/** * @param cbautoactionsActionTable $trigger * @param UserTable $user */ public function execute( $trigger, $user ) { $params = $trigger->getParams()->subTree( 'loginlogout' ); cbimport( 'cb.authentication' ); $cbAuthenticate = new CBAuthentication(); $isHttps = ( isset( $_SERVER['HTTPS'] ) && ( ! empty( $_SERVER['HTTPS'] ) ) && ( $_SERVER['HTTPS'] != 'off' ) ); $returnUrl = 'http' . ( $isHttps ? 's' : '' ) . '://' . $_SERVER['HTTP_HOST']; if ( ( ! empty( $_SERVER['PHP_SELF'] ) ) && ( ! empty( $_SERVER['REQUEST_URI'] ) ) ) { $returnUrl .= $_SERVER['REQUEST_URI']; } else { $returnUrl .= $_SERVER['SCRIPT_NAME']; if ( isset( $_SERVER['QUERY_STRING'] ) && ( ! empty( $_SERVER['QUERY_STRING'] ) ) ) { $returnUrl .= '?' . $_SERVER['QUERY_STRING']; } } $returnUrl = cbUnHtmlspecialchars( preg_replace( '/[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']/', '""', preg_replace( '/eval\((.*)\)/', '', htmlspecialchars( urldecode( $returnUrl ) ) ) ) ); if ( preg_match( '/index.php\?option=com_comprofiler&task=confirm&confirmCode=|index.php\?option=com_comprofiler&view=confirm&confirmCode=|index.php\?option=com_comprofiler&task=login|index.php\?option=com_comprofiler&view=login/', $returnUrl ) ) { $returnUrl = 'index.php'; } $redirect = $trigger->getSubstituteString( $params->get( 'redirect', null, GetterInterface::STRING ), array( 'cbautoactionsClass', 'escapeURL' ) ); if ( $redirect ) { $returnUrl = $redirect; } $message = $trigger->getSubstituteString( CBTxt::T( $params->get( 'message', null, GetterInterface::RAW ) ), false ); if ( $params->get( 'mode', 1, GetterInterface::BOOLEAN ) ) { $messagesToUser = array(); $alertMessages = array(); if ( $params->get( 'method', 1, GetterInterface::BOOLEAN ) ) { $credentials = $trigger->getSubstituteString( $params->get( 'username', null, GetterInterface::STRING ) ); $method = 0; } else { $credentials = $trigger->getSubstituteString( $params->get( 'email', null, GetterInterface::STRING ) ); $method = 1; } $resultError = $cbAuthenticate->login( $credentials, false, 0, 1, $returnUrl, $messagesToUser, $alertMessages, $method ); if ( $redirect ) { cbRedirect( $redirect, ( $resultError ? $resultError : ( $message ? $message : ( $alertMessages ? stripslashes( implode( '<br />', $alertMessages ) ) : null ) ) ), ( $resultError ? 'error' : 'message' ) ); } } else { $resultError = $cbAuthenticate->logout( $returnUrl ); if ( $redirect ) { cbRedirect( $redirect, ( $resultError ? $resultError : ( $message ? $message : CBTxt::T( 'LOGOUT_SUCCESS', 'You have successfully logged out' ) ) ), ( $resultError ? 'error' : 'message' ) ); } } }
static function getReturnURL($params, $type) { global $cbSpecialReturnAfterLogin, $cbSpecialReturnAfterLogout; static $returnUrl = null; if (!isset($returnUrl)) { $returnUrl = Application::Input()->get('get/return', '', GetterInterface::BASE64); if ($returnUrl) { $returnUrl = base64_decode($returnUrl); if (!JUri::isInternal($returnUrl)) { // The URL isn't internal to the site; reset it to index to be safe: $returnUrl = 'index.php'; } } else { $isHttps = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off'; $returnUrl = 'http' . ($isHttps ? 's' : '') . '://' . $_SERVER['HTTP_HOST']; if (!empty($_SERVER['PHP_SELF']) && !empty($_SERVER['REQUEST_URI'])) { $returnUrl .= $_SERVER['REQUEST_URI']; } else { $returnUrl .= $_SERVER['SCRIPT_NAME']; if (isset($_SERVER['QUERY_STRING']) && !empty($_SERVER['QUERY_STRING'])) { $returnUrl .= '?' . $_SERVER['QUERY_STRING']; } } } $returnUrl = cbUnHtmlspecialchars(preg_replace('/[\\\\"\\\'][\\s]*javascript:(.*)[\\\\"\\\']/', '""', preg_replace('/eval\\((.*)\\)/', '', htmlspecialchars(urldecode($returnUrl))))); if (preg_match('/index.php\\?option=com_comprofiler&task=confirm&confirmCode=|index.php\\?option=com_comprofiler&view=confirm&confirmCode=|index.php\\?option=com_comprofiler&task=login|index.php\\?option=com_comprofiler&view=login/', $returnUrl)) { $returnUrl = 'index.php'; } } $secureForm = (int) $params->get('https_post', 0); if ($type == 'login') { $loginReturnUrl = $params->get('login', $returnUrl); if (isset($cbSpecialReturnAfterLogin)) { $loginReturnUrl = $cbSpecialReturnAfterLogin; } $url = cbSef($loginReturnUrl, true, 'html', $secureForm); } elseif ($type == 'logout') { $logoutReturnUrl = $params->get('logout', 'index.php'); if ($logoutReturnUrl == '#') { $logoutReturnUrl = $returnUrl; } if (isset($cbSpecialReturnAfterLogout)) { $logoutReturnUrl = $cbSpecialReturnAfterLogout; } $url = cbSef($logoutReturnUrl, true, 'html', $secureForm); } else { $url = $returnUrl; } return base64_encode($url); }
/** * Generates the HTML to display the user edit tab * @param moscomprofilerTab $tab the tab database entry * @param moscomprofilerUser $user the user being displayed * @param int $ui 1 for front-end, 2 for back-end * @return mixed either string HTML for tab content, or false if ErrorMSG generated */ function getEditTab( $tab, $user, $ui) { global $my, $_CB_framework, $_POST, $mainframe; // $mainframe needed by the require if( intval( $_CB_framework->myId() ) < 1 ) { cbNotAuth(); return false; } if(!$this->_CheckYancInstalled()) { return _UE_NEWSLETTERNOTINSTALLED; } require_once( $_CB_framework->getCfg('absolute_path') . _NEWSLETTERFILE ); $newslettersSubscriptions = new YancSubscription(); $return=""; if ($user->id) { $rows = $newslettersSubscriptions->getSubscriberLists($user); if (isset($_POST['newsLhtml'])) { $postedLists = cbGetParam($_POST, 'newsLitems', array(0)); $postedHtml = cbGetParam($_POST, 'newsLhtml', 1); for ($i = 0, $n=count($rows); $i < $n; $i++) { $rows[$i]->subscribed = in_array($rows[$i]->id,$postedLists); $rows[$i]->receive_html = $postedHtml; } } } else { $params=$this->params; $newslettersRegList=$params->get('newslettersRegList'); $listsArray = (isset($newslettersRegList)) ? explode("|*|", $newslettersRegList) : null; $rows = $newslettersSubscriptions->getLists($my, $listsArray); $postedLists = cbGetParam($_POST, 'newsLitems', array(0)); $postedHtml = cbGetParam($_POST, 'newsLhtml', 1); for ($i = 0, $n=count($rows); $i < $n; $i++) { $rows[$i]->subscribed = in_array($rows[$i]->id,$postedLists); $rows[$i]->receive_html = $postedHtml; } } if(count($rows)==0) { $return = _UE_NONEWSLETTERS; } else { if($tab->description != null) $return .= "\t\t<div class=\"tab_Description\">".cbUnHtmlspecialchars(getLangDefinition($tab->description))."</div>\n"; $return .= $this->_getFormattedNewsletters($rows, false, _UE_NEWSLETTER_NAME, _UE_NEWSLETTER_DESCRIPTION); } return $return; }
/** * Draws the user profile tab "Subscriptions" (if enabled, user is the profile owner, and something to display. * * @param string $htmlSubscriptionsAndUpgrades * @param string $htmlInvoicesLink * @param string $tabTitleText * @param string $htmlTabDescription * @return string */ public function drawTab($htmlSubscriptionsAndUpgrades, $htmlInvoicesLink, $tabTitleText, $htmlTabDescription) { global $ueConfig; $this->htmlSubscriptionsAndUpgrades = $htmlSubscriptionsAndUpgrades; $this->htmlInvoicesLink = $htmlInvoicesLink; $this->htmlTabDescription = $htmlTabDescription; $user = $this->_model; $title = cbReplaceVars(CBPTXT::Th(cbUnHtmlspecialchars($tabTitleText)), $user); if ($title) { $name = getNameFormat($user->name, $user->username, $ueConfig['name_format']); $title = sprintf($title, $name); } $this->htmlTabTitle = $title; return $this->display(); }
/** * Returns a DELIMITER field in specified format * * @param FieldTable $field * @param UserTable $user * @param string $output 'html', 'xml', 'json', 'php', 'csvheader', 'csv', 'rss', 'fieldslist', 'htmledit' * @param string $reason 'profile' for user profile view, 'edit' for profile edit, 'register' for registration, 'list' for user-lists * @param int $list_compare_types IF reason == 'search' : 0 : simple 'is' search, 1 : advanced search with modes, 2 : simple 'any' search * @return mixed */ public function getField(&$field, &$user, $output, $reason, $list_compare_types) { $value = cbReplaceVars(cbUnHtmlspecialchars($field->description), $user); //TBD: unhtml is kept for backwards database compatibility until CB 2.0 if ($field->params->get('field_content_plugins', 0)) { $value = Application::Cms()->prepareHtmlContentPlugins($value); } $return = $this->_formatFieldOutput($field->name, $value, $output, false); if ($output == 'htmledit') { $return .= $this->_fieldIconsHtml($field, $user, $output, $reason, null, null, $value, null, null, false, false); } return $return; }
