? true : false;
$xmlcontent = $detailsContent = $queueContent = '';
if ($details) {
$runningScripts = processManager::getRunningScript();
if (is_array($runningScripts) && sizeof($runningScripts)) {
$detailsContent = '<ul class="atm-server">';
foreach ($runningScripts as $runningScript) {
$date = new CMS_date();
$date->setFromDBValue($runningScript["Date"]);
switch ($runningScript["PIDFile"]) {
case '0':
$detailsContent .= '<li class="atm-pic-question" ext:qtip="' . $cms_language->getMessage(MESSAGE_PAGE_SCRIPTS_IN_PROGRESS) . '">' . $runningScript["Title"] . ' (' . $date->getLocalizedDate($cms_language->getDateFormat() . " H:i:s") . ')</li>';
break;
case '1':
$detailsContent .= '<li class="atm-pic-ok" ext:qtip="' . $cms_language->getMessage(MESSAGE_PAGE_SCRIPTS_IN_PROGRESS_PID_OK) . '">' . $runningScript["Title"] . ' (' . $date->getLocalizedDate($cms_language->getDateFormat() . " H:i:s") . ')</li>';
break;
case '2':
$detailsContent .= '<li class="atm-pic-cancel" ext:qtip="' . $cms_language->getMessage(MESSAGE_PAGE_NO_SCRIPTS_PID_OK) . '">' . $runningScript["Title"] . ' (' . $date->getLocalizedDate($cms_language->getDateFormat() . " H:i:s") . ')</li>';
break;
case '3':
$detailsContent .= '<li class="atm-pic-cancel" ext:qtip="' . $cms_language->getMessage(MESSAGE_PAGE_SCRIPTS_END_PID_OK) . '">' . $runningScript["Title"] . ' (' . $date->getLocalizedDate($cms_language->getDateFormat() . " H:i:s") . ')</li>';
break;
}
}
$detailsContent .= '</ul>';
} else {
$detailsContent = $cms_language->getJsMessage(MESSAGE_PAGE_NO_SCRIPTS_IN_PROGRESS);
<th class="admin">' . $cms_language->getMessage(MESSAGE_PAGE_FIELD_LASTCREATION) . '</th>
<th class="admin" colspan="2">' . $cms_language->getMessage(MESSAGE_PAGE_ACTIONS) . '</th>
</tr>
';
$count = 0;
foreach ($archives as $archive) {
$count++;
$td_class = $count % 2 == 0 ? "admin_lightgreybg" : "admin_darkgreybg";
$last_creation = new CMS_date();
$last_creation->setFromDBValue($archive["lastFileCreation"]);
$href = PATH_ADMIN_SPECIAL_TREE_WR;
$content .= '
<tr>
<td class="' . $td_class . '">' . $archive["id"] . '</td>
<td class="' . $td_class . '">' . htmlspecialchars($archive["title"]) . '</td>
<td class="' . $td_class . '">' . $last_creation->getLocalizedDate($cms_language->getDateFormat()) . '</td>
<form action="' . $_SERVER["SCRIPT_NAME"] . '" method="get" onSubmit="return confirm(\'' . addslashes($cms_language->getMessage(MESSAGE_PAGE_ACTION_DELETECONFIRM, array(htmlspecialchars($archive["title"])))) . '\')">
<input type="hidden" name="cms_action" value="delete" />
<input type="hidden" name="action_page" value="' . $archive["id"] . '" />
<td class="' . $td_class . '">
<input type="submit" class="admin_input_' . $td_class . '" value="' . $cms_language->getMessage(MESSAGE_PAGE_ACTION_DELETE) . '" />
</td>
</form>
<form action="' . $href . '" method="get">
<td class="' . $td_class . '">
<input type="hidden" name="root" value="' . APPLICATION_ROOT_PAGE_ID . '" />
<input type="hidden" name="backLink" value="' . $_SERVER["SCRIPT_NAME"] . '" />
<input type="hidden" name="title" value="' . $cms_language->getMessage(MESSAGE_PAGE_TREE_TEXT) . '" />
<input type="hidden" name="heading" value="' . $cms_language->getMessage(MESSAGE_PAGE_TREE_ACTION) . '" />';
//<input type="hidden" name="pageLink" value="'.$_SERVER["SCRIPT_NAME"].chr(167).chr(167).'father=%s'.chr(167).'cms_action=unarchive'.chr(167).'action_page='.$archive["id"].'" />
$content .= '
/**
* Gets the publication range : from xx/xx/xxxx to xx/xx/xxxx (last is replaced by "++" if not defined)
*
* @param string $userLanguage The user language
* @return string The publication range
* @access public
*/
function getPublicationRange($userLanguage, $public = true)
{
if ($public) {
$this->_publicationDateStart->setFormat($userLanguage->getDateFormat());
$this->_publicationDateEnd->setFormat($userLanguage->getDateFormat());
$text = $this->_publicationDateStart->getLocalizedDate();
$text .= " " . $userLanguage->getMessage(MESSAGE_DATE_TO) . " ";
if ($ld = $this->_publicationDateEnd->getLocalizedDate()) {
$text .= $ld;
} else {
$text .= "++";
}
} else {
$this->_publicationDateStartEdited->setFormat($userLanguage->getDateFormat());
$this->_publicationDateEndEdited->setFormat($userLanguage->getDateFormat());
$text = $this->_publicationDateStartEdited->getLocalizedDate();
$text .= " " . $userLanguage->getMessage(MESSAGE_DATE_TO) . " ";
if ($ld = $this->_publicationDateEndEdited->getLocalizedDate()) {
$text .= $ld;
} else {
$text .= "++";
}
}
return $text;
}
/**
* Return a variable value of a given name and check it for a given dataType
*
* @param string $varType : the variable type to get between var, request, session
* @param string $name : the variable name to get
* @param string $dataType : the type of value to check
