function getContent()
{
$frsrf = new FRSReleaseFactory();
$html_my_monitored_fp = '';
$sql = "SELECT groups.group_name,groups.group_id " . "FROM groups,filemodule_monitor,frs_package " . "WHERE groups.group_id=frs_package.group_id " . "AND frs_package.status_id !=" . $frsrf->STATUS_DELETED . " " . "AND frs_package.package_id=filemodule_monitor.filemodule_id " . "AND filemodule_monitor.user_id='" . user_getid() . "' ";
$um =& UserManager::instance();
$current_user =& $um->getCurrentUser();
if ($current_user->isRestricted()) {
$projects = $current_user->getProjects();
$sql .= "AND groups.group_id IN (" . implode(',', $projects) . ") ";
}
$sql .= "GROUP BY group_id ORDER BY group_id ASC LIMIT 100";
$result = db_query($sql);
$rows = db_numrows($result);
if (!$result || $rows < 1) {
$html_my_monitored_fp .= $GLOBALS['Language']->getText('my_index', 'my_files_msg');
} else {
$html_my_monitored_fp .= '<table style="width:100%">';
$request =& HTTPRequest::instance();
for ($j = 0; $j < $rows; $j++) {
$group_id = db_result($result, $j, 'group_id');
$sql2 = "SELECT frs_package.name,filemodule_monitor.filemodule_id " . "FROM groups,filemodule_monitor,frs_package " . "WHERE groups.group_id=frs_package.group_id " . "AND groups.group_id={$group_id} " . "AND frs_package.status_id !=" . $frsrf->STATUS_DELETED . " " . "AND frs_package.package_id=filemodule_monitor.filemodule_id " . "AND filemodule_monitor.user_id='" . user_getid() . "' LIMIT 100";
$result2 = db_query($sql2);
$rows2 = db_numrows($result2);
$vItemId = new Valid_UInt('hide_item_id');
$vItemId->required();
if ($request->valid($vItemId)) {
$hide_item_id = $request->get('hide_item_id');
} else {
$hide_item_id = null;
}
$vFrs = new Valid_WhiteList('hide_frs', array(0, 1));
$vFrs->required();
if ($request->valid($vFrs)) {
$hide_frs = $request->get('hide_frs');
} else {
$hide_frs = null;
}
list($hide_now, $count_diff, $hide_url) = my_hide_url('frs', $group_id, $hide_item_id, $rows2, $hide_frs);
$html_hdr = ($j ? '<tr class="boxitem"><td colspan="2">' : '') . $hide_url . '<A HREF="/project/?group_id=' . $group_id . '">' . db_result($result, $j, 'group_name') . '</A> ';
$html = '';
$count_new = max(0, $count_diff);
for ($i = 0; $i < $rows2; $i++) {
if (!$hide_now) {
$html .= '
<TR class="' . util_get_alt_row_color($i) . '">' . '<TD WIDTH="99%"> - <A HREF="/file/showfiles.php?group_id=' . $group_id . '">' . db_result($result2, $i, 'name') . '</A></TD>' . '<TD><A HREF="/file/filemodule_monitor.php?filemodule_id=' . db_result($result2, $i, 'filemodule_id') . '&group_id=' . $group_id . '" onClick="return confirm(\'' . $GLOBALS['Language']->getText('my_index', 'stop_file') . '\')">' . '<IMG SRC="' . util_get_image_theme("ic/trash.png") . '" HEIGHT="16" WIDTH="16" ' . 'BORDER=0" ALT="' . $GLOBALS['Language']->getText('my_index', 'stop_monitor') . '"></A></TD></TR>';
}
}
$html_hdr .= my_item_count($rows2, $count_new) . '</td></tr>';
$html_my_monitored_fp .= $html_hdr . $html;
}
$html_my_monitored_fp .= '</table>';
}
return $html_my_monitored_fp;
}
function getContent()
{
$html_my_monitored_forums = '';
$sql = "SELECT groups.group_id, groups.group_name " . "FROM groups,forum_group_list,forum_monitored_forums " . "WHERE groups.group_id=forum_group_list.group_id " . "AND groups.status = 'A' " . "AND forum_group_list.is_public <> 9 " . "AND forum_group_list.group_forum_id=forum_monitored_forums.forum_id " . "AND forum_monitored_forums.user_id='" . user_getid() . "' ";
$um =& UserManager::instance();
$current_user =& $um->getCurrentUser();
if ($current_user->isRestricted()) {
$projects = $current_user->getProjects();
$sql .= "AND groups.group_id IN (" . implode(',', $projects) . ") ";
}
$sql .= "GROUP BY group_id ORDER BY group_id ASC LIMIT 100";
$result = db_query($sql);
$rows = db_numrows($result);
if (!$result || $rows < 1) {
$html_my_monitored_forums .= $GLOBALS['Language']->getText('my_index', 'my_forums_msg');
} else {
$request =& HTTPRequest::instance();
$html_my_monitored_forums .= '<table style="width:100%">';
for ($j = 0; $j < $rows; $j++) {
$group_id = db_result($result, $j, 'group_id');
$sql2 = "SELECT forum_group_list.group_forum_id,forum_group_list.forum_name " . "FROM groups,forum_group_list,forum_monitored_forums " . "WHERE groups.group_id=forum_group_list.group_id " . "AND groups.group_id={$group_id} " . "AND forum_group_list.is_public <> 9 " . "AND forum_group_list.group_forum_id=forum_monitored_forums.forum_id " . "AND forum_monitored_forums.user_id='" . user_getid() . "' LIMIT 100";
$result2 = db_query($sql2);
$rows2 = db_numrows($result2);
$vItemId = new Valid_UInt('hide_item_id');
$vItemId->required();
if ($request->valid($vItemId)) {
$hide_item_id = $request->get('hide_item_id');
} else {
$hide_item_id = null;
}
$vForum = new Valid_WhiteList('hide_forum', array(0, 1));
$vForum->required();
if ($request->valid($vForum)) {
$hide_forum = $request->get('hide_forum');
} else {
$hide_forum = null;
}
list($hide_now, $count_diff, $hide_url) = my_hide_url('forum', $group_id, $hide_item_id, $rows2, $hide_forum);
$html_hdr = ($j ? '<tr class="boxitem"><td colspan="2">' : '') . $hide_url . '<A HREF="/forum/?group_id=' . $group_id . '">' . db_result($result, $j, 'group_name') . '</A> ';
$html = '';
$count_new = max(0, $count_diff);
for ($i = 0; $i < $rows2; $i++) {
if (!$hide_now) {
$group_forum_id = db_result($result2, $i, 'group_forum_id');
$html .= '
<TR class="' . util_get_alt_row_color($i) . '"><TD WIDTH="99%">' . ' - <A HREF="/forum/forum.php?forum_id=' . $group_forum_id . '">' . stripslashes(db_result($result2, $i, 'forum_name')) . '</A></TD>' . '<TD ALIGN="center"><A HREF="/my/stop_monitor.php?forum_id=' . $group_forum_id . '" onClick="return confirm(\'' . $GLOBALS['Language']->getText('my_index', 'stop_forum') . '\')">' . '<IMG SRC="' . util_get_image_theme("ic/trash.png") . '" HEIGHT="16" WIDTH="16" ' . 'BORDER=0 ALT="' . $GLOBALS['Language']->getText('my_index', 'stop_monitor') . '"></A></TD></TR>';
}
}
$html_hdr .= my_item_count($rows2, $count_new) . '</td></tr>';
$html_my_monitored_forums .= $html_hdr . $html;
}
$html_my_monitored_forums .= '</table>';
}
return $html_my_monitored_forums;
}
private function getUGroupIdInRequest($request)
{
$vUgroupId = new Valid_UInt('ugroup_id');
$vUgroupId->required();
if ($request->valid($vUgroupId)) {
$ugroupId = $request->get('ugroup_id');
} else {
$ugroupId = null;
}
return $ugroupId;
}
function initDisplay()
{
$request =& HTTPRequest::instance();
//
// User may request a specific table id
$vVersion = new Valid_UInt('version');
$vVersion->required();
if ($request->valid($vVersion)) {
$this->version = $request->get('version');
}
$this->atf =& Docman_ApprovalTableFactoriesFactory::getFromItem($this->item, $this->version);
$this->table =& $this->atf->getTable();
}
public function update()
{
$vChildren = new Valid_UInt('children');
$vChildren->required();
if ($this->request->validArray($vChildren)) {
$this->dao->updateChildren($this->tracker->getId(), $this->request->get('children'));
} else {
if ($this->request->exist('children')) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_hierarchy', 'controller_bad_request'));
} else {
$this->dao->deleteAllChildren($this->tracker->getId());
}
}
$this->redirect(array('tracker' => $this->tracker->getId(), 'func' => 'admin-hierarchy'));
}
function getContent()
{
$folder_or_document = is_a($this->item, 'Docman_Folder') ? 'folder' : (is_a($this->item, 'Docman_File') ? 'file' : 'document');
$item_type = $this->_controller->_getItemFactory()->getItemTypeForItem($this->item);
$vVersion = new Valid_UInt('version');
$vVersion->required();
if ($this->_controller->request->valid($vVersion)) {
$version = $this->_controller->request->get('version');
$label = $this->_controller->request->get('label');
} else {
$version = false;
}
$content = '';
$content .= '<dl><dt>' . $GLOBALS['Language']->getText('plugin_docman', 'details_actions_delete') . '</dt><dd>';
$content .= '<form action="' . $this->url . '" method="POST">';
$content .= '<div class="docman_confirm_delete">';
if ($version !== false) {