/** * @param string $option */ function saveRegistrationNOCHECKSLOL($option) { global $_CB_framework, $_CB_database, $ueConfig, $_POST, $_PLUGINS; // Check rights to access: if ($_CB_framework->getCfg('allowUserRegistration') == '0' && (!isset($ueConfig['reg_admin_allowcbregistration']) || $ueConfig['reg_admin_allowcbregistration'] != '1') || $_CB_framework->myId()) { cbNotAuth(); return; } if (!isset($ueConfig['emailpass'])) { $ueConfig['emailpass'] = '******'; } $userComplete = new moscomprofilerUser($_CB_database); // Pre-registration trigger: $_PLUGINS->loadPluginGroup('user'); $_PLUGINS->trigger('onStartSaveUserRegistration', array()); if ($_PLUGINS->is_errors()) { echo "<script type=\"text/javascript\">alert('" . addslashes($_PLUGINS->getErrorMSG()) . "'); </script>\n"; $oldUserComplete = new moscomprofilerUser($_CB_database); $userComplete->bindSafely($_POST, $_CB_framework->getUi(), 'register', $oldUserComplete); HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $_PLUGINS->getErrorMSG("<br />")); return; } // Check if this user already registered with exactly this username and password: $username = cbGetParam($_POST, 'username', ''); $usernameExists = $userComplete->loadByUsername($username); if ($usernameExists) { $password = cbGetParam($_POST, 'password', '', _CB_ALLOWRAW); if ($userComplete->verifyPassword($password)) { $pwd_md5 = $userComplete->password; $userComplete->password = $password; $messagesToUser = activateUser($userComplete, 1, 'SameUserRegistrationAgain'); $userComplete->password = $pwd_md5; echo "\n<div>" . implode("</div>\n<div>", $messagesToUser) . "</div>\n"; return; } else { $msg = sprintf(_UE_USERNAME_ALREADY_EXISTS, $username); echo "<script type=\"text/javascript\">alert('" . addslashes($msg) . "'); </script>\n"; $oldUserComplete = new moscomprofilerUser($_CB_database); $userComplete->bindSafely($_POST, $_CB_framework->getUi(), 'register', $oldUserComplete); HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, htmlspecialchars($msg)); return; } } // Store and check terms and conditions accepted (not a field yet !!!!): if (isset($_POST['acceptedterms'])) { $userComplete->acceptedterms = (int) cbGetParam($_POST, 'acceptedterms', 0) == 1 ? 1 : 0; } else { $userComplete->acceptedterms = null; } if ($ueConfig['reg_enable_toc']) { if ($userComplete->acceptedterms != 1) { echo "<script type=\"text/javascript\">alert('" . addslashes(cbUnHtmlspecialchars(_UE_TOC_REQUIRED)) . "'); </script>\n"; $oldUserComplete = new moscomprofilerUser($_CB_database); $userComplete->bindSafely($_POST, $_CB_framework->getUi(), 'register', $oldUserComplete); HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, _UE_TOC_REQUIRED . '<br />'); return; } } // Set id to 0 for autoincrement and store IP address used for registration: $userComplete->id = 0; $userComplete->registeripaddr = cbGetIPlist(); // Store new user state: $saveResult = $userComplete->saveSafely($_POST, $_CB_framework->getUi(), 'register'); if ($saveResult === false) { echo "<script type=\"text/javascript\">alert('" . str_replace('\\\\n', '\\n', addslashes(strip_tags(str_replace('<br />', '\\n', $userComplete->getError())))) . "'); </script>\n"; HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $userComplete->getError()); return; } if ($saveResult['ok'] === true) { $messagesToUser = activateUser($userComplete, 1, "UserRegistration"); } foreach ($saveResult['tabs'] as $res) { if ($res) { $messagesToUser[] = $res; } } if ($saveResult['ok'] === false) { echo "<script type=\"text/javascript\">alert('" . str_replace('\\\\n', '\\n', addslashes(strip_tags(str_replace('<br />', '\\n', $userComplete->getError())))) . "'); </script>\n"; HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $userComplete->getError()); return; } $_PLUGINS->trigger('onAfterUserRegistrationMailsSent', array(&$userComplete, &$userComplete, &$messagesToUser, $ueConfig['reg_confirmation'], $ueConfig['reg_admin_approval'], true)); foreach ($saveResult['after'] as $res) { if ($res) { echo "\n<div>" . $res . "</div>\n"; } } if ($_PLUGINS->is_errors()) { echo $_PLUGINS->getErrorMSG(); HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $_PLUGINS->getErrorMSG()); return; } echo "\n<div>" . implode("</div>\n<div>", $messagesToUser) . "</div>\n"; }
/** * Implements a form firstwords field * * @param string $name The name of the form element * @param string $value The value of the element * @param SimpleXMLElement $node The xml element for the parameter * @param string $control_name The control name * @return string The html for the element */ function _form_firstwords( $name, $value, &$node, $control_name ) { if ( $this->_view ) { $size = $node->attributes( 'size' ); if ( ! $size ) { $size = 45; } $strippedContent = trim( strip_tags( cbUnHtmlspecialchars( $value ) ) ); if ( cbIsoUtf_strlen( $strippedContent ) > $size ) { $content = '<span title="' . htmlspecialchars($strippedContent ) . '">' . htmlspecialchars( cbIsoUtf_substr( $strippedContent, 0, $size ) . '...' ) . '</span>'; } else { $content = htmlspecialchars( $strippedContent ); } return $content; } else { return $this->_form_textarea($name, $value, $node, $control_name ); } }
/** * Notifies connection changes * * @param int $userId * @param int $connectionId * @param string $msg * @param string $subject * @param string $messageHTML * @param string $messageText * @param string $userMessage * @return boolean */ protected function _notifyConnectionChange( $userId, $connectionId, $msg, $subject, $messageHTML, $messageText, $userMessage = null ) { global $_CB_framework, $ueConfig; $rowFrom = new UserTable(); $rowFrom->load( (int) $userId ); $fromName = getNameFormat( $rowFrom->name, $rowFrom->username, $ueConfig['name_format'] ); $fromURL = 'index.php?option=com_comprofiler&view=userprofile&user='******'&tab=1' . getCBprofileItemid(true); $fromURL = cbSef( $fromURL ); if ( strncasecmp( 'http', $fromURL, 4 ) != 0 ) { $fromURL = $_CB_framework->getCfg( 'live_site' ) . '/' . $fromURL; } $subject = sprintf( $subject, $fromName ); if ( $userMessage != null ) { $messageHTML .= sprintf( str_replace( "\n", "\n<br />", CBTxt::T( 'UE_CONNECTIONMSGPREFIX', " %s included the following personal message:\n\n%s" ) ), htmlspecialchars( $fromName ), '<strong>' . htmlspecialchars( $userMessage ) . '</strong>' ); $messageText .= sprintf( str_replace( "\n", "\r\n", CBTxt::T( 'UE_CONNECTIONMSGPREFIX', " %s included the following personal message:\n\n%s" ) ), $fromName, $userMessage ); } $notificationMsgHTML = sprintf( $messageHTML, '<strong><a href="' . $fromURL . '">' . htmlspecialchars( $fromName ) . '</a></strong>' ); $notificationMsgText = sprintf( $messageText, $fromName ); $manageURL = 'index.php?option=com_comprofiler&view=manageconnections' . getCBprofileItemid( true ); $manageURL = cbSef( $manageURL ); if ( strncasecmp( 'http', $manageURL, 4 ) != 0 ) { $manageURL = $_CB_framework->getCfg( 'live_site' ) . '/' . $manageURL; } $notificationMsgHTML = $notificationMsgHTML . "\n<br /><br /><a href=\"" . $manageURL . '">' . CBTxt::T( 'UE_MANAGECONNECTIONS_LINK UE_MANAGECONNECTIONS', 'Manage Connections' ) . "</a>\n"; $notificationMsgText = $notificationMsgText . "\r\n\r\n\r\n" . $fromName . ' ' . CBTxt::T( 'CONNECTION_PROFILE UE_PROFILE', 'Profile' ) . ': ' . cbUnHtmlspecialchars( $fromURL ); $notificationMsgText = $notificationMsgText . "\r\n\r\n" . CBTxt::T( 'UE_MANAGECONNECTIONS_URL_LABEL UE_MANAGECONNECTIONS', 'Manage Connections' ) . ': ' . cbUnHtmlspecialchars( $manageURL ) . "\r\n"; $notificationMsgHTML = '<div style="padding: 4px; margin: 4px 3px 6px 0px; background: #C44; font-weight: bold;" class="cbNotice">' . CBTxt::T( 'UE_SENDPMSNOTICE', 'NOTE: This is a message generated automatically by the Connections system. It has the connecting user\'s address, so you can conveniently reply if you wish to.' ) . "</div>\n\n" . $notificationMsgHTML; $cbNotification = new cbNotification(); $cbNotification->sendFromUser( $connectionId, $userId, $subject, $notificationMsgHTML, $notificationMsgText ); $this->_setUserMSG( $msg ); return true; }
/** * Converts an URL to an absolute URI with or without SEF format * * @param string $string The relative URL * @param bool $htmlSpecials TRUE (default): apply htmlspecialchars to sefed URL, FALSE: don't. * @param string $format 'html', 'component', 'raw', 'rawrel' (added in CB 1.2.3) * @param int $ssl 1 force HTTPS, 0 leave as is, -1 for HTTP (added in CB 1.10.0) * @param bool $sef TRUE (default): apply SEF if possible, FALSE: don't SEF (added in CB 1.10.0) * @return string The absolute URL (relative if rawrel) */ function cbSef($string, $htmlSpecials = true, $format = 'html', $ssl = 0, $sef = true) { if ($format == 'html') { if ($string == 'index.php' || $string == '') { $uri = $this->getCfg('live_site') . '/'; } else { if ($sef) { if ($this->getUi() == 1 && (substr($string, 0, 9) == 'index.php' || $string[0] == '?') && is_callable($this->_cmsSefFunction) && !(checkJversion() == 0 && strpos($string, '[') !== false)) { if ($string == 'index.php?option=com_comprofiler') { $string .= '&view=userprofile'; } $uri = call_user_func_array($this->_cmsSefFunction, array(cbUnHtmlspecialchars($string))); } else { $uri = $string; } } else { $uri = $string; } if (!in_array(substr($uri, 0, 4), array('http', 'java'))) { if (strlen($uri) > 1 && $uri[0] == '/') { // we got special case of an absolute link without live_site, but an eventual subdirectory of live_site is included...need to strip live_site: $matches = array(); if (preg_match('!^([^:]+://)([^/]+)(/.*)$!', $this->getCfg('live_site'), $matches) && $matches[3] == substr($uri, 0, strlen($matches[3]))) { $uri = $matches[1] . $matches[2] . $uri; // 'http://' . 'site.com' . '/...... } else { $uri = $this->getCfg('live_site') . $uri; } } else { $uri = $this->getCfg('live_site') . '/' . $uri; } } } } else { if (substr($string, 0, 9) == 'index.php') { if ($format == 'rawrel') { $format = 'raw'; $uri = ''; } else { $uri = $this->getCfg('live_site') . '/'; } if (checkJversion() >= 1) { // Joomla 1.5, 1.6: if ($format == 'component') { $uri .= $string . '&tmpl=' . $format; } else { $uri .= $string . '&format=' . $format; } } else { // Mambo 4.5, 4.6, Joomla 1.0: $uri .= 'index2.php' . substr($string, 9); if ($format == 'component') { $uri .= '&tmpl=' . $format; } else { $uri .= '&no_html=1&format=' . $format; } } } else { $uri = $string; } } if (!$htmlSpecials) { $uri = cbUnHtmlspecialchars($uri); } else { $uri = htmlspecialchars(cbUnHtmlspecialchars($uri)); // quite a few sefs, including Mambo and Joomla's non-sef are buggy. } if ((int) $ssl === 1) { $uri = str_replace('http://', 'https://', $uri); } elseif ((int) $ssl === -1) { $uri = str_replace('https://', 'http://', $uri); } return $uri; }