* @param mixed $varValue : the var value (optionnal to avoid global problems if vars are declared in previous PHP codes)
* @return mixed : the variable value
* @access public
* @static
*/
static function getVarContent($varType, $name, $dataType, $varValue = '')
{
if (!$name || !$dataType) {
return false;
}
switch ($varType) {
case 'request':
if ($dataType == 'string') {
$dataType = 'safestring';
//Force safestring to avoid XSS
}
$varContent = isset($_REQUEST[$name]) ? $_REQUEST[$name] : null;
break;
case 'session':
$varContent = isset($_SESSION[$name]) ? $_SESSION[$name] : null;
break;
case 'var':
global ${$name};
$varContent = isset(${$name}) && ${$name} !== null ? ${$name} : $varValue;
break;
case 'constant':
$varContent = defined($name) ? constant($name) : null;
break;
case 'server':
$varContent = isset($_SERVER[$name]) ? $_SERVER[$name] : null;
break;
default:
CMS_grandFather::raiseError('Unknown var type to get : ' . $varType);
return false;
break;
}
//pr('Vartype : '.$varType.' - Name : '.$name.' - Datatype : '.$dataType.' - Content : '.$varContent);
switch ($dataType) {
case 'int':
return (int) $varContent;
break;
case 'date':
case 'datetime':
case 'localisedDate':
if ($varContent) {
global $cms_language;
$date = new CMS_date();
$date->setDebug(false);
$date->setFormat($cms_language->getDateFormat());
$date->setLocalizedDate($varContent);
if ($date->hasError()) {
return '';
}
switch ($dataType) {
case 'date':
return $date->getDBValue(true);
break;
case 'datetime':
return $date->getDBValue(false);
break;
case 'localisedDate':
return $date->getLocalizedDate();
break;
}
} else {
return '';
}
break;
case 'string':
case 'unsafestring':
return (string) $varContent;
break;
case 'safestring':
//safestring return string without any XSS vector
return SensitiveIO::sanitizeHTMLString((string) $varContent);
break;
case 'array':
if (is_array($varContent)) {
return $varContent;
} else {
return array();
//false
}
break;
case 'bool':
case 'boolean':
if ($varContent === 'true') {
return true;
} elseif ($varContent === 'false') {
return false;
} else {
return (bool) $varContent;
}
break;
case 'email':
if (sensitiveIO::IsValidEmail($varContent)) {
return $varContent;
}
break;
default:
CMS_grandFather::raiseError('Unknown data type to get : ' . $dataType);
return '';
break;
}
return '';
}
/**
* Return options tag list (for a select tag) of all float values for this field
*
* @param array $values : parameters values array(parameterName => parameterValue) in :
* selected : the float value which is selected (optional)
* @param multidimentionnal array $tags : xml2Array content of atm-function tag (nothing for this one)
* @return string : options tag list
* @access public
*/
function selectOptions($values, $tags)
{
global $cms_language;
$return = "";
$fieldID = $this->_field->getID();
$allValues = array();
$status = $this->_public ? 'public' : 'edited';
$supportedOperator = array('>=', '<=', '>', '<', '>= or null', '<= or null', '> or null', '< or null', '>= and not null', '<= and not null', '> and not null', '< and not null');
$sqlOperator = '';
if (isset($values['operator']) && isset($values['boundary']) && $values['operator'] && $values['boundary'] && in_array(htmlspecialchars_decode($values['operator']), $supportedOperator)) {
$operator = htmlspecialchars_decode($values['operator']);
$boundary = $values['boundary'];
// canBeNull
$operators = explode('or', $operator);
$operator = trim($operators[0]);
$canBeNull = isset($operators[1]) ? ' or value is NULL' : '';
// cantBeNull
$operators = explode('and', $operator);
$operator = trim($operators[0]);
$cantBeNull = isset($operators[1]) ? ' and value is not NULL and value != \'0000-00-00\' and value != \'0000-00-00 00:00:00\'' : '';
//boundary
$date = new CMS_date();
$date->setFormat($cms_language->getDateFormat());
$date->setLocalizedDate($boundary);
$sqlOperator = " and (value " . $operator . " '" . SensitiveIO::sanitizeSQLString($date->getDBValue()) . "'" . $canBeNull . $cantBeNull . ")";
}
// Search all values for this field
$sql = "select\n distinct value\n from\n mod_subobject_date_" . $status . "\n where\n objectFieldID='" . $fieldID . "'\n " . $sqlOperator . "\n\t\t";
$q = new CMS_query($sql);
$date = new CMS_date();
while (($value = $q->getValue('value')) !== false) {
if ($value) {
$date->setFromDBValue($value);
if (isset($values['format']) && $values['format']) {
$dateValue = date($values['format'], $date->getTimeStamp());
} else {
$dateValue = $date->getLocalizedDate($cms_language->GetDateFormat());
}
$allValues[$date->getTimeStamp()] = $dateValue;
}
}
if (is_array($allValues) && $allValues) {
ksort($allValues);
foreach ($allValues as $id => $label) {
$selected = $id == $values['selected'] ? ' selected="selected"' : '';
$return .= '<option title="' . io::htmlspecialchars($label) . '" value="' . $id . '"' . $selected . '>' . $label . '</option>';
}
}
return $return;
}