$content .= $GLOBALS['Language']->getText('plugin_docman', 'details_delete_warning_version', array($this->hp->purify($this->item->getTitle(), CODENDI_PURIFIER_CONVERT_HTML), $version));
} else {
$content .= $GLOBALS['Language']->getText('plugin_docman', 'details_delete_warning_' . $folder_or_document, $this->hp->purify($this->item->getTitle(), CODENDI_PURIFIER_CONVERT_HTML));
}
if ($item_type == PLUGIN_DOCMAN_ITEM_TYPE_WIKI) {
$content .= $this->getWikiDeleteInfo();
}
$content .= '<div class="docman_confirm_delete_buttons">';
if ($this->token) {
$content .= '<input type="hidden" name="token" value="' . $this->token . '" />';
}
$content .= ' <input type="hidden" name="section" value="actions" />';
if ($version !== false) {
$content .= ' <input type="hidden" name="action" value="deleteVersion" />';
$content .= ' <input type="hidden" name="version" value="' . $version . '" />';
} else {
$content .= ' <input type="hidden" name="action" value="delete" />';
}
$content .= ' <input type="hidden" name="id" value="' . $this->item->getId() . '" />';
$content .= ' <input type="submit" tabindex="2" name="confirm" value="' . $GLOBALS['Language']->getText('plugin_docman', 'details_delete_confirm') . '" />';
$content .= ' <input type="submit" tabindex="1" name="cancel" value="' . $GLOBALS['Language']->getText('plugin_docman', 'details_delete_cancel') . '" />';
$content .= '</div>';
$content .= '</div>';
$content .= '</form>';
$content .= '</dd></dl>';
return $content;
}
function getContent()
{
$html = '';
$request = HTTPRequest::instance();
$um = UserManager::instance();
$user = $um->getCurrentUser();
$vFunc = new Valid_WhiteList('docman_func', array('show_docman'));
$vFunc->required();
if ($request->valid($vFunc)) {
$func = $request->get('docman_func');
} else {
$func = '';
}
$vDocmanId = new Valid_UInt('docman_id');
$vDocmanId->required();
if ($request->valid($vDocmanId)) {
$docman_id = $request->get('docman_id');
} else {
$docman_id = '';
}
$html .= '<form method="post" action="?">';
$html .= '<label>' . $GLOBALS['Language']->getText('plugin_docman', 'widget_my_docman_search_label') . '</label>';
$html .= '<input type="hidden" name="docman_func" value="show_docman" />';
$html .= '<input type="text" name="docman_id" value="' . $docman_id . '" id="docman_id" />';
$html .= ' ';
$html .= '<input type="submit" value="' . $GLOBALS['Language']->getText('plugin_docman', 'widget_my_docman_search_btn') . '"/>';
$html .= '</form>';
if ($func == 'show_docman' && $docman_id) {
$res = $this->returnAllowedGroupId($docman_id, $user);
if ($res) {
$dPm = Docman_PermissionsManager::instance($res['group_id']);
$itemPerm = $dPm->userCanAccess($user, $docman_id);
if ($itemPerm) {
$html .= '<p><a href="/plugins/docman/?group_id=' . $res['group_id'] . '&action=details&id=' . $docman_id . '§ion=properties">Show "' . $res['title'] . '" Properties</a></p>';
return $html;
}
}
$html .= '<p>' . $GLOBALS['Language']->getText('plugin_docman', 'perm_denied') . '</p>';
}
return $html;
}
$forum_name = $request->get('forum_name');
$is_public = $request->get('is_public');
$description = $request->get('description');
$is_monitored = $request->get('is_monitored');
$fid = forum_create_forum($group_id, $forum_name, $is_public, 1, $description);
if ($is_monitored) {
forum_add_monitor($fid, user_getid());
}
}
} else {
if ($request->existAndNonEmpty('change_status')) {
/*
Change a forum to public/private
*/
$vGrpForum = new Valid_UInt('group_forum_id');
$vGrpForum->required();
if ($request->valid($vForumName) && $request->valid($vDescription) && $request->valid($vIsPublic) && $request->valid($vGrpForum)) {
$forum_name = $request->get('forum_name');
$is_public = $request->get('is_public');
$description = $request->get('description');
$group_forum_id = $request->get('group_forum_id');
$sql = "UPDATE forum_group_list SET is_public=" . db_ei($is_public) . ",forum_name='" . db_es(htmlspecialchars($forum_name)) . "'," . "description='" . db_es(htmlspecialchars($description)) . "' " . "WHERE group_forum_id=" . db_ei($group_forum_id) . " AND group_id=" . db_ei($group_id);
$result = db_query($sql);
if (!$result || db_affected_rows($result) < 1) {
$feedback .= ' ' . $Language->getText('forum_admin_index', 'upd_err') . ' ';
} else {
$feedback .= ' ' . $Language->getText('forum_admin_index', 'upd_success') . ' ';
}
}
}
}
private function inconsistentArtifactsIdsAreValid(array $artifact_ids)
{
$validator = new Valid_UInt();
$validator->required();
$artifact_factory = Tracker_ArtifactFactory::instance();
foreach ($artifact_ids as $artifact_id) {
if (!($validator->validate($artifact_id) && $artifact_factory->getArtifactById($artifact_id))) {
return false;
}
}
return true;
}
<?php
require_once 'pre.php';
$valid = new Valid_UInt('tracker_id');
$valid->required();
if ($request->valid($valid)) {
if (user_get_preference('tracker_comment_invertorder_' . $request->get('tracker_id'))) {
user_del_preference('tracker_comment_invertorder_' . $request->get('tracker_id'));
} else {
user_set_preference('tracker_comment_invertorder_' . $request->get('tracker_id'), '1');
}
}
function updatePreferences($request)
{
$done = false;
$vContentId = new Valid_UInt('content_id');
$vContentId->required();
if (($rss = $request->get('rss')) && $request->valid($vContentId)) {
$vUrl = new Valid_String('url');
if ($request->validInArray('rss', $vUrl)) {
$url = " url = '" . db_escape_string($rss['url']) . "' ";
} else {
$url = '';
}
$vTitle = new Valid_String('title');
if ($request->validInArray('rss', $vTitle)) {
$title = " title = '" . db_escape_string($rss['title']) . "' ";
} else {
$title = '';
}
if ($url || $title) {
$sql = "UPDATE widget_rss SET " . $title . ", " . $url . " WHERE owner_id = " . $this->owner_id . " AND owner_type = '" . $this->owner_type . "' AND id = " . (int) $request->get('content_id');
$res = db_query($sql);
$done = true;
}
}
return $done;
}
/**
* Checks whether a planning tracker id is present in the parameters, and is
* a valid positive integer.
*
* @param PlanningParameters $planning_parameters The validated parameters.
*
* @return bool
*/
private function planningTrackerIdIsPresentAndIsAPositiveInteger(PlanningParameters $planning_parameters)
{
$planning_tracker_id = new Valid_UInt();
$planning_tracker_id->required();
return $planning_tracker_id->validate($planning_parameters->planning_tracker_id);
}
/**
* Perform wiki attachment removal.
*/
function deleteAttachments()
{
$request = HTTPRequest::instance();
if ($request->isPost() && $request->exist('attachments_to_delete')) {
$args = $request->get('attachments_to_delete');
$deleteStatus = true;
$um = UserManager::instance();
$user = $um->getCurrentUser();
foreach ($args as $id) {
$valid = new Valid_UInt('repo_id');
$valid->required();
if ($valid->validate($id)) {
$wa = new WikiAttachment();
$wa->initWithId($id);
if ($wa->validate() && $wa->gid == $_REQUEST['group_id'] && $wa->isAutorized($user->getId())) {
if (!$wa->deleteAttachment()) {
$deleteStatus = false;
}
} else {
$deleteStatus = false;
}
} else {
$deleteStatus = false;
}
}
if ($deleteStatus) {
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('wiki_actions_wikiserviceadmin', 'delete_attachment_success'));
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('wiki_actions_wikiserviceadmin', 'delete_attachment_failure'));
}
}
}
$vRelative = new Valid_WhiteList('relative', array('true'));
$vRelative->required();
if ($request->valid($vRelative)) {
$relative = true;
} else {
$relative = false;
}
$vOrder = new Valid_WhiteList('order', array('start_size', 'end_size', 'evolution', 'evolution_rate'));
$vOrder->required();
if ($request->valid($vOrder)) {
$order = $request->get('order');
} else {
$order = 'end_size';
}
$vOffset = new Valid_UInt('offset');
$vOffset->required();
if ($request->valid($vOffset)) {
$offset = $request->get('offset');
} else {
$offset = 0;
}
$title = 'Disk usage';
$GLOBALS['HTML']->includeCalendarScripts();
$GLOBALS['HTML']->header(array('title' => $title));
echo '<h1>' . $title . '</h1>';
echo '
<table>
<tr>
<th align="center">Service/Projects</th>
<th align="center">Users</th>
</tr>
<?php
//
// Codendi
// Copyright (c) Xerox Corporation, Codendi Team, 2001-2009. All rights reserved
// Copyright (c) Enalean, 2015. All Rights Reserved.