/** * @param cbautoactionsActionTable $trigger * @param UserTable $user */ public function execute( $trigger, $user ) { global $_CB_framework; $params = $trigger->getParams()->subTree( 'redirect' ); $redirect = $trigger->getSubstituteString( $params->get( 'url', null, GetterInterface::STRING ), array( 'cbautoactionsClass', 'escapeURL' ) ); if ( ! $redirect ) { if ( $trigger->getParams()->get( 'debug', false, GetterInterface::BOOLEAN ) ) { var_dump( CBTxt::T( 'AUTO_ACTION_REDIRECT_NO_URL', ':: Action [action] :: Redirect skipped due to missing url', array( '[action]' => (int) $trigger->get( 'id' ) ) ) ); } return; } $message = $trigger->getSubstituteString( CBTxt::T( $params->get( 'message', null, GetterInterface::RAW ) ), false ); $messageType = $params->get( 'type', 'message', GetterInterface::STRING ); if ( $messageType == 'custom' ) { $messageType = $trigger->getSubstituteString( $params->get( 'custom_type', null, GetterInterface::STRING ) ); } if ( substr( strtolower( $redirect ), 0, 6 ) == 'goback' ) { $back = (int) substr( strtolower( $redirect ), 6 ); if ( $message ) { $_CB_framework->enqueueMessage( $message, ( $messageType ? $messageType : null ) ); } $_CB_framework->document->addHeadScriptDeclaration( ( $back && ( $back > 0 ) ? "window.history.go( -$back );" : "window.history.back();" ) ); } elseif ( strtolower( $redirect ) == 'reload' ) { if ( $message ) { $_CB_framework->enqueueMessage( $message, ( $messageType ? $messageType : null ) ); } $_CB_framework->document->addHeadScriptDeclaration( "window.location.reload();" ); } else { if ( strtolower( $redirect ) == 'return' ) { $isHttps = ( isset( $_SERVER['HTTPS'] ) && ( ! empty( $_SERVER['HTTPS'] ) ) && ( $_SERVER['HTTPS'] != 'off' ) ); $redirect = 'http' . ( $isHttps ? 's' : '' ) . '://' . $_SERVER['HTTP_HOST']; if ( ( ! empty( $_SERVER['PHP_SELF'] ) ) && ( ! empty( $_SERVER['REQUEST_URI'] ) ) ) { $redirect .= $_SERVER['REQUEST_URI']; } else { $redirect .= $_SERVER['SCRIPT_NAME']; if ( isset( $_SERVER['QUERY_STRING'] ) && ( ! empty( $_SERVER['QUERY_STRING'] ) ) ) { $redirect .= '?' . $_SERVER['QUERY_STRING']; } } $redirect = cbUnHtmlspecialchars( preg_replace( '/[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']/', '""', preg_replace( '/eval\((.*)\)/', '', htmlspecialchars( urldecode( $redirect ) ) ) ) ); if ( preg_match( '/index.php\?option=com_comprofiler&task=confirm&confirmCode=|index.php\?option=com_comprofiler&view=confirm&confirmCode=|index.php\?option=com_comprofiler&task=login|index.php\?option=com_comprofiler&view=login/', $redirect ) ) { $redirect = 'index.php'; } } cbRedirect( $redirect, $message, ( $message ? ( $messageType ? $messageType : null ) : null ) ); } }
/** * Returns the tab description with all replacements of variables and of language strings made. * * @param moscomprofilerTabs $tab * @param moscomprofilerUser $user * @param string $htmlId div id tag for the description html div * @return string */ function _writeTabDescription($tab, $user, $htmlId = null) { if ($tab->description != null) { $return = "\t\t<div class=\"tab_Description\"" . ($htmlId ? " id=\"" . $htmlId . "\"" : "") . ">" . cbReplaceVars(cbUnHtmlspecialchars($tab->description), $user) . "</div>\n"; } else { $return = null; } return $return; }
function _notifyConnectionChange($userid, $connectionid, $msg, $subject, $messageHTML, $messageText, $userMessage = null) { global $_CB_framework, $_CB_database, $ueConfig; $rowFrom = new moscomprofilerUser($_CB_database); $rowFrom->load((int) $userid); $fromname = getNameFormat($rowFrom->name, $rowFrom->username, $ueConfig['name_format']); $fromURL = "index.php?option=com_comprofiler&task=userProfile&user="******"&tab=1" . getCBprofileItemid(true); $fromURL = cbSef($fromURL); if (strncasecmp("http", $fromURL, 4) != 0) { $fromURL = $_CB_framework->getCfg('live_site') . "/" . $fromURL; } $subject = sprintf($subject, $fromname); if ($userMessage != null) { $messageHTML .= sprintf(str_replace("\n", "\n<br />", _UE_CONNECTIONMSGPREFIX), $fromname, "<strong>" . htmlspecialchars($userMessage) . "</strong>"); $messageText .= sprintf(str_replace("\n", "\r\n", _UE_CONNECTIONMSGPREFIX), $fromname, $userMessage); } $nmsgHTML = sprintf($messageHTML, '<strong><a href="' . $fromURL . '">' . $fromname . '</a></strong>'); $nmsgText = sprintf($messageText, $fromname); $manageURL = 'index.php?option=com_comprofiler&task=manageConnections' . getCBprofileItemid(true); $manageURL = cbSef($manageURL); if (strncasecmp("http", $manageURL, 4) != 0) { $manageURL = $_CB_framework->getCfg('live_site') . "/" . $manageURL; } $nmsgHTML = $nmsgHTML . "\n<br /><br /><a href=\"" . $manageURL . "\">" . _UE_MANAGECONNECTIONS . "</a>\n"; $nmsgText = $nmsgText . "\r\n\r\n\r\n" . $fromname . " " . _UE_PROFILE . ": " . cbUnHtmlspecialchars($fromURL); $nmsgText = $nmsgText . "\r\n\r\n" . _UE_MANAGECONNECTIONS . ": " . cbUnHtmlspecialchars($manageURL) . "\r\n"; $nmsgHTML = '<div style="padding: 4px; margin: 4px 3px 6px 0px; background: #C44; font-weight: bold;" class="cbNotice">' . _UE_SENDPMSNOTICE . "</div>\n\n" . $nmsgHTML; $cbNotification = new cbNotification(); $cbNotification->sendFromUser($connectionid, $userid, $subject, $nmsgHTML, $nmsgText); $this->_setUserMSG($msg); return true; }
/** * Returns an URL for the gateway depending on parameters * * @param string $result * @param UserTable|null $user * @param cbpaidPaymentBasket|null $paymentBasket * @param string[string] $additionalUrlVars * @param boolean $htmlspecialchars * @param boolean $noAccount * @param boolean $sefed * @param string[] $additionalNotPrefixedVars * @return string */ protected function cbsubsGatewayUrl($result, $user, $paymentBasket, $additionalUrlVars = null, $htmlspecialchars = true, $noAccount = false, $sefed = true, $additionalNotPrefixedVars = null) { if ($additionalUrlVars === null) { $additionalUrlVars = array(); } $basegetarray = $this->_baseUrlArray($user, $paymentBasket ? $paymentBasket->id : null, $additionalUrlVars, $noAccount); $uri = $this->_getAbsURLwithParam($basegetarray, 'pluginclass', false) . '&result=' . urlencode($result) . ($paymentBasket ? '&cbpid=' . urlencode($paymentBasket->shared_secret) : ''); if ($additionalNotPrefixedVars) { foreach ($additionalNotPrefixedVars as $k => $v) { $uri .= '&' . $k . '=' . urlencode($v); } } if ($sefed) { return cbSef($uri, $htmlspecialchars); } else { return $htmlspecialchars ? $uri : cbUnHtmlspecialchars($uri); } }
/** * Returns the tab description with all replacements of variables and of language strings made. * * @param cbTabHandler $tab * @param moscomprofilerUser $user * @param string $htmlId div id tag for the description html div * @return string */ function _writeTabDescription( $tab, $user, $htmlId = null ) { if ( $tab->description != null ) { $return = "\t\t<div class=\"tab_Description\"" . ( $htmlId ? " id=\"" . $htmlId . "\"" : "" ) . ">" . cbReplaceVars( cbUnHtmlspecialchars( $tab->description ), $user ) //TBD later: remove cbUnHtmlSpecialchars, as from CB 1.2 on the row is stored fine. ."</div>\n"; } else { $return = null; } return $return; }
/** * Converts an URL to an absolute URI with SEF format * * @param string $string The relative URL * @param string $htmlSpecials TRUE (default): apply htmlspecialchars to sefed URL, FALSE: don't. * @param string $format 'html', 'component', 'raw', 'rawrel' (added in CB 1.2.3) * @return string The absolute URL (relative if rawrel) */ function cbSef( $string, $htmlSpecials = true, $format = 'html' ) { if ( $format == 'html' ) { if ( ( $string == 'index.php' ) || ( $string == '' ) ) { $uri = $this->getCfg( 'live_site' ) . '/'; } else { if ( ( $this->getUi() == 1 ) && ( ( substr( $string, 0, 9 ) == 'index.php' ) || ( $string[0] == '?' ) ) && is_callable( $this->_cmsSefFunction ) && ( ! ( ( checkJversion() == 0 ) && ( strpos( $string, '[' ) !== false ) ) ) ) // this is due to a bug in joomla 1.0 includes/sef.php line 426 and 501 not handling arrays at all. { $uri = call_user_func_array( $this->_cmsSefFunction, array( $this->_sefFuncHtmlEnt ? $string : cbUnHtmlspecialchars( $string ) ) ); } else { $uri = $string; } if ( ! in_array( substr( $uri, 0, 4 ), array( 'http', 'java' ) ) ) { if ( ( strlen( $uri ) > 1 ) && ( $uri[0] == '/' ) ) { // we got special case of an absolute link without live_site, but an eventual subdirectory of live_site is included...need to strip live_site: $matches = array(); if ( ( preg_match( '!^([^:]+://)([^/]+)(/.*)$!', $this->getCfg( 'live_site' ), $matches ) ) && ( $matches[3] == substr( $uri, 0, strlen( $matches[3] ) ) ) ) { $uri = $matches[1] . $matches[2] . $uri; // 'http://' . 'site.com' . '/...... } else { $uri = $this->getCfg( 'live_site' ) . $uri; } } else { $uri = $this->getCfg( 'live_site' ) . '/' . $uri; } } } } else /* if ( $format == 'raw' || $format == 'rawrel' || $format == 'component' ) */ { if ( substr( $string, 0, 9 ) == 'index.php' ) { if ( $format == 'rawrel' ) { $format = 'raw'; $uri = ''; } else { $uri = $this->getCfg( 'live_site' ) . '/'; } if ( checkJversion() >= 1 ) { // Joomla 1.5, 1.6: if ( $format == 'component' ) { $uri .= $string . '&tmpl=' . $format; } else { $uri .= $string . '&format=' . $format; } } else { // Mambo 4.5, 4.6, Joomla 1.0: $uri .= 'index2.php' . substr( $string, 9 ); if ( $format == 'component' ) { $uri .= '&tmpl=' . $format; } else { $uri .= '&no_html=1&format=' . $format; } } } else { $uri = $string; } } if ( ! $htmlSpecials ) { $uri = cbUnHtmlspecialchars( $uri ); } else { $uri = htmlspecialchars( cbUnHtmlspecialchars( $uri ) ); // quite a few sefs, including Mambo and Joomla's non-sef are buggy. } return $uri; }
/** * Returns a DELIMITER field in specified format * * @param moscomprofilerFields $field * @param moscomprofilerUser $user * @param string $output 'html', 'xml', 'json', 'php', 'csvheader', 'csv', 'rss', 'fieldslist', 'htmledit' * @param string $reason 'profile' for user profile view, 'edit' for profile edit, 'register' for registration, 'list' for user-lists * @param int $list_compare_types IF reason == 'search' : 0 : simple 'is' search, 1 : advanced search with modes, 2 : simple 'any' search * @return mixed */ function getField(&$field, &$user, $output, $reason, $list_compare_types) { $value = cbReplaceVars(getLangDefinition(cbUnHtmlspecialchars($field->description)), $user); //TBD: unhtml is kept for backwards database compatibility until CB 2.0 return $this->_formatFieldOutput($field->name, $value, $output, false); }
