private function get_message() { $msg = $this->error_message; if ($this->input != null) { $msg .= "\n" . 'line ' . $this->tpl_line . ' offset ' . $this->offset . ' near'; $msg .= ' "...' . TextHelper::htmlentities($this->input->to_string(-100, 200)) . '..."'; } return $msg; }
protected function create_form() { $form = new HTMLForm('comments', TextHelper::htmlentities($this->comments_topic->get_url()) . '#comments-list'); $fieldset = new FormFieldsetHTML('add_comment', $this->comments_lang['comment.add']); $form->add_fieldset($fieldset); if (!$this->user->check_level(User::MEMBER_LEVEL)) { $fieldset->add_field(new FormFieldTextEditor('name', $this->common_lang['form.name'], LangLoader::get_message('visitor', 'user-common'), array('maxlength' => 25))); } $fieldset->add_field(new FormFieldRichTextEditor('message', $this->lang['message'], '', array('formatter' => $this->get_formatter(), 'rows' => 10, 'cols' => 47, 'required' => $this->lang['require_text']), array(new FormFieldConstraintMaxLinks($this->comments_configuration->get_max_links_comment(), true), new FormFieldConstraintAntiFlood(CommentsManager::get_last_comment_added($this->user->get_id()))))); $form->add_button($submit_button = new FormButtonDefaultSubmit()); $form->add_button(new FormButtonReset()); $this->set_form($form); $this->set_submit_button($submit_button); return $form; }
function get_feed_data_struct($idcat = 0, $name = '') { if (GalleryService::get_categories_manager()->get_categories_cache()->category_exists($idcat)) { $category = GalleryService::get_categories_manager()->get_categories_cache()->get_category($idcat); $config = GalleryConfig::load(); $site_name = GeneralConfig::load()->get_site_name(); $site_name = $idcat != Category::ROOT_CATEGORY ? $site_name . ' : ' . $category->get_name() : $site_name; $feed_module_name = LangLoader::get_message('module_title', 'common', 'gallery'); $data = new FeedData(); $data->set_title($feed_module_name . ' - ' . $site_name); $data->set_date(new Date()); $data->set_link(SyndicationUrlBuilder::rss('gallery', $idcat)); $data->set_host(HOST); $data->set_desc($feed_module_name . ' - ' . $site_name); $data->set_lang(LangLoader::get_message('xml_lang', 'main')); $data->set_auth_bit(Category::READ_AUTHORIZATIONS); $categories = GalleryService::get_categories_manager()->get_childrens($idcat, new SearchCategoryChildrensOptions(), true); $ids_categories = array_keys($categories); $results = PersistenceContext::get_querier()->select('SELECT * FROM ' . GallerySetup::$gallery_table . ' WHERE idcat IN :ids_categories ORDER BY timestamp DESC LIMIT :pics_number_per_page', array('ids_categories' => $ids_categories, 'pics_number_per_page' => $config->get_pics_number_per_page())); foreach ($results as $row) { $link = TextHelper::htmlentities(GalleryUrlBuilder::get_link_item($row['idcat'], $row['id'])); $item = new FeedItem(); $item->set_title($row['name']); $item->set_link($link); $item->set_guid($link); $item->set_date(new Date($row['timestamp'], Timezone::SERVER_TIMEZONE)); $item->set_image_url(Url::to_rel('/gallery/pics/' . $row['path'])); $item->set_auth(GalleryService::get_categories_manager()->get_heritated_authorizations($row['idcat'], Category::READ_AUTHORIZATIONS, Authorizations::AUTH_PARENT_PRIORITY)); $data->add_item($item); } $results->dispose(); return $data; } }