// http://www.codendi.com
//
//
require_once 'pre.php';
require_once 'common/frs/FRSFileFactory.class.php';
require_once 'common/frs/FRSPackageFactory.class.php';
$vGroupId = new Valid_GroupId();
$vGroupId->required();
$vFileId = new Valid_UInt('file_id');
$vFileId->required();
if ($request->valid($vGroupId) && $request->valid($vFileId)) {
$group_id = $request->get('group_id');
$file_id = $request->get('file_id');
} else {
exit_missing_param();
}
$frsff = new FRSFileFactory();
$frspf = new FRSPackageFactory();
// Must have a group_id and file_id otherwise
// we cannot do much
if (!$file_id || !$group_id) {
exit_missing_param();
}
if (!$GLOBALS['sys_frs_license_mandatory']) {
// Display license popup?
<?php
//
// SourceForge: Breaking Down the Barriers to Open Source Development
// Copyright (c) Enalean, 2015. All rights reserved
// Copyright 1999-2000 (c) The SourceForge Crew
// http://sourceforge.net
//
require_once 'pre.php';
require_once 'bookmarks.php';
require_once 'my_utils.php';
$request = HTTPRequest::instance();
$vId = new Valid_UInt('bookmark_id');
$vId->setErrorMessage('bookmark_id is required');
$vId->required();
if (!$request->valid($vId)) {
$GLOBALS['Response']->redirect('/my');
} else {
$bookmark_id = (int) $request->get('bookmark_id');
}
$vUrl = new Valid_String('bookmark_url');
$vUrl->setErrorMessage('Url is required');
$vUrl->required();
$vTitle = new Valid_String('bookmark_title');
$vTitle->setErrorMessage('Title is required');
$vTitle->required();
$bookmark_url_id = '/my/bookmark_edit.php?bookmark_id=' . $bookmark_id;
$csrf_token = new CSRFSynchronizerToken($bookmark_url_id);
if ($request->isPost() && $request->valid($vUrl) && $request->valid($vTitle)) {
$csrf_token->check();
$bookmark_url = $request->get('bookmark_url');
/**
* Validate request values
*
* @param HTTPRequest $request request containing form values
*
* @return Array
*/
function validateRequest($request)
{
$status = true;
$invalid = array();
$valid = new Valid_String('request_summary');
$valid->required();
$summary = trim($request->get('request_summary'));
if ($request->valid($valid) && strlen($summary) < self::MAX_SUMMARY_LENGTH && $summary != '') {
$params['summary'] = $summary;
} else {
$status = false;
$invalid[] = $GLOBALS['Language']->getText('plugin_requesthelp', 'summary');
}
$valid = new Valid_Text('request_description');
$valid->required();
$description = trim($request->get('request_description'));
$defaultDescription = $GLOBALS['Language']->getText('plugin_requesthelp', 'requesthelp_default_description');
if ($request->valid($valid) && strlen($description) < self::MAX_DESCRIPTION_LENGTH && $description != '' && $description != $defaultDescription) {
$params['description'] = $description;
} else {
$status = false;
$invalid[] = 'Description';
}
$valid = new Valid_UInt('type');
$valid->required();
if ($request->valid($valid)) {
$requestType = $request->get('type');
$params['type'] = $requestType;
switch ($requestType) {
case RequestHelp::TYPE_SUPPORT:
$params['text_type'] = $this->_getPluginProperty('support_request');
break;
case RequestHelp::TYPE_ENHANCEMENT:
$params['text_type'] = $this->_getPluginProperty('enhancement_request');
break;
default:
$status = false;
$invalid[] = 'Type';
break;
}
} else {
$status = false;
$invalid[] = 'Type';
}
$valid = new Valid_UInt('severity');
$valid->required();
if ($request->valid($valid)) {
$severity = $request->get('severity');
$params['severity'] = $severity;
switch ($severity) {
case RequestHelp::SEVERITY_MINOR:
$params['text_severity'] = 'Minor';
break;
case RequestHelp::SEVERITY_SERIOUS:
$params['text_severity'] = 'Serious';
break;
case RequestHelp::SEVERITY_CRITICAL:
$params['text_severity'] = 'Critical';
break;
default:
$status = false;
$invalid[] = $GLOBALS['Language']->getText('plugin_requesthelp', 'severity');
break;
}
} else {
$status = false;
$invalid[] = $GLOBALS['Language']->getText('plugin_requesthelp', 'severity');
}
$cc = array();
$mails = array_map('trim', preg_split('/[,;]/', $request->get('cc')));
$rule = new Rule_Email();
$um = $this->_getUserManager();
$invalidCc = array();
foreach ($mails as $mail) {
if ($rule->isValid($mail)) {
$cc[] = $mail;
} else {
if (trim($mail) != '') {
$user = $um->findUser($mail);
if ($user) {
$mail = $user->getUserName();
if ($mail) {
$cc[] = $mail;
} else {
$invalidCc[] = $mail;
}
} else {
$invalidCc[] = $mail;
}
}
}
}
if (!empty($invalidCc)) {
$c = $this->getController();
$c->addWarn($GLOBALS['Language']->getText('plugin_requesthelp', 'requesthelp_invalid_cc', implode(", ", $invalidCc)));
}
$params['cc'] = implode(";", $cc);
return array('status' => $status, 'params' => $params, 'invalid' => $invalid);
}
function _dispatch($view, $item, $root, $get_show_view)
{
$item_factory =& $this->_getItemFactory();
$user =& $this->getUser();
$dpm = $this->_getPermissionsManager();
switch ($view) {
case 'show':
if ($item->isObsolete()) {
if (!$this->userCanAdmin($item->getId())) {
// redirect to details view
$this->view = 'Details';
break;
}
}
$this->view = $item->accept($get_show_view, $this->request->get('report'));
break;
case 'expandFolder':
$this->action = 'expandFolder';
if ($this->request->get('view') == 'ulsubfolder') {
$this->view = 'RawTree';
} else {
$this->_viewParams['item'] =& $root;
$this->view = 'Tree';
}
break;
case 'getRootFolder':
$this->_viewParams['action_result'] = $root->getId();
$this->_setView('getRootFolder');
break;
case 'collapseFolder':
$this->action = 'collapseFolder';
$this->_viewParams['item'] =& $root;
$this->view = 'Tree';
break;
case 'admin_set_permissions':
$this->action = $view;
$this->view = 'Admin_Permissions';
break;
case 'admin_change_view':
$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'admin_view', 'id' => $item->getParentId());
$this->view = 'RedirectAfterCrud';
break;
case 'admin':
case 'details':
$this->view = ucfirst($view);
break;
case 'admin_view':
$this->view = 'Admin_View';
break;
case 'admin_permissions':
$this->view = 'Admin_Permissions';
break;
case 'admin_metadata':
$this->view = 'Admin_Metadata';
$mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
$mdIter =& $mdFactory->getMetadataForGroup();
$this->_viewParams['mdIter'] =& $mdIter;
break;
case 'admin_md_details':
// Sanitize
$_mdLabel = $this->request->get('md');
$md = null;
$mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
$valid = $this->validateMetadata($_mdLabel, $md);
if (!$valid) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_invalid_md'));
$this->view = 'RedirectAfterCrud';
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
} else {
$this->view = 'Admin_MetadataDetails';
$mdFactory->appendMetadataValueList($md, false);
$this->_viewParams['md'] =& $md;
}
break;
case 'admin_md_details_update':
$_name = trim($this->request->get('name'));
$_label = $this->request->get('label');
$mdFactory = $this->_getMetadataFactory($this->_viewParams['group_id']);
if ($mdFactory->isValidLabel($_label)) {
$this->_viewParams['default_url_params'] = array('action' => 'admin_md_details', 'md' => $_label);
if ($mdFactory->isHardCodedMetadata($_label) || $this->validateUpdateMetadata($_name, $_label)) {
$this->action = $view;
}
} else {
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
}
$this->view = 'RedirectAfterCrud';
break;
case 'admin_create_metadata':
$_name = trim($this->request->get('name'));
$valid = $this->validateNewMetadata($_name);
if ($valid) {
$this->action = $view;
}
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
$this->view = 'RedirectAfterCrud';
break;
case 'admin_delete_metadata':
$valid = false;
// md
// Sanitize
$_mdLabel = $this->request->get('md');
// Valid
$logmsg = '';
$mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
$md = null;
$vld = $this->validateMetadata($_mdLabel, $md);
if ($vld) {
if (!$mdFactory->isHardCodedMetadata($md->getLabel())) {
$valid = true;
} else {
$logmsg = $GLOBALS['Language']->getText('plugin_docman', 'error_cannot_delete_hc_md');
}
} else {
$logmsg = $GLOBALS['Language']->getText('plugin_docman', 'error_invalid_md');
}
if (!$valid) {
if ($logmsg != '') {
$this->feedback->log('error', $logmsg);
}
$this->view = 'RedirectAfterCrud';
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
} else {
$this->action = $view;
$this->_actionParams['md'] = $md;
}
break;
case 'admin_create_love':
$mdFactory = $this->_getMetadataFactory($this->_viewParams['group_id']);
if ($mdFactory->isValidLabel($this->request->get('md'))) {
$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'admin_md_details', 'md' => $this->request->get('md'));
} else {
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
}
$this->view = 'RedirectAfterCrud';
break;
case 'admin_delete_love':