/** * Returns a provider button * * @param string $provider * @param int $horizontal * @return null|string */ public function getButton( $provider, $horizontal = 1 ) { global $_CB_framework; if ( ! ( $provider && isset( $this->providers[$provider] ) ) ) { return null; } $fieldName = $this->providers[$provider]['field']; $siteName = $this->providers[$provider]['name']; $iconClass = $this->providers[$provider]['icon']; $buttonClass = $this->providers[$provider]['button']; $user = CBuser::getMyUserDataInstance(); $style = (int) $this->params->get( $provider . '_button_style', 2, GetterInterface::INT ); if ( $style == 1 ) { $horizontal = 1; } static $returnUrl = null; if ( ! isset( $returnUrl ) ) { $returnUrl = $this->input->get( 'return', null, GetterInterface::BASE64 ); if ( $returnUrl ) { $returnUrl = base64_decode( $returnUrl ); } else { $isHttps = ( isset( $_SERVER['HTTPS'] ) && ( ! empty( $_SERVER['HTTPS'] ) ) && ( $_SERVER['HTTPS'] != 'off' ) ); $returnUrl = 'http' . ( $isHttps ? 's' : '' ) . '://' . $_SERVER['HTTP_HOST']; if ( ( ! empty( $_SERVER['PHP_SELF'] ) ) && ( ! empty( $_SERVER['REQUEST_URI'] ) ) ) { $returnUrl .= $_SERVER['REQUEST_URI']; } else { $returnUrl .= $_SERVER['SCRIPT_NAME']; if ( isset( $_SERVER['QUERY_STRING'] ) && ( ! empty( $_SERVER['QUERY_STRING'] ) ) ) { $returnUrl .= '?' . $_SERVER['QUERY_STRING']; } } } $returnUrl = cbUnHtmlspecialchars( preg_replace( '/[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']/', '""', preg_replace( '/eval\((.*)\)/', '', htmlspecialchars( urldecode( $returnUrl ) ) ) ) ); if ( preg_match( '/index\.php\?option=com_comprofiler&view=login|index\.php\?option=com_comprofiler&view=pluginclass&plugin=cbconnect/', $returnUrl ) ) { $returnUrl = 'index.php'; } $returnUrl = base64_encode( $returnUrl ); } $return = null; if ( $this->params->get( $provider . '_enabled', false, GetterInterface::BOOLEAN ) ) { if ( $user->get( 'id' ) ) { if ( $this->params->get( $provider . '_link', true, GetterInterface::BOOLEAN ) && ( ! $user->get( $fieldName ) ) ) { $link = $this->params->get( $provider . '_button_link', null, GetterInterface::STRING ); $return = '<button class="cbConnectButton cbConnectButton' . ucfirst( $provider ) . ' btn btn-' . $buttonClass . ' btn-sm' . ( ! $horizontal ? ' btn-block' : null ) . '" onclick="window.location=\'' . $_CB_framework->pluginClassUrl( $this->plugin->element, false, array( 'provider' => $provider, 'action' => 'authenticate', 'return' => $returnUrl ) ) . '\'; return false;" title="' . htmlspecialchars( CBTxt::T( 'LINK_YOUR_SITENAME_ACCOUNT', 'Link your [sitename] account', array( '[sitename]' => $siteName ) ) ) . '">' . ( in_array( $style, array( 1, 2 ) ) ? '<span class="fa fa-' . $iconClass . ' fa-lg' . ( $style != 1 ? ' cbConnectButtonPrefix' : null ) . '"></span>' : null ) . ( in_array( $style, array( 2, 3 ) ) ? ( $link ? $link : CBTxt::T( 'LINK_WITH_SITENAME', 'Link with [sitename]', array( '[sitename]' => $siteName ) ) ) : null ) . '</button>' . ( $horizontal ? ' ' : null ); } } else { $signin = $this->params->get( $provider . '_button_signin', null, GetterInterface::STRING ); $return = '<button class="cbConnectButton cbConnectButton' . ucfirst( $provider ) . ' btn btn-' . $buttonClass . ' btn-sm' . ( ! $horizontal ? ' btn-block' : null ) . '" onclick="window.location=\'' . $_CB_framework->pluginClassUrl( $this->plugin->element, false, array( 'provider' => $provider, 'action' => 'authenticate', 'return' => $returnUrl ) ) . '\'; return false;" title="' . htmlspecialchars( CBTxt::T( 'LOGIN_WITH_YOUR_SITENAME_ACCOUNT', 'Login with your [sitename] account', array( '[sitename]' => $siteName ) ) ) . '">' . ( in_array( $style, array( 1, 2 ) ) ? '<span class="fa fa-' . $iconClass . ' fa-lg' . ( $style != 1 ? ' cbConnectButtonPrefix' : null ) . '"></span>' : null ) . ( in_array( $style, array( 2, 3 ) ) ? ( $signin ? $signin : CBTxt::T( 'SIGN_IN_WITH_SITENAME', 'Sign in with [sitename]', array( '[sitename]' => $siteName ) ) ) : null ) . '</button>' . ( $horizontal ? ' ' : null ); } } return $return; }
static function userProfile($user, $option, $submitvalue) { global $_CB_framework, $ueConfig, $_POST, $_PLUGINS; $_PLUGINS->loadPluginGroup('user'); $results = $_PLUGINS->trigger('onBeforeUserProfileRequest', array(&$user, 1)); if ($_PLUGINS->is_errors()) { echo "<script type=\"text/javascript\">alert(\"" . $_PLUGINS->getErrorMSG() . "\"); window.history.go(-1); </script>\n"; exit; } $cbTemplate = HTML_comprofiler::_cbTemplateLoad(); $cbMyIsModerator = isModerator($_CB_framework->myId()); $cbUserIsModerator = isModerator($user->id); $showProfile = 1; if ($user->banned != 0 || $user->block == 1 && $user->confirmed && $user->approved) { echo "<font color='red'>"; if ($user->banned != 0) { if ($_CB_framework->myId() != $user->id) { echo _UE_USERPROFILEBANNED; } else { echo _UE_BANNED_CHANGE_PROFILE; } } if ($user->block == 1 && $user->confirmed && $user->approved) { echo _UE_USERPROFILEBLOCKED; } if ($_CB_framework->myId() != $user->id && $cbMyIsModerator != 1) { $showProfile = 0; } else { if ($user->block == 1) { echo ": " . _UE_LOGIN_BLOCKED; } if ($user->banned != 0) { echo "<br />" . nl2br($user->bannedreason); } } echo "<br /></font>"; } if (!$user->confirmed) { echo "<font color='red'>" . _UE_USER_NOT_CONFIRMED . "</font><br />"; } if (!$user->approved) { echo "<font color='red'>" . _UE_USER_NOT_APPROVED . "</font><br />"; } if ((!$user->confirmed || !$user->approved) && $cbMyIsModerator != 1) { $showProfile = 0; } if ($showProfile == 1) { $results = $_PLUGINS->trigger('onBeforeUserProfileDisplay', array(&$user, 1, $cbUserIsModerator, $cbMyIsModerator)); if ($_PLUGINS->is_errors()) { echo "<script type=\"text/javascript\">alert(\"" . $_PLUGINS->getErrorMSG() . "\"); window.history.go(-1); </script>\n"; exit; } $output = 'html'; $cbUser =& CBuser::getInstance($user->id); $_CB_framework->displayedUser((int) $user->id); $userViewTabs = $cbUser->getProfileView(); /* $tabs = new cbTabs( 0, 1 ); $userViewTabs = $tabs->getViewTabs($user); // this loads, registers menu and user status and renders the tabs */ $_CB_framework->setPageTitle(cbUnHtmlspecialchars(getNameFormat($user->name, $user->username, $ueConfig['name_format']))); $_CB_framework->appendPathWay(getNameFormat($user->name, $user->username, $ueConfig['name_format'])); outputCbTemplate(1); initToolTip(1); $_CB_framework->document->addHeadScriptDeclaration(' function cbConnSubmReq() { cClick(); document.connOverForm.submit(); } function confirmSubmit() { if (confirm("' . _UE_CONFIRMREMOVECONNECTION . '")) return true ; else return false ; } '); if (is_array($results)) { echo implode('', $results); } echo "\n\t<div class=\"cbProfile\"><div id=\"cbProfileInner\">"; echo HTML_comprofiler::_cbTemplateRender($cbTemplate, $user, 'Profile', 'drawProfile', array(&$user, &$userViewTabs), $output); echo "</div><div class=\"cbClr\"></div></div>\n" . "<div class=\"cbClr\"></div>"; // end of cbProfile floating div $tab = null; if (isset($_GET['tab'])) { $tab = urldecode(stripslashes(cbGetParam($_GET, 'tab', ''))); } elseif (isset($_POST['tab'])) { $tab = stripslashes(cbGetParam($_POST, 'tab', '')); } if ($tab) { $_CB_framework->outputCbJQuery("showCBTab('" . addslashes($tab) . "');"); } if ($_CB_framework->myId() != $user->id) { recordViewHit($_CB_framework->myId(), $user->id, getenv('REMOTE_ADDR')); } $_PLUGINS->trigger('onAfterUserProfileDisplay', array($user, true)); } }
/** * Returns the current return url or generates one from current page * * @param bool|false $current * @param bool|false $raw * @return null|string */ static public function getReturn( $current = false, $raw = false ) { static $cache = array(); if ( ! isset( $cache[$current] ) ) { $url = null; if ( $current ) { $returnUrl = Application::Input()->get( 'get/return', '', GetterInterface::BASE64 ); if ( $returnUrl ) { $returnUrl = base64_decode( $returnUrl ); if ( \JUri::isInternal( $returnUrl ) ) { $url = $returnUrl; } } } else { $isHttps = ( isset( $_SERVER['HTTPS'] ) && ( ! empty( $_SERVER['HTTPS'] ) ) && ( $_SERVER['HTTPS'] != 'off' ) ); $returnUrl = 'http' . ( $isHttps ? 's' : '' ) . '://' . $_SERVER['HTTP_HOST']; if ( ( ! empty( $_SERVER['PHP_SELF'] ) ) && ( ! empty( $_SERVER['REQUEST_URI'] ) ) ) { $returnUrl .= $_SERVER['REQUEST_URI']; } else { $returnUrl .= $_SERVER['SCRIPT_NAME']; if ( isset( $_SERVER['QUERY_STRING'] ) && ( ! empty( $_SERVER['QUERY_STRING'] ) ) ) { $returnUrl .= '?' . $_SERVER['QUERY_STRING']; } } $url = cbUnHtmlspecialchars( preg_replace( '/[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']/', '""', preg_replace( '/eval\((.*)\)/', '', htmlspecialchars( urldecode( $returnUrl ) ) ) ) ); } $cache[$current] = $url; } $return = $cache[$current]; if ( ( ! $raw ) && $return ) { $return = base64_encode( $return ); } return $return; }