public function execute(HTTPRequestCustom $request) { if ($this->check_authorizations()) { $pseudo = TextHelper::strprotect(utf8_decode($request->get_string('pseudo', ''))); $contents = TextHelper::htmlentities($request->get_string('contents', ''), ENT_COMPAT, 'UTF-8'); $contents = TextHelper::htmlspecialchars_decode(TextHelper::html_entity_decode($contents, ENT_COMPAT, 'windows-1252')); if ($pseudo && $contents) { //Mod anti-flood, autorisé aux membres qui bénificie de l'autorisation de flooder. $check_time = AppContext::get_current_user()->get_id() !== -1 && ContentManagementConfig::load()->is_anti_flood_enabled() ? PersistenceContext::get_querier()->get_column_value(PREFIX . "shoutbox", 'MAX(timestamp)', 'WHERE user_id = :id', array('id' => AppContext::get_current_user()->get_id())) : ''; if (!empty($check_time) && !AppContext::get_current_user()->check_max_value(AUTH_FLOOD)) { if ($check_time >= time() - ContentManagementConfig::load()->get_anti_flood_duration()) { $code = -1; } } //Vérifie que le message ne contient pas du flood de lien. $config_shoutbox = ShoutboxConfig::load(); $contents = FormatingHelper::strparse($contents, $config_shoutbox->get_forbidden_formatting_tags()); if (!TextHelper::check_nbr_links($contents, $config_shoutbox->get_max_links_number_per_message(), true)) { //Nombre de liens max dans le message. $code = -2; } $shoutbox_message = new ShoutboxMessage(); $shoutbox_message->init_default_properties(); $shoutbox_message->set_login($pseudo); $shoutbox_message->set_user_id(AppContext::get_current_user()->get_id()); $shoutbox_message->set_contents($contents); $shoutbox_message->set_creation_date(new Date()); $code = ShoutboxService::add($shoutbox_message); } else { $code = -3; } } else { $code = -4; } return new JSONResponse(array('code' => $code)); }
private function clean_html($contents) { $contents = TextHelper::htmlentities($contents, ENT_NOQUOTES); $contents = str_replace(array('&', '<', '>'), array('&', '<', '>'), $contents); return $contents; }
$selected = explode('/', $input_date); $selected_day = NumberHelper::numeric($selected[0]); $selected_month = NumberHelper::numeric($selected[1]); $selected_year = NumberHelper::numeric($selected[2]); if (!checkdate($month, $day, $year)) { list($year, $month, $day) = array(date('Y'), date('n'), date('j')); } $bissextile = date("L", mktime(0, 0, 0, 1, 1, $year)) == 1 ? 29 : 28; $array_month = array(31, $bissextile, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31); $array_l_month = array($date_lang['january'], $date_lang['february'], $date_lang['march'], $date_lang['april'], $date_lang['may'], $date_lang['june'], $date_lang['july'], $date_lang['august'], $date_lang['september'], $date_lang['october'], $date_lang['november'], $date_lang['december']); $month_day = $array_month[$month - 1]; $tpl->put_all(array('FIELD' => $field, 'INPUT_FIELD' => $input_field, 'CALENDAR_NUMBER' => $calendar_number, 'MONTH' => $month, 'YEAR' => $year, 'PREVIOUS_YEAR' => $month == 1 ? $year - 1 : $year, 'PREVIOUS_MONTH' => $month == 1 ? 12 : $month - 1, 'NEXT_YEAR' => $month == 12 ? $year + 1 : $year, 'NEXT_MONTH' => $month == 12 ? 1 : $month + 1)); //Génération des select. for ($i = 1; $i <= 12; $i++) { $selected = $month == $i ? 'selected="selected"' : ''; $tpl->assign_block_vars('month', array('MONTH' => '<option value="' . $i . '" ' . $selected . '>' . TextHelper::htmlentities($array_l_month[$i - 1]) . '</option>')); } for ($i = 1900; $i <= 2037; $i++) { $selected = $year == $i ? 'selected="selected"' : ''; $tpl->assign_block_vars('year', array('YEAR' => '<option value="' . $i . '" ' . $selected . '>' . $i . '</option>')); } //Premier jour du mois. $first_day = date('w', @mktime(1, 0, 0, $month, 1, $year)); if ($first_day == 0) { $first_day = 7; } //Génération du calendrier. $month = $month < 10 && substr($month, 0, 1) != 0 ? '0' . $month : $month; $j = 1; $last_day = $month_day + $first_day; for ($i = 1; $i <= 42; $i++) {