$mdFactory = $this->_getMetadataFactory($this->_viewParams['group_id']);
if ($mdFactory->isValidLabel($this->request->get('md'))) {
$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'admin_md_details', 'md' => $this->request->get('md'));
} else {
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
}
$this->view = 'RedirectAfterCrud';
break;
case 'admin_display_love':
$valid = false;
// Required params:
// md (string [a-z_]+)
// loveid (int)
// Sanitize
$_mdLabel = $this->request->get('md');
$_loveId = (int) $this->request->get('loveid');
// Valid
$md = null;
$love = null;
$this->validateMetadata($_mdLabel, $md);
if ($md !== null && $md->getLabel() !== 'status') {
$valid = $this->validateLove($_loveId, $md, $love);
}
if (!$valid) {
$this->view = 'RedirectAfterCrud';
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
} else {
$mdFactory = new Docman_MetadataFactory($this->groupId);
$mdFactory->appendMetadataValueList($md, false);
$this->view = 'Admin_MetadataDetailsUpdateLove';
$this->_viewParams['md'] = $md;
$this->_viewParams['love'] = $love;
}
break;
case 'admin_update_love':
$valid = false;
// Required params:
// md (string [a-z_]+)
// loveid (int)
//
// rank (beg, end, [0-9]+)
// name
// descr
// Sanitize
/// @todo sanitize md, rank, name, descr
$_mdLabel = $this->request->get('md');
$_loveId = (int) $this->request->get('loveid');
$_rank = $this->request->get('rank');
$_name = $this->request->get('name');
$_descr = $this->request->get('descr');
// Valid
$md = null;
$love = null;
$this->validateMetadata($_mdLabel, $md);
if ($md !== null && $md->getLabel() !== 'status') {
$valid = $this->validateLove($_loveId, $md, $love);
}
if (!$valid) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_md_or_love'));
$this->view = 'RedirectAfterCrud';
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
} else {
// Set parameters
$love->setRank($_rank);
$love->setName($_name);
$love->setDescription($_descr);
// define action
$this->action = $view;
$this->_actionParams['md'] = $md;
$this->_actionParams['love'] = $love;
}
break;
case 'admin_import_metadata_check':
$ok = false;
if ($this->request->existAndNonEmpty('plugin_docman_metadata_import_group')) {
$pm = ProjectManager::instance();
$srcGroup = $pm->getProjectFromAutocompleter($this->request->get('plugin_docman_metadata_import_group'));
if ($srcGroup && !$srcGroup->isError()) {
$this->_viewParams['sSrcGroupId'] = $srcGroup->getGroupId();
$this->view = 'Admin_MetadataImport';
$ok = true;
}
}
if (!$ok) {
$this->view = 'RedirectAfterCrud';
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
}
break;
case 'admin_import_metadata':
if ($this->request->existAndNonEmpty('confirm')) {
if ($this->request->existAndNonEmpty('plugin_docman_metadata_import_group')) {
$pm = ProjectManager::instance();
$srcGroup = $pm->getProjectFromAutocompleter($this->request->get('plugin_docman_metadata_import_group'));
$srcGroupId = $srcGroup->getGroupId();
$this->_actionParams['sSrcGroupId'] = $srcGroupId;
$this->_actionParams['sGroupId'] = $this->_viewParams['group_id'];
$this->action = $view;
} else {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'missing_param'));
$this->feedback->log('info', $GLOBALS['Language']->getText('plugin_docman', 'operation_canceled'));
}
} else {
$this->feedback->log('info', $GLOBALS['Language']->getText('plugin_docman', 'operation_canceled'));
}
$this->view = 'RedirectAfterCrud';
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
break;
case 'admin_obsolete':
$this->view = 'Admin_Obsolete';
break;
case 'admin_lock_infos':
$this->view = 'Admin_LockInfos';
break;
case 'move':
if (!$this->userCanWrite($item->getId()) || !$this->userCanWrite($item->getParentId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_move'));
$this->view = 'Details';
} else {
if ($this->request->exist('quick_move')) {
$this->action = 'move';
$this->view = null;
} else {
$this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
$this->view = ucfirst($view);
}
}
break;
case 'newGlobalDocument':
if ($dpm->oneFolderIsWritable($user)) {
$this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
$this->view = 'New_FolderSelection';
} else {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_create'));
$this->view = $item->accept($get_show_view, $this->request->get('report'));
}
break;
case 'newDocument':
case 'newFolder':
if ($this->request->exist('cancel')) {
$this->_set_redirectView();
} else {
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_create'));
$this->view = 'Details';
} else {
//$this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
$this->_viewParams['ordering'] = $this->request->get('ordering');
if ($this->request->get('item_type') == PLUGIN_DOCMAN_ITEM_TYPE_FOLDER) {
$view = 'newFolder';
}
$this->view = ucfirst($view);
}
}
break;
case 'monitor':
if ($this->request->exist('monitor')) {
$this->_actionParams['monitor'] = $this->request->get('monitor');
if ($this->request->exist('cascade')) {
$this->_actionParams['cascade'] = $this->request->get('cascade');
}
$this->_actionParams['item'] =& $item;
$this->action = 'monitor';
}
$this->_setView('Details');
break;
case 'remove_monitoring':
$this->_actionParams['listeners_to_delete'] = array();
if ($this->userCanManage($item->getId())) {
if ($this->request->exist('listeners_to_delete')) {
$um = UserManager::instance();
$vUserId = new Valid_UInt('listeners_to_delete');
if ($this->request->validArray($vUserId)) {
$userIds = $this->request->get('listeners_to_delete');
$users = array();
foreach ($userIds as $userId) {
$users[] = $um->getUserById($userId);
}
$this->_actionParams['listeners_to_delete'] = $users;
$this->_actionParams['item'] = $item;
}
}
$this->action = 'remove_monitoring';
$this->_setView('Details');
} else {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'notifications_permission_denied'));
$this->_setView('Details');
}
break;
case 'add_monitoring':
$this->_actionParams['listeners_to_add'] = array();
$this->_actionParams['invalid_users'] = false;
if ($this->userCanManage($item->getId())) {
if ($this->request->exist('listeners_to_add')) {
$um = UserManager::instance();
$vUser = new Valid_Text('listeners_to_add');
if ($this->request->valid($vUser)) {
$usernames = array_map('trim', preg_split('/[,;]/', $this->request->get('listeners_to_add')));
$users = array();
$vUserName = new Valid_String();
$vUserName->required();
foreach ($usernames as $username) {
if ($vUserName->validate($username) && ($user = $um->findUser($username))) {
$users[] = $user;
} else {
$this->_actionParams['invalid_users'] = true;
}
}
if ($this->request->exist('monitor_cascade')) {
$this->_actionParams['monitor_cascade'] = $this->request->get('monitor_cascade');
}
$this->_actionParams['listeners_to_add'] = $users;
$this->_actionParams['item'] = $item;
}
}
$this->action = 'add_monitoring';
$this->_setView('Details');
} else {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'notifications_permission_denied'));
$this->_setView('Details');
}
break;
case 'move_here':
if (!$this->request->exist('item_to_move')) {
$this->feedback->log('error', 'Missing parameter.');
$this->view = 'DocmanError';
} else {
$item_to_move =& $item_factory->getItemFromDb($this->request->get('item_to_move'));
$this->view = null;
if ($this->request->exist('confirm')) {
if (!$item_to_move || !($this->userCanWrite($item->getId()) && $this->userCanWrite($item_to_move->getId()) && $this->userCanWrite($item_to_move->getParentId()))) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_move'));
$this->_set_moveView_errorPerms();
} else {
$this->action = 'move';
}
}
if (!$this->view) {
$this->_set_redirectView();
}
}
break;
case 'permissions':
if (!$this->userCanManage($item->getId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_perms'));
$this->view = 'Details';
} else {
$this->action = 'permissions';
$this->view = 'Details';
}
break;
case 'confirmDelete':
if (!$this->userCanWrite($item->getId()) || !$this->userCanWrite($item->getParentId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_delete'));
$this->view = 'Details';
} else {
$this->view = 'Delete';
}
break;
case 'action_new_version':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_edit'));
$this->view = 'Details';
} else {
$dPm = $this->_getPermissionsManager();
if ($dPm->getLockFactory()->itemIsLocked($item)) {
$this->feedback->log('warning', $GLOBALS['Language']->getText('plugin_docman', 'event_lock_add'));
}
$this->view = 'NewVersion';
}
break;
case 'action_update':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_edit'));
$this->view = 'Details';
} else {
$this->view = 'Update';
}
break;
case 'action_copy':
//@XSS: validate action against a regexp.