/** * Renders as ECHO HTML code of a table * * @param SimpleXMLElement $modelView * @param array $modelRows * @param DrawController $controllerView * @param array $options * @param string $viewType ( 'view', 'param', 'depends': means: <param> tag => param, <field> tag => view ) */ protected function renderList(&$modelView, &$modelRows, &$controllerView, &$options, $viewType = 'view') { global $_CB_framework; static $JS_loaded = 0; $pluginParams = $this->_pluginParams; $renderer = new RegistryEditView($this->input, $this->_db, $pluginParams, $this->_types, $this->_actions, $this->_views, $this->_pluginObject, $this->_tabid); $renderer->setParentView($modelView); $renderer->setModelOfDataRows($modelRows); $name = $modelView->attributes('name'); $listFieldsRows = $modelView->getElementByPath('listfields/rows'); $listFieldsPager = $modelView->getElementByPath('listfields/paging'); $filtersArray = $controllerView->filters($renderer, 'table'); $batchArray = $controllerView->batchprocess($renderer, 'table'); outputCbJs(); $tableLabel = trim(CBTxt::Th($modelView->attributes('label'))); $tableMenu = $modelView->getElementByPath('tablemenu'); if (!$JS_loaded++) { if ($controllerView->pageNav !== null) { $searchButtonJs = $controllerView->pageNav->limitstartJs(0); } else { $searchButtonJs = 'cbParentForm( this ).submit();'; } $js = "\$( '.cbTableHeader' ).on( 'click', '.cbTableHeaderExpand', function() {" . "\$( this ).removeClass( 'btn-default cbTableHeaderExpand' ).addClass( 'btn-primary cbTableHeaderCollapse' );" . "\$( this ).find( '.fa' ).removeClass( 'fa-caret-down' ).addClass( 'fa-caret-up' );" . "\$( '.' + \$( this ).data( 'toggle' ) ).slideDown();" . "});" . "\$( '.cbTableHeader' ).on( 'click', '.cbTableHeaderCollapse', function() {" . "var toggle = \$( this ).data( 'toggle' );" . "\$( this ).removeClass( 'btn-primary cbTableHeaderCollapse' ).addClass( 'btn-default cbTableHeaderExpand' );" . "\$( this ).find( '.fa' ).removeClass( 'fa-caret-up' ).addClass( 'fa-caret-down' );" . "\$( '.' + toggle ).slideUp();" . "if ( toggle == 'cbBatchTools' ) {" . "\$( '.' + toggle ).find( 'input,textarea,select' ).val( '' );" . "if ( \$.fn.cbselect ) {" . "\$( '.' + toggle ).find( 'select.cbSelect2' ).each( function() {" . "\$( this ).cbselect( 'set', '' );" . "});" . "}" . "} else {" . "\$( '.' + toggle ).find( 'input,textarea,select' ).each( function() {" . "var value = null;" . "if ( \$( this ).hasClass( 'cbSelect2' ) ) {" . "if ( \$.fn.cbselect ) {" . "value = \$( this ).cbselect( 'get' );" . "} else {" . "value = \$( this ).val();" . "}" . "} else {" . "value = \$( this ).val();" . "}" . "if ( ( value != null ) && ( value != '' ) ) {" . "\$( '.cbTableHeaderClear' ).click(); return;" . "}" . "});" . "}" . "});" . "\$( '.cbTableHeader' ).on( 'click', '.cbTableHeaderClear', function() {" . "\$( '.cbTableHeader' ).find( 'input,textarea,select' ).val( '' );" . "if ( \$.fn.cbselect ) {" . "\$( '.cbTableHeader' ).find( 'select.cbSelect2' ).each( function() {" . "\$( this ).cbselect( 'set', '' );" . "});" . "}" . $searchButtonJs . "});" . "\$( '.cbTableBrowserRowsHeader' ).on( 'click', '.cbTableBrowserSort', function() {" . "\$( '.cbTableHeader' ).find( '.cbTableBrowserSorting > select' ).val( \$( this ).data( 'table-sort' ) ).change();" . "});" . ($this->_filtered ? "\$( '.cbSearchToolsToggle' ).click();" : null); $_CB_framework->outputCbJQuery($js); } $return = '<div class="table-responsive cbTableBrowserDiv' . ($name ? ' cbDIV' . htmlspecialchars($name) : null) . '">'; if ($tableLabel || $tableMenu || $controllerView->hasSearchFields() || $controllerView->hasOrderbyFields() || count($filtersArray) > 0 || count($batchArray) > 0) { $return .= '<table class="table table-noborder cbTableBrowserHeader' . ($name ? ' cbTA' . htmlspecialchars($name) : null) . '">' . '<thead>' . '<tr class="cbTableHeader">'; if ($tableLabel || $tableMenu) { $return .= '<th style="width: 10%;" class="text-left cbTableBrowserLabel' . ($name ? ' cbTH' . htmlspecialchars($name) : null) . '">' . ($tableLabel ? $tableLabel : null); if ($tableMenu) { $menuIndex = 1; $return .= $tableLabel ? '<div><small>[ ' : null; foreach ($tableMenu->children() as $menu) { /** @var SimpleXMLElement $menu */ $menuAction = $menu->attributes('action'); $menuLabelHtml = trim(CBTxt::Th(htmlspecialchars($menu->attributes('label')))); $menuDesc = $menu->attributes('description'); if ($menuDesc) { $menuDesc = ' title="' . trim(htmlspecialchars(CBTxt::T($menuDesc))) . '"'; } $return .= $menuIndex > 1 ? ' - ' : null; if ($menuAction) { $data = null; $link = $controllerView->drawUrl($menuAction, $menu, $data, 0, true); if ($link) { $return .= '<a href="' . $link . '"' . $menuDesc . '>' . $menuLabelHtml . '</a>'; } } elseif ($menuDesc) { $return .= '<span' . $menuDesc . '>' . $menuLabelHtml . '</span>'; } else { $return .= $menuLabelHtml; } $menuIndex++; } $return .= $tableLabel ? ' ]</small></div>' : null; } $return .= '</th>'; } if ($controllerView->hasSearchFields() || $controllerView->hasOrderbyFields() || count($filtersArray) > 0 || count($batchArray) > 0) { $return .= '<th class="cbTableHeaderTools">' . '<div class="text-left clearfix cbTableBrowserTools">'; if ($controllerView->hasSearchFields()) { $return .= $controllerView->quicksearchfields(); } if (count($filtersArray) > 0) { if ($controllerView->hasSearchFields()) { $return .= ' '; } $return .= '<button type="button" class="btn btn-default cbSearchToolsToggle cbTableHeaderExpand" data-toggle="cbSearchTools">' . CBTxt::Th('Search Tools') . ' <span class="fa fa-caret-down"></span></button>'; } if (count($batchArray) > 0) { if (count($filtersArray) > 0 || $controllerView->hasSearchFields()) { $return .= ' '; } $return .= '<button type="button" class="btn btn-default cbBatchToolsToggle cbTableHeaderExpand" data-toggle="cbBatchTools">' . CBTxt::Th('Batch Tools') . ' <span class="fa fa-caret-down"></span></button>'; } $return .= ' <button type="button" class="btn btn-default cbTableHeaderClear">' . CBTxt::Th('Clear') . '</button>'; if ($controllerView->hasOrderbyFields()) { if (count($filtersArray) > 0 || count($batchArray) > 0 || $controllerView->hasSearchFields()) { $return .= ' '; } $return .= '<span class="text-right pull-right cbTableBrowserSorting">' . $controllerView->orderbyfields() . '</span>'; } $return .= '</div>'; if (count($filtersArray) > 0) { $return .= '<fieldset class="cbFilters cbSearchTools cbFieldset">' . '<legend>' . CBTxt::Th('Search Tools') . '</legend>' . implode(' ', $filtersArray) . '</fieldset>'; } if (count($batchArray) > 0) { $return .= '<fieldset class="cbBatchProcess cbBatchTools cbFieldset">' . '<legend>' . CBTxt::Th('Batch Tools') . '</legend>' . implode(' ', $batchArray) . '</fieldset>'; } $return .= '</th>'; } $return .= '</tr>' . '</thead>' . '</table>'; } if ($listFieldsRows) { $columnCount = 0; $return .= '<table class="table table-hover cbTableBrowserRows' . ($name ? ' cbTL' . htmlspecialchars($name) : null) . '">' . '<thead>' . '<tr class="cbTableBrowserRowsHeader">'; foreach ($listFieldsRows->children() as $field) { /** @var SimpleXMLElement $field */ if ($field->attributes('type') != 'hidden' && Access::authorised($field)) { $classes = RegistryEditView::buildClasses($field); $attributes = ($classes ? ' class="' . htmlspecialchars($classes) . '"' : null) . ($field->attributes('width') || $field->attributes('align') ? ' style="' . ($field->attributes('width') ? 'width: ' . htmlspecialchars($field->attributes('width')) . ';' : null) . ($field->attributes('align') ? 'text-align: ' . htmlspecialchars($field->attributes('align')) . ';' : null) . '"' : null) . ($field->attributes('nowrap') ? ' nowrap="nowrap"' : null); $fieldName = $field->attributes('name'); $fieldOrdering = $field->attributes('allowordering'); $return .= '<th' . $attributes . '>'; if ($field->attributes('type') == 'primarycheckbox') { $jsToggleAll = "cbToggleAll( this, " . count($modelRows) . ", '" . $controllerView->fieldId('id') . "' );"; $return .= '<input type="checkbox" id="' . $controllerView->fieldId('toggle') . '" name="' . $controllerView->fieldName('toggle') . '" value="" onclick="' . $jsToggleAll . '" />'; } else { $fieldIcon = null; if ($fieldOrdering) { $fieldSort = explode(',', $fieldOrdering); $fieldAsc = in_array('ascending', $fieldSort); $fieldDesc = in_array('descending', $fieldSort); if ($fieldAsc && $this->orderby == $fieldName . '_asc') { // If ascending is allowed and is already active then set click to descending if descending is allowed: if ($fieldDesc) { $return .= '<a href="javascript: void(0);" class="text-nowrap cbTableBrowserSort cbTableBrowserSortDesc" data-table-sort="' . htmlspecialchars($fieldName . '_desc') . '">'; } else { $return .= '<a href="javascript: void(0);">'; } $fieldIcon = ' <span class="fa fa-sort-alpha-asc text-default"></span>'; } elseif ($fieldDesc && $this->orderby == $fieldName . '_desc') { // If descending is allowed and is already active then set click to ascending if ascending is allowed: if ($fieldAsc) { $return .= '<a href="javascript: void(0);" class="text-nowrap cbTableBrowserSort cbTableBrowserSortAsc" data-table-sort="' . htmlspecialchars($fieldName . '_asc') . '">'; } else { $return .= '<a href="javascript: void(0);">'; } $fieldIcon = ' <span class="fa fa-sort-alpha-desc text-default"></span>'; } elseif ($fieldSort[0] == 'ascending') { // Default to ascending if this field allows it: $return .= '<a href="javascript: void(0);" class="cbTableBrowserSort cbTableBrowserSortAsc" data-table-sort="' . htmlspecialchars($fieldName . '_asc') . '">'; } elseif ($fieldSort[0] == 'descending') { // Default to descending if this field allows it: $return .= '<a href="javascript: void(0);" class="cbTableBrowserSort cbTableBrowserSortDesc" data-table-sort="' . htmlspecialchars($fieldName . '_desc') . '">'; } else { $return .= '<a href="javascript: void(0);">'; } } $return .= $field->attributes('description') ? cbTooltip(2, CBTxt::Th($field->attributes('description')), null, null, null, CBTxt::Th($field->attributes('label')), null, 'data-hascbtooltip="true"') : CBTxt::Th($field->attributes('label')); if ($fieldOrdering) { $return .= $fieldIcon . '</a>'; } } if ($field->attributes('type') == 'ordering') { if (!$fieldOrdering || in_array($this->orderby, array($fieldName . '_asc', $fieldName . '_desc', $fieldName))) { if ($fieldOrdering) { $field->addAttribute('noordering', 'false'); } if (strpos($field->attributes('onclick'), 'number') !== false) { $jsOrderSave = "cbsaveorder( this, " . count($modelRows) . ", '" . $controllerView->fieldId('id', null, false) . "', '" . $controllerView->taskName(false) . "', '" . $controllerView->subtaskName(false) . "', '" . $controllerView->subtaskValue('saveorder/' . $field->attributes('name'), false) . "' );"; $return .= ' <a href="javascript: void(0);" onclick="' . $jsOrderSave . '">' . '<span class="fa fa-save fa-lg text-default" title="' . htmlspecialchars(CBTxt::T('Save Order')) . '"></span>' . '</a>'; } } else { if ($fieldOrdering) { $field->addAttribute('noordering', 'true'); } } } $return .