width:150px; } td.options-set { /*width:100%;*/ } td.run-options-set { width:125px; } input.run-button { width:125px; } </style> </head> <body> <?php $params = TextHelper::htmlentities(!empty($_REQUEST['params']) ? $_REQUEST['params'] : ''); ?> <form name="phpunit_launcher"> <table class="run-options"> <tr> <td class="options-set-name"><span>command line</span></td> <td class="options-set"> <input type="text" name="params" id="params" value="<?php echo $params; ?> " style="width: 75%;"> <span>html output:</span> <input type="checkbox" name="is_html" id="is_html"> </td> <td class="run-options-set"> <input type="button" name="run" value="run command" class="run-button"
* * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * ###################################################*/ define('PATH_TO_ROOT', '../../..'); include_once PATH_TO_ROOT . '/kernel/begin.php'; AppContext::get_session()->no_session_location(); //Permet de ne pas mettre jour la page dans la session. include_once PATH_TO_ROOT . '/kernel/header_no_display.php'; $page_path_to_root = retrieve(REQUEST, 'path_to_root', ''); $page_path = retrieve(REQUEST, 'page_path', ''); //Quel éditeur utiliser ? Si ce n'est pas précisé on prend celui par défaut de l'utilisateur $editor = retrieve(REQUEST, 'editor', ContentFormattingConfig::load()->get_default_editor()); $contents = TextHelper::htmlentities(retrieve(POST, 'contents', ''), ENT_COMPAT, 'UTF-8'); $contents = TextHelper::htmlspecialchars_decode(stripslashes(TextHelper::html_entity_decode($contents))); $ftags = retrieve(POST, 'ftags', TSTRING_UNCHANGE); $forbidden_tags = explode(',', $ftags); $formatting_factory = AppContext::get_content_formatting_service()->create_factory($editor); //On prend le bon parseur avec la bonne configuration $parser = $formatting_factory->get_parser(); $parser->set_content($contents); $parser->set_path_to_root($page_path_to_root); $parser->set_page_path($page_path); if (!empty($forbidden_tags)) { $parser->set_forbidden_tags($forbidden_tags); } $parser->parse(); //On parse la deuxième couche (code, math etc) pour afficher $second_parser = $formatting_factory->get_second_parser();
break; //Sons //Sons case 'mp3': $bbcode = '[sound]/upload/' . $row['path'] . '[/sound]'; $tinymce = '<a href="' . PATH_TO_ROOT . '/upload/' . $row['path'] . '">' . $row['name'] . '</a>'; $link = '/upload/' . $row['path']; break; default: $bbcode = '[url=/upload/' . $row['path'] . ']' . $row['name'] . '[/url]'; $tinymce = '<a href="' . PATH_TO_ROOT . '/upload/' . $row['path'] . '">' . $row['name'] . '</a>'; $link = '/upload/' . $row['path']; } $is_bbcode_editor = $editor == 'BBCode'; $displayed_code = $is_bbcode_editor ? $bbcode : '/upload/' . $row['path']; $inserted_code = !empty($parse) ? !empty($no_path) ? $link : PATH_TO_ROOT . $link : ($is_bbcode_editor ? addslashes($bbcode) : TextHelper::htmlentities($tinymce)); $tpl->assign_block_vars('files', array('C_RECENT_FILE' => $row['timestamp'] > $now->get_timestamp() - 15 * 60, 'ID' => $row['id'], 'IMG' => $get_img_mimetype['img'], 'URL' => PATH_TO_ROOT . $link, 'TITLE' => str_replace('"', '\\"', $row['name']), 'NAME' => $name_cut, 'RENAME_FILE' => '<span id="fihref' . $row['id'] . '"><a href="javascript:display_rename_file(\'' . $row['id'] . '\', \'' . addslashes($row['name']) . '\', \'' . addslashes($name_cut) . '\');" title="' . LangLoader::get_message('edit', 