$_action = $this->request->get('orig_action');
$_id = (int) $this->request->get('orig_id');
$this->_actionParams['item'] = $item;
$this->action = $view;
if (!$this->request->exist('ajax_copy')) {
$this->_viewParams['default_url_params'] = array('action' => $_action, 'id' => $_id);
$this->view = 'RedirectAfterCrud';
}
break;
case 'action_cut':
$_action = $this->request->get('orig_action');
$_id = (int) $this->request->get('orig_id');
$this->_actionParams['item'] = $item;
$this->action = $view;
if (!$this->request->exist('ajax_cut')) {
$this->_viewParams['default_url_params'] = array('action' => $_action, 'id' => $_id);
$this->view = 'RedirectAfterCrud';
}
break;
case 'action_paste':
$itemToPaste = null;
$mode = null;
$allowed = $this->checkPasteIsAllowed($item, $itemToPaste, $mode);
if (!$allowed) {
$this->view = 'Details';
} else {
$this->_viewParams['itemToPaste'] = $itemToPaste;
$this->_viewParams['srcMode'] = $mode;
$this->view = 'Paste';
}
break;
case 'paste_cancel':
// intend to be only called through ajax call
$item_factory->delCopyPreference();
$item_factory->delCutPreference();
break;
case 'paste':
if ($this->request->exist('cancel')) {
$this->_viewParams['default_url_params'] = array('action' => 'show');
$this->view = 'RedirectAfterCrud';
} else {
$itemToPaste = null;
$mode = null;
$allowed = $this->checkPasteIsAllowed($item, $itemToPaste, $mode);
if (!$allowed) {
$this->view = 'Details';
} else {
$this->_viewParams['importMd'] = false;
if ($this->userCanAdmin()) {
if ($this->request->exist('import_md') && $this->request->get('import_md') == '1') {
$this->_viewParams['importMd'] = true;
}
}
$this->_viewParams['item'] = $item;
$this->_viewParams['rank'] = $this->request->get('rank');
$this->_viewParams['itemToPaste'] = $itemToPaste;
$this->_viewParams['srcMode'] = $mode;
/*$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'show',
'id' => $item->getId());
$this->view = 'RedirectAfterCrud';*/
$this->_viewParams['item'] = $item;
$this->_viewParams['rank'] = $this->request->get('rank');
$this->_viewParams['itemToPaste'] = $itemToPaste;
$this->_viewParams['srcMode'] = $mode;
$this->view = 'PasteInProgress';
}
}
break;
case 'approval_create':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $this->txt('error_perms_edit'));
$this->view = 'Details';
} else {
$this->view = 'ApprovalCreate';
}
break;
case 'approval_delete':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $this->txt('error_perms_edit'));
$this->view = 'Details';
} else {
if ($this->request->exist('confirm')) {
$this->action = $view;
$this->_actionParams['item'] = $item;
// Version
$vVersion = new Valid_UInt('version');
$vVersion->required();
if ($this->request->valid($vVersion)) {
$this->_actionParams['version'] = $this->request->get('version');
} else {
$this->_actionParams['version'] = null;
}
}
$this->_viewParams['default_url_params'] = array('action' => 'details', 'section' => 'approval', 'id' => $item->getId());
$this->view = 'RedirectAfterCrud';
}
break;
case 'approval_update':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $this->txt('error_perms_edit'));
$this->view = 'Details';
} else {
$this->_actionParams['item'] = $item;
// Settings
$this->_actionParams['status'] = (int) $this->request->get('status');
$this->_actionParams['description'] = $this->request->get('description');
$this->_actionParams['notification'] = (int) $this->request->get('notification');
$this->_actionParams['reminder'] = $this->request->get('reminder');
$this->_actionParams['occurence'] = (int) $this->request->get('occurence');
$this->_actionParams['period'] = (int) $this->request->get('period');
// Users
$this->_actionParams['user_list'] = $this->request->get('user_list');
$this->_actionParams['ugroup_list'] = null;
if (is_array($this->request->get('ugroup_list'))) {
$this->_actionParams['ugroup_list'] = array_map('intval', $this->request->get('ugroup_list'));
}
// Selected users
$this->_actionParams['sel_user'] = null;
if (is_array($this->request->get('sel_user'))) {
$this->_actionParams['sel_user'] = array_map('intval', $this->request->get('sel_user'));
}
$allowedAct = array('100', 'mail', 'del');
$this->_actionParams['sel_user_act'] = null;
if (in_array($this->request->get('sel_user_act'), $allowedAct)) {
$this->_actionParams['sel_user_act'] = $this->request->get('sel_user_act');
}
// Resend
$this->_actionParams['resend_notif'] = false;
if ($this->request->get('resend_notif') == 'yes') {
$this->_actionParams['resend_notif'] = true;
}
// Version
$vVersion = new Valid_UInt('version');
$vVersion->required();
if ($this->request->valid($vVersion)) {
$this->_actionParams['version'] = $this->request->get('version');
} else {
$this->_actionParams['version'] = null;
}
// Import
$vImport = new Valid_WhiteList('app_table_import', array('copy', 'reset', 'empty'));
$vImport->required();
$this->_actionParams['import'] = $this->request->getValidated('app_table_import', $vImport, false);
// Owner
$vOwner = new Valid_String('table_owner');
$vOwner->required();
$this->_actionParams['table_owner'] = $this->request->getValidated('table_owner', $vOwner, false);
//
// Special handeling of table deletion
if ($this->_actionParams['status'] == PLUGIN_DOCMAN_APPROVAL_TABLE_DELETED) {
$this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'delete' => 'confirm', 'id' => $item->getId());
} else {
// Action!
$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'id' => $item->getId());
}
if ($this->_actionParams['version'] !== null) {
$this->_viewParams['default_url_params']['version'] = $this->_actionParams['version'];
}
$this->view = 'RedirectAfterCrud';
}
break;
case 'approval_upd_user':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $this->txt('error_perms_edit'));
$this->view = 'Details';
} else {
$this->_actionParams['item'] = $item;
$this->_actionParams['user_id'] = (int) $this->request->get('user_id');
$this->_actionParams['rank'] = $this->request->get('rank');
$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'id' => $item->getId());
$this->view = 'RedirectAfterCrud';
}
break;
case 'approval_del_user':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $this->txt('error_perms_edit'));
$this->view = 'Details';
} else {
$this->_actionParams['item'] = $item;
$this->_actionParams['user_id'] = (int) $this->request->get('user_id');
$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'id' => $item->getId());
$this->view = 'RedirectAfterCrud';
}
break;
case 'approval_user_commit':
$atf =& Docman_ApprovalTableFactoriesFactory::getFromItem($item);
$table = $atf->getTable();
$atrf =& new Docman_ApprovalTableReviewerFactory($table, $item);
if (!$this->userCanRead($item->getId()) || !$atrf->isReviewer($user->getId()) || !$table->isEnabled()) {
$this->feedback->log('error', $this->txt('error_perms_edit'));
$this->view = 'Details';
} else {
$this->_actionParams['item'] = $item;
$svState = 0;
$sState = (int) $this->request->get('state');
if ($sState >= 0 && $sState < 5) {
$svState = $sState;
}
$this->_actionParams['svState'] = $svState;
$this->_actionParams['sVersion'] = null;
if ($this->request->exist('version')) {
$sVersion = (int) $this->request->get('version');
switch ($item_factory->getItemTypeForItem($item)) {
case PLUGIN_DOCMAN_ITEM_TYPE_WIKI:
if ($sVersion <= 0) {
$sVersion = null;
}
case PLUGIN_DOCMAN_ITEM_TYPE_FILE:
case PLUGIN_DOCMAN_ITEM_TYPE_EMBEDDEDFILE:
// assume ok: do nothing.