= '</th>'; $columnCount++; } } $return .= '</tr>' . '</thead>' . '</tbody>'; $total = count($modelRows); $controllerView->pageNav->setRowsNumber($total); if ($total) { for ($i = 0; $i < $total; $i++) { $controllerView->pageNav->setRowIndex($i); $renderer->setModelOfDataRowsNumber($i); $row = $modelRows[$i]; $rowlink = $listFieldsRows->attributes('link'); if ($rowlink) { $hrefRowEdit = $controllerView->drawUrl($rowlink, $listFieldsRows, $row, $row->id, false); if ($hrefRowEdit) { if ($listFieldsRows->attributes('target') == '_blank') { $onclickJS = 'window.open(\'' . htmlspecialchars(cbUnHtmlspecialchars($hrefRowEdit)) . '\', \'cbinvoice\', \'status=no,toolbar=no,scrollbars=yes,titlebar=no,menubar=no,resizable=yes,width=640,height=480,directories=no,location=no\'); return false;'; } else { $onclickJS = "window.location='" . htmlspecialchars(cbUnHtmlspecialchars($hrefRowEdit)) . "'"; } $rowOnclickHtml = ' onclick="' . $onclickJS . '"'; } else { $rowOnclickHtml = null; } } else { $rowOnclickHtml = null; } $controllerView->setControl_name($this->name . '[rows][' . $i . ']'); $return .= '<tr class="cbTableBrowserRow"' . $rowOnclickHtml . '>' . $renderer->renderEditRowView($listFieldsRows, $row, $controllerView, $options, $viewType, 'td') . '</tr>'; } } $controllerView->setControl_name($this->name); $return .= '</tbody>'; if ($total && (!$listFieldsPager || $listFieldsPager && $listFieldsPager->attributes('type') != 'none')) { if ($listFieldsPager) { $showPageLinks = strpos($listFieldsPager->attributes('type'), 'nopagelinks') === false; $showLimitBox = strpos($listFieldsPager->attributes('type'), 'nolimitbox') === false; $showPagesCount = strpos($listFieldsPager->attributes('type'), 'nopagescount') === false; } else { $showPageLinks = true; $showLimitBox = true; $showPagesCount = true; } if ($controllerView->pageNav->total <= $controllerView->pageNav->limit) { $showPageLinks = false; } $return .= '<tfoot>' . '<tr class="cbTableBrowserRowsPaging">' . '<th colspan="' . (int) $columnCount . '" class="text-center">' . $controllerView->pageNav->getListFooter($showPageLinks, $showLimitBox, $showPagesCount) . '</th>' . '</tr>' . '</tfoot>' . '</table>'; } elseif ($controllerView->pageNav !== null) { $return .= '</table>' . $controllerView->pageNav->getLimitBox(false); } else { $return .= '</table>'; } } elseif ($controllerView->pageNav !== null) { $return .= $controllerView->pageNav->getLimitBox(false); } $return .= '<input type="hidden" name="' . $controllerView->fieldName('subtask') . '" value="" />'; $statistics = $controllerView->getStatistics(); if ($statistics) { foreach ($statistics as $stat) { $return .= $renderer->renderEditRowView($stat['view'], $stat['values'], $controllerView, $options, 'view', 'table'); } } $return .= '</div>'; echo $return; }
function renderOneParamAndChildren( &$param, $control_name='params', $tabs=null, $viewType = 'depends', $htmlFormatting = 'table' ) { static $tabNavJS = array(); // javascript for all nested tabs. static $tabpaneCounter = 0; // level of tabs (for nested tabs) // static $tabpaneNames = array(); // names of the tabpanes of level [tabpaneCounter] for the tabpanetabs $html = array(); $viewMode = $param->attributes( 'mode' ); switch ( $viewMode ) { // case 'view': case 'show': $viewType = 'view'; break; // case 'param': case 'edit': $viewType = 'param'; break; default: break; } // treat any <attributes> below the tag to add attributes to the tag as needed: $this->extendParamAttributes( $param, $control_name, ( $viewType == 'view' ) ); switch ( $param->name() ) { case 'inherit': $from = $param->attributes( 'from' ); if ( $from ) { $fromXml = $param->xpath( $from ); if ( $fromXml && ( count( $fromXml ) > 0 ) ) { array_unshift( $this->_extenders, array( &$param ) ); foreach ( $fromXml as $fmx ) { $html[] = $this->renderAllParams( $fmx, $control_name, $tabs, $viewType, $htmlFormatting ); } } } break; case 'param': $result = $this->renderParam( $param, $control_name, ( $viewType == 'view' ), $htmlFormatting ); $dynamic = ( ( ! ( $viewType == 'view' ) ) && ( $param->attributes( 'onchange' ) == 'evaluate' ) ); if ( $dynamic && ( $viewType == 'param' ) && ( $htmlFormatting != 'fieldsListArray' ) ) { $result[1] .= '<noscript><button type="submit" name="cbdoevalpostagain" value="" class="button cbregOnChange">' . CBTxt::Th("Change") . '</button></noscript>'; } if ( $result[1] || ( $viewType != 'view' ) || ( $param->attributes( 'hideblanktext' ) != 'true' ) ) { $html[] = $this->_renderLine( $param, $result, $control_name, $htmlFormatting ); if ( $dynamic ) { $ifName = $this->_htmlId( $control_name, $param ); $this->_jsif[$ifName]['element'] = $param; $this->_jsif[$ifName]['control_name'] = $control_name; $this->_jsif[$ifName]['ifname'] = $ifName; $this->_jsif[$ifName]['onchange'] = $param->attributes( 'onchange' ); } } break; case 'params': $paramsName = $param->attributes( 'name' ); $paramsType = $param->attributes( 'type' ); if ( ( ( $paramsType == 'params' ) && $paramsName ) || ( $paramsType == 'pluginparams' ) ) { if ( $paramsType == 'params' ) { $valueObj =& $this->_parseParamsColumn( $paramsName ); } else { $valueObj =& $this->_pluginParams; } $this->pushModelOfData( $valueObj ); if ( $control_name ) { $child_cnam = $control_name . '[' . $paramsName . ']'; } else { $child_cnam = $paramsName; } $html[] = $this->renderAllParams( $param, $child_cnam, $tabs, $viewType, $htmlFormatting ); $this->popModelOfData(); } break; case 'field': $result = $this->renderParam( $param, $control_name, ( $viewType != 'param' ) ); $link = $param->attributes( 'link' ); $title = $param->attributes( 'title' ); if ( $title ) { $title = ' title="' . htmlspecialchars( CBPTXT::T( $title ) ) . '"'; } else { $title = ''; } if ( $htmlFormatting != 'fieldsListArray' ) { if ( $link ) { if ( $param->attributes( 'target' ) == '_blank' ) { $linkhref = $this->_controllerView->drawUrl( $link, $param, $this->_modelOfData[0], isset( $this->_modelOfData[0]->id ) ? $this->_modelOfData[0]->id : null, true, false ); //TBD NOT URGENT: hardcoded id column name 'id' $onclickJS = 'window.open(\'' . htmlspecialchars( cbUnHtmlspecialchars( $linkhref ) ) . '\', \'cbtablebrowserpopup\', \'status=no,toolbar=no,scrollbars=yes,titlebar=no,menubar=no,resizable=yes,width=640,height=480,directories=no,location=no\'); return false;'; $rowOnclickHtml = ' onclick="' . $onclickJS . '"'; } else { $linkhref = $this->_controllerView->drawUrl( $link, $param, $this->_modelOfData[0], isset( $this->_modelOfData[0]->id ) ? $this->_modelOfData[0]->id : null, true ); //TBD NOT URGENT: hardcoded id column name 'id' $rowOnclickHtml = ''; } $result[1] = '<a href="' . $linkhref .'"' . $title . $rowOnclickHtml . '>' . ( trim( $result[1] ) ? $result[1] : '---' ) . '</a>'; } elseif ( $title ) { $result[1] = '<span' . $title . '>' . $result[1] . '</span>'; } } $html[] = $this->_renderLine( $param, $result, $control_name, $htmlFormatting, false ); break; case 'fieldset': $htid = $this->_outputIdEqualHtmlId( $control_name, $param ); $legend = $param->attributes( 'label' ); $description = $param->attributes( 'description' ); $name = $param->attributes( 'name' ); $class = $param->attributes( 'class' ); $fieldsethtml = '<fieldset' . ( $class ? ' class="' . $class . '"' : ( $name ? ( ' class="cbfieldset_' . $name . '"' ) : '' ) ) . '>'; if ( $htmlFormatting == 'table' ) { $html[] = '<tr' . $htid . '><td colspan="3" width="100%">' . $fieldsethtml; } elseif ( $htmlFormatting == 'td' ) { $html[] = "\t\t\t<td" . $htid . ">" . $fieldsethtml; } elseif ( $htmlFormatting == 'span' ) { $html[] = '<div' . $htid . '>' . $fieldsethtml; } elseif ( $htmlFormatting == 'fieldsListArray' ) { // nothing } else { $html[] = '<fieldset' . $htid . ( $name ? ( ' class="cbfieldset_' . $name . '"' ) : '' ) . '>'; } if ( $legend && ( $htmlFormatting != 'fieldsListArray' ) ) { $html[] = '<legend' . ( $class ? ' class="' . $class . '"' : '' ) . '>' . CBTxt::Th( getLangDefinition($legend) ) . '</legend>'; } if ( $htmlFormatting == 'table' ) { $html[] = '<table class="paramlist" cellspacing="0" cellpadding="0" width="100%">'; if ( $description ) { $html[] = '<tr><td colspan="3" width="100%"><strong>' . CBTxt::Th( getLangDefinition($description) ) . '</strong></td></tr>'; } } elseif ( $htmlFormatting == 'td' ) { if ( $description ) { $html[] = '<td colspan="3" width="100%"><strong>' . CBTxt::Th( getLangDefinition($description) ) . '</strong></td>'; } } elseif ( $htmlFormatting == 'span' ) { if ( $description ) { $html[] = '<span class="cbLabelSpan">' . CBTxt::Th( getLangDefinition($description) ) . '</span> '; } $html[] = '<span class="cbFieldSpan">'; } elseif ( $htmlFormatting == 'fieldsListArray' ) { // nothing } else { if ( $description ) { $html[] = '<strong>' . CBTxt::Th( getLangDefinition($description) ) . '</strong>'; } } $html[] = $this->renderAllParams( $param, $control_name, $tabs, $viewType, $htmlFormatting ); if ( $htmlFormatting == 'table' ) { $html[] = "\n\t</table>"; $html[] = '</fieldset></td></tr>'; } elseif ( $htmlFormatting == 'td' ) { $html[] = '</fieldset></td>'; } elseif ( $htmlFormatting == 'span' ) { $html[] = '</span></fieldset></div>'; } elseif ( $htmlFormatting == 'fieldsListArray' ) { // nothing } else { $html[] = '</fieldset>'; } break; case 'fields': case 'status': $html[] = $this->renderAllParams( $param, $control_name, $tabs, $viewType, $htmlFormatting ); break; case 'if': $showInside = true; $ifType = $param->attributes( 'type' ); if ( ( $ifType == 'showhide' ) && ( ! ( $viewType == 'view' ) ) ) { $ifName = $this->_htmlId( $control_name, $param ) . $param->attributes( 'operator' ) . $param->attributes( 'value' ). $param->attributes( 'valuetype' ); // $this->_jsif[$ifName] = array(); // $this->_jsif[$ifName]['show']= array(); // $this->_jsif[$ifName]['set'] = array(); if ( count( $param->children() ) > 0 ) { foreach ( $param->children() as $subParam ) { if ( $subParam->name() == 'showview' ) { $viewName = $subParam->attributes( 'view' ); $viewModel =& $this->_views->getChildByNameAttributes( 'view', array( 'ui' => 'admin', 'name' => $viewName ) ); if ( !