'common') . '" class="fa fa-edit"></a></span>', 'FILETYPE' => $get_img_mimetype['filetype'] . $size_img, 'BBCODE' => '<input type="text" readonly="readonly" onclick="select_div(\'text_' . $row['id'] . '\');" id="text_' . $row['id'] . '" class="upload-input-bbcode" value="' . $displayed_code . '">', 'SIZE' => $row['size'] > 1024 ? NumberHelper::round($row['size'] / 1024, 2) . ' ' . LangLoader::get_message('unit.megabytes', 'common') : NumberHelper::round($row['size'], 0) . ' ' . LangLoader::get_message('unit.kilobytes', 'common'), 'INSERT' => !empty($popup) ? '<a href="javascript:insert_popup(\'' . $inserted_code . '\')" title="' . $LANG['popup_insert'] . '" class="fa fa-clipboard"></a>' : '', 'LIGHTBOX' => !empty($size_img) ? ' data-lightbox="1"' : '', 'U_MOVE' => url('.php?movefi=' . $row['id'] . '&f=' . $folder . $popup))); $total_folder_size += $row['size']; $total_files++; } $result->dispose(); //Autorisation d'uploader sans limite aux groupes. $group_limit = AppContext::get_current_user()->check_max_value(DATA_GROUP_LIMIT, $files_upload_config->get_maximum_size_upload()); $unlimited_data = $group_limit === -1 || AppContext::get_current_user()->check_level(User::ADMIN_LEVEL); $total_size = !empty($folder) ? Uploads::Member_memory_used(AppContext::get_current_user()->get_id()) : PersistenceContext::get_querier()->get_column_value(DB_TABLE_UPLOAD, 'SUM(size)', 'WHERE user_id = :id', array('id' => AppContext::get_current_user()->get_id())); $tpl->put_all(array('PERCENT' => !$unlimited_data ? '(' . NumberHelper::round($total_size / $group_limit, 3) * 100 . '%)' : '', 'SIZE_LIMIT' => !$unlimited_data ? $group_limit > 1024 ? NumberHelper::round($group_limit / 1024, 2) . ' ' . LangLoader::get_message('unit.megabytes', 'common') : NumberHelper::round($group_limit, 0) . ' ' . LangLoader::get_message('unit.kilobytes', 'common') : $LANG['illimited'], 'TOTAL_SIZE' => $total_size > 1024 ? NumberHelper::round($total_size / 1024, 2) . ' ' . LangLoader::get_message('unit.megabytes', 'common') : NumberHelper::round($total_size, 0) . ' ' . LangLoader::get_message('unit.kilobytes', 'common'), 'TOTAL_FOLDER_SIZE' => $total_folder_size > 1024 ? NumberHelper::round($total_folder_size / 1024, 2) . ' ' . LangLoader::get_message('unit.megabytes', 'common') : NumberHelper::round($total_folder_size, 0) . ' ' . LangLoader::get_message('unit.kilobytes', 'common'), 'TOTAL_FOLDERS' => $total_directories, 'TOTAL_FILES' => $total_files)); if ($total_directories == 0 && $total_files == 0) { $tpl->put_all(array('C_EMPTY_FOLDER' => true, 'L_EMPTY_FOLDER' => LangLoader::get_message('no_item_now', 'common'))); } $tpl->display(); }
if ($i >= $pos_pics - $start_thumbnails && $i <= $pos_pics + $end_thumbnails) { $tpl->assign_block_vars('pics.pics_max.list_preview_pics', array('PICS' => $pics)); } $i++; } } } else { $j = 0; $result = PersistenceContext::get_querier()->select("SELECT g.id, g.idcat, g.name, g.path, g.timestamp, g.aprob, g.width, g.height, m.display_name, m.user_id, m.level, m.groups\n\t\t\tFROM " . GallerySetup::$gallery_table . " g\n\t\t\tLEFT JOIN " . DB_TABLE_MEMBER . " m ON m.user_id = g.user_id\n\t\t\tWHERE g.idcat = :idcat\n\t\t\tORDER BY g.timestamp\n\t\t\tLIMIT :number_items_per_page OFFSET :display_from", array('idcat' => $id_category, 'number_items_per_page' => $pagination->get_number_items_per_page(), 'display_from' => $pagination->get_display_from())); while ($row = $result->fetch()) { //Si la miniature n'existe pas (cache vidé) on regénère la miniature à partir de l'image en taille