break;
default:
$sVersion = null;
}
$this->_actionParams['sVersion'] = $sVersion;
}
$this->_actionParams['usComment'] = $this->request->get('comment');
$this->_actionParams['monitor'] = (int) $this->request->get('monitor');
$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'details', 'section' => 'approval', 'id' => $item->getId());
$this->view = 'RedirectAfterCrud';
}
break;
case 'approval_notif_resend':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $this->txt('error_perms_edit'));
$this->view = 'Details';
} else {
$this->action = $view;
$this->_actionParams['item'] = $item;
$this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'id' => $item->getId());
$this->view = 'RedirectAfterCrud';
}
break;
case 'edit':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_edit'));
$this->view = 'Details';
} else {
$mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
$mdFactory->appendAllListOfValuesToItem($item);
$this->view = 'Edit';
}
break;
case 'delete':
if (!($this->userCanWrite($item->getId()) && $this->userCanWrite($item->getParentId()))) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_delete'));
$this->_set_deleteView_errorPerms();
} else {
if ($this->request->exist('confirm')) {
$this->action = $view;
$this->_set_redirectView();
} else {
$this->view = 'Details';
}
}
break;
case 'deleteVersion':
if (!($this->userCanWrite($item->getId()) && $this->userCanWrite($item->getParentId()))) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_delete'));
$this->_set_deleteView_errorPerms();
} else {
if ($this->request->exist('confirm')) {
$this->action = $view;
$this->_set_redirectView();
} else {
$this->view = 'Details';
}
}
break;
case 'createFolder':
case 'createDocument':
case 'createItem':
if ($this->request->exist('cancel')) {
$this->_set_redirectView();
} else {
$i = $this->request->get('item');
if (!$i || !isset($i['parent_id'])) {
$this->feedback->log('error', 'Missing parameter.');
$this->view = 'DocmanError';
} else {
$parent =& $item_factory->getItemFromDb($i['parent_id']);
if (!$parent || $parent->getGroupId() != $this->getGroupId() || !$this->userCanWrite($parent->getId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_create'));
$this->_set_createItemView_errorParentDoesNotExist($item, $get_show_view);
} else {
//Validations
$new_item = $this->createItemFromUserInput();
$valid = $this->_validateRequest(array_merge($new_item->accept(new Docman_View_GetFieldsVisitor()), $new_item->accept(new Docman_View_GetSpecificFieldsVisitor(), array('request' => &$this->request))));
if ($user->isMember($this->getGroupId(), 'A') || $user->isMember($this->getGroupId(), 'N1') || $user->isMember($this->getGroupId(), 'N2')) {
$news = $this->request->get('news');
if ($news) {
$is_news_details = isset($news['details']) && trim($news['details']);
$is_news_summary = isset($news['summary']) && trim($news['summary']);
if ($is_news_details && !$is_news_summary) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_create_news_summary'));
$valid = false;
}
if (!$is_news_details && $is_news_summary) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_create_news_details'));
$valid = false;
}
}
}
if ($valid) {
$this->action = $view;
$this->_set_redirectView();
} else {
// Propagate return page
$this->_viewParams['token'] = $this->request->get('token');
$this->_viewParams['force_item'] = $new_item;
$this->_viewParams['force_news'] = $this->request->get('news');
$this->_viewParams['force_permissions'] = $this->request->get('permissions');
$this->_viewParams['force_ordering'] = $this->request->get('ordering');
$this->_viewParams['display_permissions'] = $this->request->exist('user_has_displayed_permissions');
$this->_viewParams['display_news'] = $this->request->exist('user_has_displayed_news');
$this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
$this->_set_createItemView_afterCreate($view);
}
}
}
}
break;
case 'update':
$this->_viewParams['recurseOnDocs'] = false;
$this->_actionParams['recurseOnDocs'] = false;
if ($this->request->get('recurse_on_doc') == 1) {
$this->_viewParams['recurseOnDocs'] = true;
$this->_actionParams['recurseOnDocs'] = true;
}
case 'update_wl':
case 'new_version':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_edit'));
$this->view = 'Details';
} else {
// For properties update ('update' action), we need to confirm
// the recursive application of metadata update.
if ($view == 'update' && $this->request->exist('recurse') && !$this->request->exist('cancel')) {
$this->_viewParams['recurse'] = $this->request->get('recurse');
if (!$this->request->exist('validate_recurse')) {
$updateConfirmed = false;
} elseif ($this->request->get('validate_recurse') != 'true') {
$updateConfirmed = false;
} else {
$updateConfirmed = true;
}
} else {
$updateConfirmed = true;
}
$valid = true;
if ($this->request->exist('confirm')) {
//Validations
if ($view == 'update') {
$this->updateMetadataFromUserInput($item);
$valid = $this->_validateRequest($item->accept(new Docman_View_GetFieldsVisitor()));
} else {
$this->updateItemFromUserInput($item);
$valid = $this->_validateApprovalTable($this->request, $item) && $this->_validateRequest($item->accept(new Docman_View_GetSpecificFieldsVisitor(), array('request' => &$this->request)));
}
//Actions
if ($valid && $updateConfirmed) {
if ($view == 'update_wl') {
$this->action = 'update';
} else {
$this->action = $view;
}
}
}
//Views
if ($valid && $updateConfirmed) {
if ($redirect_to = Docman_Token::retrieveUrl($this->request->get('token'))) {
$this->_viewParams['redirect_to'] = $redirect_to;
}
$this->view = 'RedirectAfterCrud';
} else {
if ($view == 'update_wl') {
$this->view = 'Update';
} else {
if ($view == 'new_version') {
// Keep fields values
$v = $this->request->get('version');
$this->_viewParams['label'] = $v['label'];
$this->_viewParams['changelog'] = $v['changelog'];
if ($item instanceof Docman_EmbeddedFile) {
$v = $item->getCurrentVersion();
$v->setContent($this->request->get('content'));
}
$this->view = 'NewVersion';
} else {
$mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
$mdFactory->appendAllListOfValuesToItem($item);
if ($this->request->existAndNonEmpty('token')) {
// propagate the token so the user will be
// redirected to the original page even after
// several properties update errors or
// confirmations.
$this->_viewParams['token'] = $this->request->get('token');
}
$this->_viewParams['updateConfirmed'] = $updateConfirmed;
// The item may have changed (new user input)
unset($this->_viewParams['item']);
$this->_viewParams['item'] =& $item;
$this->view = 'Edit';
}
}
}
}
break;
case 'change_view':
$this->action = $view;
break;
case 'install':
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_alreadyinstalled'));
$this->view = 'DocmanError';
break;
case 'search':
$this->view = 'Table';
break;
case 'positionWithinFolder':
$this->_viewParams['force_ordering'] = $this->request->get('default_position');
$this->_viewParams['exclude'] = $this->request->get('exclude');
$this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
$this->view = ucfirst($view);
break;
case 'permissionsForItem':
$this->_viewParams['user_can_manage'] = $this->userCanManage($item->getId());
$this->view = ucfirst($view);
break;
case 'report_settings':
$this->view = 'ReportSettings';
break;
case 'report_del':
if ($this->request->exist('report_id')) {
$this->_actionParams['sReportId'] = (int) $this->request->get('report_id');
$this->_actionParams['sGroupId'] = $this->_viewParams['group_id'];
$this->action = $view;
}
$this->_viewParams['default_url_params'] = array('action' => 'report_settings');
$this->view = 'RedirectAfterCrud';
break;
case 'report_upd':
if ($this->request->exist('report_id')) {
$this->_actionParams['sReportId'] = (int) $this->request->get('report_id');
$this->_actionParams['sGroupId'] = $this->_viewParams['group_id'];
$usScope = $this->request->get('scope');
if ($usScope === 'I' || $usScope === 'P') {
$this->_actionParams['sScope'] = $usScope;
}
$this->_actionParams['description'] = $this->request->get('description');
$this->_actionParams['title'] = $this->request->get('title');
$this->_actionParams['sImage'] = (int) $this->request->get('image');
$this->action = $view;
}
$this->_viewParams['default_url_params'] = array('action' => 'report_settings');
$this->view = 'RedirectAfterCrud';
break;
case 'report_import':
if ($this->request->exist('import_search_report_from_group')) {
$pm = ProjectManager::instance();
$srcGroup = $pm->getProjectFromAutocompleter($this->request->get('import_search_report_from_group'));
if ($srcGroup && !$srcGroup->isError()) {
$this->_actionParams['sGroupId'] = $this->_viewParams['group_id'];
$this->_actionParams['sImportGroupId'] = $srcGroup->getGroupId();
$this->_actionParams['sImportReportId'] = null;
if ($this->request->exist('import_report_id') && trim($this->request->get('import_report_id')) != '') {
$this->_actionParams['sImportReportId'] = (int) $this->request->get('import_report_id');
}
$this->action = $view;
}
}
$this->_viewParams['default_url_params'] = array('action' => 'report_settings');
$this->view = 'RedirectAfterCrud';
break;
case 'action_lock_add':
$this->_actionParams['item'] = $item;
$this->action = 'action_lock_add';
break;
case 'action_lock_del':
$this->_actionParams['item'] = $item;
$this->action = 'action_lock_del';
break;
case 'ajax_reference_tooltip':
$this->view = 'AjaxReferenceTooltip';
break;
default:
$event_manager =& EventManager::instance();
$eParams = array('view' => $view, 'docmanPath' => $this->pluginPath, 'docmanThemePath' => $this->themePath);
$event_manager->processEvent('plugin_docman_after_dispacher', $eParams);
die(htmlspecialchars($view) . ' is not supported');
break;
}
}
//
// SourceForge: Breaking Down the Barriers to Open Source Development
// Copyright 1999-2000 (c) The SourceForge Crew
// http://sourceforge.net
//
//
require_once 'pre.php';
require '../forum/forum_utils.php';
$request =& HTTPRequest::instance();
if (user_isloggedin()) {
/*
User obviously has to be logged in to monitor
a thread
*/
$vForumId = new Valid_UInt('forum_id');
$vForumId->required();
if ($request->valid($vForumId)) {
$forum_id = $request->get('forum_id');
// Check permissions
if (!forum_utils_access_allowed($forum_id)) {
exit_error($Language->getText('global', 'error'), $Language->getText('forum_forum', 'forum_restricted'));
}
//If the forum is associated to a private news, non-allowed users shouldn't be able to monitor this forum
// but they should be able to disable monitoring news that have been set from public to private
$qry = "SELECT * FROM news_bytes WHERE forum_id=" . db_ei($forum_id);
$res = db_query($qry);
if (db_numrows($res) > 0) {
if (!forum_utils_news_access($forum_id) && !user_monitor_forum($forum_id, user_getid())) {
exit_error($Language->getText('global', 'error'), $Language->getText('news_admin_index', 'permission_denied'));
}
}
exit_no_group();
}
//if the project isn't active, require you to be a member of the super-admin group
if ($project->getStatus() != 'A') {
session_require(array('group' => 1));
}
$vFunc = new Valid_WhiteList('func', array('member_req_notif_group', 'member_req_notif_message'));
$vFunc->required();
if ($request->isPost() && $request->valid($vFunc)) {
/*
updating the database
*/
switch ($request->get('func')) {
case 'member_req_notif_group':
$vUGroups = new Valid_UInt('ugroups');
$vUGroups->required();
if ($request->validArray($vUGroups)) {
$ugroups = $request->get('ugroups');
// Remove ugroups that are empty or contain no project admins
$result = ugroup_filter_ugroups_by_project_admin($group_id, $ugroups);
$nonAdmins = $result['non_admins'];
$validUgroups = $result['ugroups'];
if (empty($validUgroups)) {
// If no valid ugroups the default one is project admins ugroup
$validUgroups = array($GLOBALS['UGROUP_PROJECT_ADMIN']);
$GLOBALS['Response']->addFeedback('error', $Language->getText('project_admin_index', 'member_request_delegation_ugroups_all_invalid'));
} else {
// If some selected ugroups are not valid display them to the user.