$viewModel ) { echo 'Extended renderAllParams:showview: View ' . $viewName . ' not defined in XML'; return false; } foreach ( $viewModel->children() as $vChild ) { $this->_jsif[$ifName]['show'][] = $this->_htmlId( $control_name, $vChild ); } } elseif ( in_array( $subParam->name(), array( 'params', 'fields', 'status', 'if' ) ) ) { if ( count( $subParam->children() ) > 0 ) { if ( $subParam->name() == 'params' ) { $paramsName = $subParam->attributes( 'name' ); if ( $control_name ) { $child_cnam = $control_name . '[' . $paramsName . ']'; } else { $child_cnam = $paramsName; } } else { $child_cnam = $control_name; } foreach ( $subParam->children() as $vChild ) { if ( ! in_array( $vChild->name(), array( 'showview', 'if', 'else' ) ) ) { //TBD //FIXME: this avoids JS error but still shows sub-view ! recursive function needed here $this->_jsif[$ifName]['show'][] = $this->_htmlId( $child_cnam, $vChild ); } elseif ( $vChild->name() == 'if' ) { foreach ( $vChild->children() as $vvChild ) { if ( ! in_array( $vvChild->name(), array( 'showview', 'if', 'else', 'params', 'fields', 'status' ) ) ) { //TBD //FIXME: this avoids JS error but still shows sub-view ! recursive function needed here $this->_jsif[$ifName]['show'][] = $this->_htmlId( $child_cnam, $vvChild ); } elseif ( $vvChild->name() == 'if' ) { foreach ( $vvChild->children() as $vvvChild ) { if ( ! in_array( $vvvChild->name(), array( 'showview', 'if', 'else', 'params', 'fields', 'status' ) ) ) { //TBD //FIXME: this avoids JS error but still shows sub-view ! recursive function needed here $this->_jsif[$ifName]['show'][] = $this->_htmlId( $child_cnam, $vvvChild ); } } } } } } } } elseif ( $subParam->name() == 'else' ) { if ( $subParam->attributes( 'action' ) == 'set' ) { $correspondingParam = $param->getAnyChildByNameAttr( 'param', 'name', $subParam->attributes( 'name' ) ); if ( $correspondingParam ) { $this->_jsif[$ifName]['set'][] = $this->_htmlId( $control_name, $correspondingParam ) . '=' . $this->control_id( $control_name, $subParam->attributes( 'name' ) ) . '=' . $subParam->attributes( 'value' ); } else { echo 'No corresponding param to the else statement for name ' . $subParam->attributes( 'name' ) . ' !'; } } } else { $this->_jsif[$ifName]['show'][] = $this->_htmlId( $control_name, $subParam ); } } $this->_jsif[$ifName]['element'] = $param; $this->_jsif[$ifName]['control_name'] = $control_name; $this->_jsif[$ifName]['ifname'] = $this->_htmlId( $control_name, $param ); } } elseif ( ( $ifType == 'condition' ) || ( $viewType == 'view' ) ) { $showInside = $this->_evalIf( $param ); } if ( $showInside ) { $html[] = $this->renderAllParams( $param, $control_name, $tabs, $viewType, $htmlFormatting ); } break; case 'else': break; // implemented in if above it case 'toolbarmenu': break; // implemented in higher level case 'tabpane': // first render all tabpanetabs (including nested tabpanes): $tabpaneCounter++; $this->tabpaneNames[$tabpaneCounter] = $param->attributes( 'name' ); $subhtml = $this->renderAllParams( $param, $control_name, $tabs, $viewType, $htmlFormatting ); unset( $this->tabpaneNames[$tabpaneCounter] ); $tabpaneCounter--; if ( $htmlFormatting != 'fieldsListArray' ) { // then puts them together: $htid = $this->_outputIdEqualHtmlId( $control_name, $param ); if ( $htmlFormatting == 'table' ) { $html[] = '<tr' . $htid . '><td colspan="3" width="100%">'; } elseif ( $htmlFormatting == 'td' ) { $html[] = '<td' . $htid . '>'; } if ( $tabpaneCounter == 0 ) { $html[] = $tabs->_getTabNavJS( $param->attributes( 'name' ), $tabNavJS ); $tabNavJS = array(); } $html[] = $tabs->startPane( $param->attributes( 'name' ) ); } $html[] = $subhtml; if ( $htmlFormatting != 'fieldsListArray' ) { $html[] = $tabs->endPane(); if ( $htmlFormatting == 'table' ) { $html[] = '</td></tr>'; } elseif ( $htmlFormatting == 'td' ) { $html[] = '</td>'; } } break; case 'tabpanetab': if ( $htmlFormatting != 'fieldsListArray' ) { $i = $this->_i++; $idtab = $this->tabpaneNames[$tabpaneCounter] . $this->_i; $html[] = $tabs->startTab( $this->tabpaneNames[$tabpaneCounter], CBTxt::T( getLangDefinition( $param->attributes( 'label' ) ) ), $idtab ); $html[] = '<table class="paramlist" cellspacing="0" cellpadding="0" width="100%">'; $tabName = $param->attributes( 'name' ); $tabTitle = $param->attributes( 'title' ); $description = $param->attributes( 'description' ); if ( $tabTitle ) { $html[] = '<tr><td colspan="3" width="100%"><h3' . ( $tabName ? ' class="cbTH' . $this->tabpaneNames[$tabpaneCounter] . $tabName . '"' : '' ) . '>' . CBTxt::Th( getLangDefinition( $tabTitle ) ) . '</h3></td></tr>'; } if ( $description || ! $tabTitle ) { $html[] = '<tr><td colspan="3" width="100%"><strong>' . CBTxt::Th( getLangDefinition( $description ) ) . '</strong></td></tr>'; // either description or a spacer. } } $html[] = $this->renderAllParams( $param, $control_name, $tabs, $viewType, $htmlFormatting ); if ( $htmlFormatting != 'fieldsListArray' ) { $html[] = "\n\t</table>"; $html[] = $tabs->endTab(); $tabNavJS[$i]->nested = ( $tabpaneCounter > 1 ); $tabNavJS[$i]->name = CBTxt::T( getLangDefinition( $param->attributes( 'label' ) ) ); $tabNavJS[$i]->id = $idtab; $tabNavJS[$i]->pluginclass = $idtab; } break; case 'extendparser': $this->setExtendedViewParser( $param ); break; default: if ( $this->_extendViewParser ) { $html[] = $this->_extendViewParser->renderAllParams( $param, $control_name, $tabs, $viewType, $htmlFormatting ); } else { echo 'Method to render XML view element ' . $param->name() . ' is not implemented !'; } break; } return ( $htmlFormatting == 'fieldsListArray' ? $html : implode( "\n", $html ) ); }
/** * @param string $cbUri The CB-URI (cbo;,,,) * @param SimpleXMLElement $sourceElem The XML element from which the URL is computed * @param TableInterface $data The data of the object for dynamic URL request values * @param int $id The id of the current row * @param bool $htmlspecialchars If htmlspecialchars should be made for this * @param bool $inPage URL target: true: html (full page), false: raw (only center component content) * @return string The URL */ function drawUrl($cbUri, SimpleXMLElement $sourceElem, $data, $id, $htmlspecialchars = true, $inPage = true) { global $_CB_framework; if (!Access::authorised($sourceElem)) { return null; } $ui = $_CB_framework->getUi(); $actionName = null; if (substr($cbUri, 0, 4) == 'cbo:') { $subTaskValue = substr($cbUri, 4); switch ($subTaskValue) { /** @noinspection PhpMissingBreakStatementInspection */ case 'newrow': // $id = 0; // fallthrough: no break on purpose. // $id = 0; // fallthrough: no break on purpose. case 'rowedit': //TBD this is duplicate of below $baseUrl = 'index.php'; if ($this->_options['view'] == 'editPlugin') { $task = $this->_options['view']; } else { $task = 'editrow'; } $baseUrl .= '?option=' . $this->_options['option'] . '&view=' . $task; if (isset($this->_options['pluginid'])) { $baseUrl .= '&cid=' . $this->_options['pluginid']; } $url = $baseUrl . '&table=' . $this->_tableBrowserModel->attributes('name') . '&action=editrow'; // below: . '&tid=' . $id; break; case 'saveorder': case 'editrows': case 'deleterows': case 'copyrows': case 'updaterows': case 'publish': case 'unpublish': case 'enable': case 'disable': default: $url = 'javascript:cbDoListTask(this, ' . "'" . addslashes($this->taskName(false)) . "','" . addslashes($this->subtaskName(false)) . "','" . addslashes($this->subtaskValue($subTaskValue, false)) . "','" . addslashes($this->fieldId('id', null, false)) . "'" . ");"; break; } } elseif (substr($cbUri, 0, 10) == 'cb_action:') { $actionName = substr($cbUri, 10); $action = $this->_actions->getChildByNameAttr('action', 'name', $actionName); if ($action) { if (!Access::authorised($action)) { return null; } $requestNames = explode(' ', $action->attributes('request')); $requestValues = explode(' ', $action->attributes('action')); $parametersValues = explode(' ', $action->attributes('parameters')); $baseUrl = 'index.php'; $baseUrl .= '?'; $baseRequests = array('option' => 'option', 'view' => 'view', 'cid' => 'pluginid'); $urlParams = array(); foreach ($baseRequests as $breq => $breqOptionsValue) { if (!(in_array($breq, $requestNames) || in_array($breq, $parametersValues)) && isset($this->_options[$breqOptionsValue])) { $urlParams[$breq] = $breq . '=' . $this->_options[$breqOptionsValue]; } } for ($i = 0, $n = count($requestNames); $i < $n; $i++) { $urlParams[$requestNames[$i]] = $requestNames[$i] . '=' . $requestValues[$i]; // other parameters = paramvalues added below } $url = $baseUrl . implode('&', $urlParams); } else { $url = "#action_not_defined:" . $actionName; } } else { $url = cbUnHtmlspecialchars($cbUri); } if (cbStartOfStringMatch($url, 'index.php')) { // get the parameters of action/link from XML : $parametersNames = explode(' ', $sourceElem->attributes('parameters')); $parametersValues = explode(' ', $sourceElem->attributes('paramvalues')); $parametersValuesTypes = explode(' ', $sourceElem->attributes('paramvaluestypes')); // generate current action (and parameters ?) as cbprevstate $cbprevstate = array(); foreach ($this->_options as $req => $act) { if ($req && $act && !in_array($req, array('cbprevstate'))) { $cbprevstate[] = $req . '=' . $act; } } $parametersNames[] = 'cbprevstate'; $parametersValues[] = "'" . base64_encode(implode('&', $cbprevstate)) . "'"; // finally generate URL: for ($i = 0, $n = count($parametersNames); $i < $n; $i++) { $nameOfVariable = $parametersValues[$i]; if ($nameOfVariable != '') { if (isset($parametersValuesTypes[$i]) && $parametersValuesTypes[$i]) { if ($parametersValuesTypes[$i] == 'sql:field') { if (is_callable(array($data, 'get'))) { $nameOfVariable = $data->get($nameOfVariable); } else { $nameOfVariable = $data->{$nameOfVariable}; } } else { // $nameOfVariable untouched } } elseif (substr($nameOfVariable, 0, 1) == "'" && substr($nameOfVariable, -1) == "'") { $nameOfVariable = substr($nameOfVariable, 1, -1); } else { if (is_callable(array($data, 'get'))) { $nameOfVariable = $data->get($nameOfVariable); } else { $nameOfVariable = $data->{$nameOfVariable}; } } $url .= '&' . $parametersNames[$i] . '=' . urlencode($nameOfVariable); } } if ($ui == 2) { $url = $_CB_framework->backendUrl($url, $htmlspecialchars, $inPage ? 'html' : 'component'); } else { $url = cbSef($url, $htmlspecialchars, $inPage ? 'html' : 'component'); } } elseif ($htmlspecialchars) { $url = htmlspecialchars($url); } return $url; }