réelle. if (!file_exists('pics/thumbnails/' . $row['path'])) { $Gallery->Resize_pics('pics/' . $row['path']); } //Redimensionnement + création miniature $name_cut = strlen(TextHelper::html_entity_decode($row['name'])) > 22 ? TextHelper::htmlentities(substr(TextHelper::html_entity_decode($row['name']), 0, 22)) . '...' : $row['name']; //On reccourci le nom s'il est trop long pour éviter de déformer l'administration. $name = TextHelper::html_entity_decode($row['name']); $name = strlen($name) > 20 ? substr($name, 0, 20) . '...' : $name; //On genère le tableau pour x colonnes $tr_start = is_int($j / $nbr_column_pics) ? '<tr>' : ''; $j++; $tr_end = is_int($j / $nbr_column_pics) ? '</tr>' : ''; //Affichage de l'image en grand. if ($config->get_pics_enlargement_mode() == GalleryConfig::FULL_SCREEN) { //Ouverture en popup plein écran. $display_link = HOST . DIR . '/gallery/show_pics' . url('.php?id=' . $row['id'] . '&cat=' . $row['idcat']); } elseif ($config->get_pics_enlargement_mode() == GalleryConfig::POPUP) { //Ouverture en popup simple. $display_link = 'javascript:display_pics_popup(\'' . HOST . DIR . '/gallery/show_pics' . url('.php?id=' . $row['id'] . '&cat=' . $row['idcat']) . '\', \'' . $row['width'] . '\', \'' . $row['height'] . '\')'; } elseif ($config->get_pics_enlargement_mode() == GalleryConfig::RESIZE) {
/** * @desc Handler which clears the HTML code which is in the code and HTML tags * @param string $var variable to clear * @return the clean content */ private static function clear_html_and_code_tag($var) { $var = str_replace("\n", '<br />', $var); return TextHelper::htmlentities($var, ENT_NOQUOTES); }
public static function Rename_file($id_file, $name, $previous_name, $user_id, $admin = false) { $info_cat = array('idcat' => '', 'user_id' => ''); try { $info_cat = self::$db_querier->select_single_row(PREFIX . "upload", array("idcat", "user_id"), 'WHERE id=:id', array('id' => $id_file)); } catch (RowNotFoundException $e) { } //Vérification de l'unicité du nom du fichier. $check_file = self::$db_querier->count(DB_TABLE_UPLOAD, 'WHERE idcat = :idcat AND name = :name AND id <> :id AND user_id = :user_id', array('idcat' => $info_cat['idcat'], 'name' => $name, 'id' => $id_file, 'user_id' => $user_id)); if ($check_file > 0 || preg_match('`/|\\\\|"|<|>|\\||\\?`', stripslashes($name))) { return '/'; } if ($admin) { self::$db_querier->update(DB_TABLE_UPLOAD, array('name' => $name), 'WHERE id = :id', array('id' => $id_file)); return stripslashes(strlen(TextHelper::html_entity_decode($name)) > 22 ? TextHelper::htmlentities(substr(TextHelper::html_entity_decode($name), 0, 22)) . '...' : $name); } else { if ($user_id == $info_cat['user_id']) { self::$db_querier->update(DB_TABLE_UPLOAD, array('name' => $name), 'WHERE id = :id', array('id' => $id_file)); return stripslashes(strlen(TextHelper::html_entity_decode($name)) > 22 ? TextHelper::htmlentities(substr(TextHelper::html_entity_decode($name), 0, 22)) . '...' : $name); } } return stripslashes(strlen(TextHelper::html_entity_decode($previous_name)) > 22 ? TextHelper::htmlentities(substr(TextHelper::html_entity_decode($previous_name), 0, 22)) . '...' : $previous_name); }
public function Rename_pics($id_pics, $name, $previous_name) { PersistenceContext::get_querier()->update(GallerySetup::$gallery_table, array('name' => $name), 'WHERE id = :id', array('id' => $id_pics)); return stripslashes(strlen(TextHelper::html_entity_decode($name)) > 22 ? TextHelper::htmlentities(substr(TextHelper::html_entity_decode($name), 0, 22)) . PATH_TO_ROOT . '.' : $name); }