$diff = array_diff($ugroups, $validUgroups);
if (!empty($diff)) {
$deletedUgroups = array();
function updatePreferences(&$request)
{
$request->valid(new Valid_String('cancel'));
$nbShow = new Valid_UInt('nb_svn_commits');
$nbShow->required();
if (!$request->exist('cancel')) {
if ($request->valid($nbShow)) {
$this->_nb_svn_commits = $request->get('nb_svn_commits');
} else {
$this->_nb_svn_commits = self::NB_COMMITS_TO_DISPLAY;
}
user_set_preference('my_latests_svn_commits_nb_display', $this->_nb_svn_commits);
}
return true;
}
/**
* Validate the HTTP request for the user members pane
*
* @param Integer $groupId Id of the project
* @param HTTPRequest $request HTTP request
*
* @return Array
*/
public function validateRequest($groupId, $request)
{
$userDao = new UserDao();
$res = $userDao->firstUsernamesLetters();
$allowedBeginValues = array();
foreach ($res as $data) {
$allowedBeginValues[] = $data['capital'];
}
$result['allowed_begin_values'] = $allowedBeginValues;
$validBegin = new Valid_WhiteList('begin', $allowedBeginValues);
$validBegin->required();
$validInProject = new Valid_UInt('in_project');
$validInProject->required();
$result['offset'] = $request->exist('browse') ? 0 : $request->getValidated('offset', 'uint', 0);
$result['number_per_page'] = $request->exist('number_per_page') ? $request->getValidated('number_per_page', 'uint', 0) : 15;
$result['search'] = $request->getValidated('search', 'string', '');
$result['begin'] = $request->getValidated('begin', $validBegin, '');
$result['in_project'] = $request->getValidated('in_project', $validInProject, $groupId);
$result['user'] = $request->get('user');
$result['add_user_name'] = $request->get('add_user_name');
return $result;
}
$vPath = new Valid_String('_path');
$vPath->required();
if ($request->valid($vPath)) {
$_path = $request->get('_path');
} else {
$_path = '';
}
// MV: This comes from src/www/svn/index.php, it seems that user can
// specify a rev_id here
$vRevId1 = new Valid_UInt('rev_id');
$vRevId1->required();
if ($request->valid($vRevId1)) {
$_rev_id = $request->get('rev_id');
} else {
$vRevId2 = new Valid_UInt('_rev_id');
$vRevId2->required();
if ($request->valid($vRevId2)) {
$_rev_id = $request->get('_rev_id');
} else {
$_rev_id = '';
}
}
$vCommiter = new Valid_String('_commiter');
$vCommiter->required();
if ($request->valid($vCommiter)) {
$_commiter = $request->get('_commiter');
} else {
$_commiter = '';
}
$vSrch = new Valid_String('_srch');
$vSrch->required();
<?php
require_once 'pre.php';
require_once 'www/my/my_utils.php';
require_once 'common/widget/WidgetLayoutManager.class.php';
require_once 'common/widget/Valid_Widget.class.php';
$GLOBALS['HTML']->includeJavascriptFile('/scripts/codendi/LayoutManager.js');
$hp = Codendi_HTMLPurifier::instance();
if (user_isloggedin()) {
$request =& HTTPRequest::instance();
$lm = new WidgetLayoutManager();
$vLayoutId = new Valid_UInt('layout_id');
$vLayoutId->required();
if ($request->valid($vLayoutId)) {
$layout_id = $request->get('layout_id');
$vOwner = new Valid_Widget_Owner('owner');
$vOwner->required();
if ($request->valid($vOwner)) {
$owner = $request->get('owner');
$owner_id = (int) substr($owner, 1);
$owner_type = substr($owner, 0, 1);
switch ($owner_type) {
case WidgetLayoutManager::OWNER_TYPE_USER:
$owner_id = user_getid();
$title = $Language->getText('my_index', 'title', array($hp->purify(user_getrealname(user_getid()), CODENDI_PURIFIER_CONVERT_HTML) . ' (' . user_getname() . ')'));
my_header(array('title' => $title, 'selected_top_tab' => '/my/'));
$lm->displayAvailableWidgets(user_getid(), WidgetLayoutManager::OWNER_TYPE_USER, $layout_id);
site_footer(array());
break;
case WidgetLayoutManager::OWNER_TYPE_GROUP:
$pm = ProjectManager::instance();
/**
* Update preferences
*
* @param Array $request HTTP request
*
* @return Boolean
*/
function updatePreferences($request)
{
$request->valid(new Valid_String('cancel'));
$vOffset = new Valid_UInt('plugin_git_user_pushes_offset');
$vOffset->required();
$vDays = new Valid_UInt('plugin_git_user_pushes_past_days');
$vDays->required();
if (!$request->exist('cancel')) {
if ($request->valid($vOffset)) {
$this->offset = $request->get('plugin_git_user_pushes_offset');
} else {
$this->offset = 5;
}
if ($request->valid($vDays)) {
$this->pastDays = $request->get('plugin_git_user_pushes_past_days');
} else {
$this->pastDays = 30;
}
user_set_preference('plugin_git_user_pushes_offset', $this->offset);
user_set_preference('plugin_git_user_pushes_past_days', $this->pastDays);
}
return true;
}
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
require_once 'pre.php';
require_once 'www/file/file_utils.php';
$vGroupId = new Valid_GroupId();
$vGroupId->required();
if ($request->valid($vGroupId)) {
$group_id = $request->get('group_id');
} else {
exit_no_group();
}
if (!user_isloggedin() || !user_ismember($group_id, 'R2')) {
exit_permission_denied();
}
$vProcId = new Valid_UInt('proc_id');
$vProcId->required();
if ($request->valid($vProcId)) {
$proc_id = $request->get('proc_id');
} else {
$GLOBALS['Response']->redirect('manageprocessors.php?group_id=' . $group_id);
}
file_utils_admin_header(array('title' => $Language->getText('file_admin_manageprocessors', 'update_proc'), 'help' => 'ManageProcessorsList.html'));
$sql = "SELECT name,rank FROM frs_processor WHERE group_id=" . db_ei($group_id) . " AND processor_id=" . db_ei($proc_id);
$result = db_query($sql);
$name = db_result($result, 0, 'name');
$rank = db_result($result, 0, 'rank');
if (db_numrows($result) < 1) {
#invalid processor id
$feedback .= " " . $Language->getText('file_admin_manageprocessors', 'invalid_procid');
file_utils_footer(array());
exit;
function updatePreferences(&$request)
{
$done = false;
$vContentId = new Valid_UInt('content_id');
$vContentId->required();
if (($chart = $request->get('chart')) && $request->valid($vContentId)) {
$vId = new Valid_Uint('chart_id');
if ($request->validInArray('chart', $vId)) {
$id = " chart_id = " . db_escape_int($chart['chart_id']) . " ";
} else {
$id = '';
}
$vTitle = new Valid_String('title');
if ($request->validInArray('chart', $vTitle)) {
$title = " title = '" . db_escape_string($chart['title']) . "' ";
} else {
$title = '';
}
if ($id || $title) {
$sql = "UPDATE plugin_graphontrackersv5_widget_chart SET " . $title . ", " . $id . " WHERE owner_id = " . $this->owner_id . " AND owner_type = '" . $this->owner_type . "' AND id = " . (int) $request->get('content_id');
$res = db_query($sql);
$done = true;
}
}
return $done;
}
/**
* Validate date Reminder Id.
*
* @param HTTPRequest $request HTTP request
*
* @return Integer
*/
public function validateReminderId(HTTPRequest $request)
{
$validReminderId = new Valid_UInt('reminder_id');
$validReminderId->required();
if ($request->valid($validReminderId)) {
return $request->get('reminder_id');
} else {
$errorMessage = $GLOBALS['Language']->getText('project_admin_utils', 'tracker_date_reminder_invalid_reminder', array($request->get('reminder_id')));
throw new Tracker_DateReminderException($errorMessage);
}
}
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* Codendi is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Codendi. If not, see <http://www.gnu.org/licenses/>.
*/
require_once 'pre.php';
$request = HTTPRequest::instance();
$vGroupId = new Valid_UInt('group_id');
$vGroupId->required();
if ($request->valid($vGroupId)) {
$group_id = $request->get('group_id');
} else {
exit_no_group();
}
$pm = ProjectManager::instance();
$group = $pm->getProject($group_id);
if (!$group || !is_object($group) || $group->isError()) {
exit_no_group();
}
$vExport = new Valid_WhiteList('export', array('user_groups', 'user_groups_format'));
$vExport->required();
if ($request->valid($vExport)) {
$export = $request->get('export');
$col_list = array('group', 'username', 'realname');
function plugin_forumml_show_message($p, $hp, $msg, $id_parent, $purgeCache)
{
$body = $msg['body'];
$request = HTTPRequest::instance();
// Is "ready to display" body already in cache or not
$bodyIsCached = false;
if (!empty($msg['cached_html']) && !$purgeCache) {
$bodyIsCached = true;
}
if (PEAR::isError($from_info = Mail_RFC822::parseAddressList($msg['sender'], $GLOBALS['sys_default_domain'])) || !isset($from_info[0]) || !$from_info[0]->personal) {
$from_info = $hp->purify($msg['sender'], CODENDI_PURIFIER_CONVERT_HTML);
} else {
$from_info = '<abbr title="' . $hp->purify($from_info[0]->mailbox . '@' . $from_info[0]->host, CODENDI_PURIFIER_CONVERT_HTML) . '">' . $hp->purify($from_info[0]->personal, CODENDI_PURIFIER_CONVERT_HTML) . '</abbr>';
}
echo '<div class="plugin_forumml_message">';
// specific thread
echo '<div class="plugin_forumml_message_header boxitemalt" id="plugin_forumml_message_' . $msg['id_message'] . '">';
echo '<div class="plugin_forumml_message_header_subject">' . $hp->purify($msg['subject'], CODENDI_PURIFIER_CONVERT_HTML) . '</div>';
echo '<a href="#' . $msg['id_message'] . '" title="message #' . $msg['id_message'] . '">';
echo '<img src="' . $p->getThemePath() . '/images/ic/comment.png" id="' . $msg['id_message'] . '" style="vertical-align:middle" alt="#' . $msg['id_message'] . '" />';
echo '</a>';
echo ' <span class="plugin_forumml_message_header_from">' . $from_info . '</span>';
echo ' <span class="plugin_forumml_message_header_date">' . $GLOBALS['Language']->getText('plugin_forumml', 'show_message_date', array($msg['date'])) . '</span>';
echo ' <a href="#" id="plugin_forumml_toogle_msg_' . $msg['id_message'] . '" class="plugin_forumml_toggle_font">' . $GLOBALS['Language']->getText('plugin_forumml', 'toggle_font') . '</a>';
// get CC
$cc = trim($msg['cc']);
if ($cc) {
if (PEAR::isError($cc_info = Mail_RFC822::parseAddressList($cc, $GLOBALS['sys_default_domain']))) {
$ccs = $hp->purify($cc, CODENDI_PURIFIER_CONVERT_HTML);
} else {
$ccs = array();
foreach ($cc_info as $c) {
if (!$c->personal) {
$ccs[] = $hp->purify($c->mailbox . '@' . $c->host, CODENDI_PURIFIER_CONVERT_HTML);
} else {
$ccs[] = '<abbr title="' . $hp->purify($c->mailbox . '@' . $c->host, CODENDI_PURIFIER_CONVERT_HTML) . '">' . $hp->purify($c->personal, CODENDI_PURIFIER_CONVERT_HTML) . '</abbr>';
}
}
$ccs = implode(', ', $ccs);
}
print '<div class="plugin_forumml_message_header_cc">' . $GLOBALS['Language']->getText('plugin_forumml', 'show_message_cc') . ' ' . $ccs . '</div>';
}
// Message content
if (strpos($msg['content_type'], 'multipart/') !== false) {
$content_type = $msg['msg_type'];
} else {
$content_type = $msg['content_type'];
}
$is_html = strpos($content_type, "text/html") !== false;
// get attached files
if (count($msg['attachments'])) {
print '<div class="plugin_forumml_message_header_attachments">';
$first = true;
foreach ($msg['attachments'] as $attachment) {
// Special case, this is an HTML email
if (preg_match('/.html$/i', $attachment['file_name'])) {
// By default, the first html attachment replaces the default body (text)
if ($first) {
if (!$bodyIsCached && is_file($attachment['file_path'])) {
$body = file_get_contents($attachment['file_path']);
// Make sure that the body is utf8
if (!mb_detect_encoding($body, 'UTF-8', true)) {
$body = mb_convert_encoding($body, 'UTF-8');
}
$is_html = true;
}
continue;
} else {
$flink = $attachment['file_name'];
}
} else {
$flink = $attachment['file_name'];
}
if (!$first) {
echo ', ';
}
echo "<img src='" . $p->getThemePath() . "/images/ic/attach.png'/> <a href='upload.php?group_id=" . $request->get('group_id') . "&list=" . $request->get('list') . "&id=" . $attachment['id_attachment'] . "&topic=" . $id_parent . "'>" . $flink . "</a>";
$first = false;
}
echo '</div>';
}
echo '</div>';
print '<div id="plugin_forumml_message_content_' . $msg['id_message'] . '" class="plugin_forumml_message_content_std">';
$body = str_replace("\r\n", "\n", $body);
// If there is no cached html of if user requested to regenerate the cache, do it, otherwise use cached HTML.
if (!$bodyIsCached) {
// Purify message body, according to the content-type
if ($is_html) {
// Update attachment links
$body = plugin_forumml_replace_attachment($msg['id_message'], $request->get('group_id'), $request->get('list'), $id_parent, $body);
// Use CODENDI_PURIFIER_FULL for html mails
$msg['cached_html'] = $hp->purify($body, CODENDI_PURIFIER_FULL, $request->get('group_id'));
} else {
// CODENDI_PURIFIER_FORUMML level : no basic html markups, no forms, no javascript,
// Allowed: url + automagic links + <blockquote>
$purified_body = $hp->purify($body, CODENDI_PURIFIER_CONVERT_HTML, $request->get('group_id'));
$purified_body = str_replace('>', '>', $purified_body);
$tab_body = '';
$level = 0;
$current_level = 0;
$search_for_quotes = false;
$maxi = strlen($purified_body);
for ($i = 0; $i < $maxi; ++$i) {
if ($search_for_quotes) {
if ($purified_body[$i] == ">") {
++$current_level;
if ($level < $current_level) {
$tab_body .= '<blockquote class="grep">';
++$level;
}
} else {
$search_for_quotes = false;
if ($level > $current_level) {
$tab_body .= '</blockquote>';
--$level;
}
if ($purified_body[$i] == "\n" && $i < $maxi - 1) {
$search_for_quotes = true;
$current_level = 0;
}
$tab_body .= $purified_body[$i];
}
} else {
if ($purified_body[$i] == "\n" && $i < $maxi - 1) {
$search_for_quotes = true;
$current_level = 0;
}
$tab_body .= $purified_body[$i];
}
}
$purified_body = str_replace('>', '>', $purified_body);
$msg['cached_html'] = nl2br($tab_body);
}
db_query('UPDATE plugin_forumml_message SET cached_html="' . db_es($msg['cached_html']) . '" WHERE id_message=' . $msg['id_message']);
}
echo $msg['cached_html'];
echo '</div>';
// Reply
echo '<div class="plugin_forumml_message_footer">';
// If you click on 'Reply', load reply form
$vMess = new Valid_UInt('id_mess');
$vMess->required();
if ($request->valid($vMess) && $request->get('id_mess') == $msg['id_message']) {
$vReply = new Valid_WhiteList('reply', array(0, 1));
$vReply->required();
if ($request->valid($vReply) && $request->get('reply') == 1) {
if ($is_html) {
$body = $hp->purify($body, CODENDI_PURIFIER_STRIP_HTML);
} else {
$body = $hp->purify($body, CODENDI_PURIFIER_CONVERT_HTML);
}
plugin_forumml_reply($hp, $msg['subject'], $msg['id_message'], $id_parent, $body, $msg['sender']);
}
} else {
print "<a href='message.php?group_id=" . $request->get('group_id') . "&topic=" . $id_parent . "&id_mess=" . $msg['id_message'] . "&reply=1&list=" . $request->get('list') . "#reply-" . $msg['id_message'] . "'>\n <img src='" . $p->getThemePath() . "/images/ic/comment_add.png'/>\n " . $GLOBALS['Language']->getText('plugin_forumml', 'reply') . "\n </a>";
}
echo '</div>';
echo '</div>';
}