/** * Returns the protected basket URL * * @param UserTable|null $user * @param string $format 'html', 'component', 'raw', 'rawrel' (added in CB 1.2.3) * @param string $act 'setbsktpmtmeth', 'setbsktcurrency' * @return string URL not sefed not htmlspecialchared */ public function getSetBasketPaymentMethodUrl( /** @noinspection PhpUnusedParameterInspection */ $user, $format = 'html', $act = 'setbsktpmtmeth' ) { $sefed = ( $format != 'html' ); // We need to call CBSef for format 'raw' return cbUnHtmlspecialchars( cbpaidApp::getBaseClass()->getHttpsAbsURLwithParam( array( 'act' => $act, 'bskt' => $this->id, 'bck' => $this->checkHashUser(), 'Itemid' => 0 ), 'pluginclass', $sefed, null, $format ) ); }
/** * Returns the tab description with all replacements of variables and of language strings made. * * @param TabTable $tab * @param UserTable $user * @param string $htmlId div id tag for the description html div * @return string */ protected function _writeTabDescription($tab, $user, $htmlId = null) { if ($tab->description == null) { return null; } $return = '<div class="tab_description form-group cb_form_line clearfix cbtwolinesfield"' . ($htmlId ? ' id="' . $htmlId . '"' : '') . '>' . '<div class="cb_field col-sm-12">' . '<div>' . cbReplaceVars(cbUnHtmlspecialchars($tab->description), $user) . '</div>' . '</div>' . '</div>'; return $return; }
/** * Replace relative image src links with absolute links * * @param array $matches * @return string */ function _cbadmin_parse_img_link(&$matches){ $image = cbUnHtmlspecialchars( $matches[2] ); if ( substr( $image, 0, 4 ) == 'http' ) { // already absolute URL, do nothing.. return $matches[0]; } if ( substr( $image, 0, 1 ) != '/' ) { $image = '/' . $image; } global $_CB_framework; $image = $_CB_framework->getCfg( 'live_site' ) . $image; return '<img ' . $matches[1] . 'src="' . $image . '"' . $matches[3] . '>'; }
function removeConnection( $userid, $connectionid ) { global $_CB_framework, $ueConfig; $andItemid = getCBprofileItemid(true); if ( ! $ueConfig['allowConnections'] ) { echo _UE_FUNCTIONALITY_DISABLED; return; } if ( ! ( $_CB_framework->myId() > 0 ) ) { cbNotAuth(); return; } $cbCon = new cbConnection( $userid ); if ( ! $cbCon->removeConnection( $userid, $connectionid ) ) { $msg = $cbCon->getErrorMSG(); } else { $msg = $cbCon->getUserMSG(); } // $url=cbSef("index.php?option=com_comprofiler&task=manageConnections"); $url=cbSef( "index.php?option=com_comprofiler&tab=getConnectionTab" . $andItemid ); echo "<script type=\"text/javascript\"> alert('".addslashes($msg)."'); document.location.href='".cbUnHtmlspecialchars($url)."'; </script>\n"; }
/** * Replaces complex pragmas * * @param string $msg * @param string $pragma the tag between the brackets "[$pragma]" * @param string $position the CB menu position * @param boolean $htmlspecialcharsEncoded True if menu tags should remain htmlspecialchared * @return string */ private function _replacePragma($msg, $pragma, $position, $htmlspecialcharsEncoded = true) { global $_PLUGINS; $msgResult = ""; $pragmaLen = strlen($pragma); while (($foundPosBegin = strpos($msg, "[" . $pragma)) !== false) { $foundPosEnd = strpos($msg, "[/" . $pragma . "]", $foundPosBegin + $pragmaLen + 1); if ($foundPosEnd !== false) { $foundPosTagEnd = strpos($msg, "]", $foundPosBegin + $pragmaLen + 1); if ($foundPosTagEnd !== false && $foundPosTagEnd < $foundPosEnd) { // found [menu .... : $cbMenuTreePath /] : check to see if $cbMenuTreePath is in current menu: $cbMenuTreePath = substr($msg, $foundPosTagEnd + 1, $foundPosEnd - ($foundPosTagEnd + 1)); $cbMenuTreePathArray = explode(":", $cbMenuTreePath); $pm = $_PLUGINS->getMenus(); $pmc = count($pm); for ($i = 0; $i < $pmc; $i++) { if ($pm[$i]['position'] == $position) { $arrayPos = $pm[$i]['arrayPos']; foreach ($cbMenuTreePathArray as $menuName) { if (is_array($arrayPos) && key($arrayPos) == trim($menuName)) { $arrayPos = $arrayPos[key($arrayPos)]; } else { // not matching full menu path: check next: break; } } if (!is_array($arrayPos)) { // came to end of path: match found: stop searching: break; } } } // replace by nothing in case not found: $replaceString = ""; if ($i < $pmc) { // found: replace with menu item: first check for qualifiers for special changes: $cbMenuTags = substr($msg, $foundPosBegin + $pragmaLen + 1, $foundPosTagEnd - ($foundPosBegin + $pragmaLen + 1)); if ($htmlspecialcharsEncoded) { $cbMenuTags = cbUnHtmlspecialchars($cbMenuTags); } $cbMenuTagsArray = $this->_explodeTags($cbMenuTags, array("href", "target", "title", "class", "style", "img", "caption")); if (substr(ltrim($pm[$i]['url']), 0, 2) == '<a') { $matches = null; if (preg_match('/ href="([^"]+)"/i', $pm[$i]['url'], $matches)) { $pm[$i]['url'] = $matches[1]; } } $replaceString .= $this->_placeTags($cbMenuTagsArray, 'href', $pm[$i], 'url', '<a href="$1"' . $this->_placeTags($cbMenuTagsArray, 'target', $pm[$i], 'target', ' target="$1"') . $this->_placeTags($cbMenuTagsArray, 'title', $pm[$i], 'tooltip', ' title="$1"') . $this->_placeTags($cbMenuTagsArray, 'class', $pm[$i], 'undef', ' class="$1"') . $this->_placeTags($cbMenuTagsArray, 'style', $pm[$i], 'undef', ' style="$1"') . ">"); $replaceString .= $this->_placeTags($cbMenuTagsArray, 'img', $pm[$i], 'img', '$1'); $replaceString .= $this->_placeTags($cbMenuTagsArray, 'caption', $pm[$i], 'caption', '$1'); $replaceString .= $this->_placeTags($cbMenuTagsArray, 'href', $pm[$i], 'url', '</a>'); /* $this->menuBar->addObjectItem( $pm[$i]['arrayPos'], $pm[$i]['caption'], isset($pm[$i]['url']) ?$pm[$i]['url'] :"", isset($pm[$i]['target'])?$pm[$i]['target'] :"", isset($pm[$i]['img']) ?$pm[$i]['img'] :null, isset($pm[$i]['alt']) ?$pm[$i]['alt'] :null, isset($pm[$i]['tooltip'])?$pm[$i]['tooltip']:null, isset($pm[$i]['keystroke'])?$pm[$i]['keystroke']:null ); */ } $msgResult .= substr($msg, 0, $foundPosBegin); $msgResult .= $replaceString; $msg = substr($msg, $foundPosEnd + $pragmaLen + 3); // $srchtxt = "[menu:".$cbMenuTreePath."]"; // get new search text // $msg = str_replace($srchtxt,$replaceString,$msg); // replace founded case insensitive search text with $replace } else { break; } } else { break; } } return $msgResult . $msg; }
/** * This function should be called just after binding the moscomprofilerUser object from database * to load the gids * and to fix the CMS database storage bugs. * It should be avoided externally, but is used by cb.lists.php */ function afterBindFromDatabase() { if (checkJversion() == 2) { global $_CB_framework; $gids = array_values((array) JFactory::getAcl()->getGroupsByUser($this->id, false)); foreach ($gids as $k => $v) { $gids[$k] = (string) $v; } $this->gids = $gids; $this->gid = (int) $_CB_framework->acl->getBackwardsCompatibleGid($this->gids); } else { $this->gids = array($this->gid); if (checkJversion() == 0 && checkJversion('dev_level') < 11) { // revert effect of _cbMakeHtmlSafe on user save in older joomla/mambo versions: $this->name = cbUnHtmlspecialchars($this->name); } } }
function unHtmlspecialchars($text) { return cbUnHtmlspecialchars($text); }
/** * display basket and payment buttons or redirect for payment depending if multiple payment choices or intro text present: * * @param UserTable $user * @param cbpaidPaymentBasket $paymentBasket * @param string $introText * @param boolean $ajax TRUE if AJAX refresh inside #cbregPayMethodsChoice, FALSE: wraps in <div id="cbregPayMethodsChoice"> * @return string HTML (or DOES REDIRECT if $redirectNow = ! ( ( $nbClasses != 1 ) || $introText ) == TRUE) */ public function getPaymentBasketPaymentForm( &$user, &$paymentBasket, $introText, $ajax = false ) { global $_PLUGINS; $result = null; $params = cbpaidApp::settingsParams(); $invoicingAddressQuery = $params->get( 'invoicing_address_query' ); $basket_requiredterms = $params->get( 'basket_requiredterms' ); $basket_requiredtermserror = $params->get( 'basket_requiredtermserror' ); $payment_method_selection_type = $params->get( 'payment_method_selection_type', 'buttons' ); $allow_select_currency = $params->get( 'allow_select_currency', '0' ); $redirectNow = null; $payChoicesArray = $this->getPaymentMethodsParams( $user, $paymentBasket, $introText, $redirectNow ); $chosenPaymentMethod = $paymentBasket->gateway_account ? $paymentBasket->gateway_account . '-' . $paymentBasket->payment_type : ''; // cbGetParam( $_POST, 'payment_method' ); $payChoicesHtmlRadiosArray = array(); $chosenPaymentSelector = null; $payChoicesHtmlBottomArray = $this->_renderPayChoicesArray( $payChoicesArray, $paymentBasket, $redirectNow, $chosenPaymentMethod, $payChoicesHtmlRadiosArray, $chosenPaymentSelector ); if ( $redirectNow == 'redirect' && is_string( $payChoicesHtmlBottomArray ) ) { cbRedirect( $payChoicesHtmlBottomArray ); } $subscriptionsGUI = new cbpaidControllerUI(); $subscriptionsGUI->addcbpaidjsplugin(); if ( ( $payment_method_selection_type == 'radios') && ( $chosenPaymentMethod != '' ) && $chosenPaymentSelector ) { // Select button to draw: $payChoicePayButton = $this->getPayMethodButton( $user, $paymentBasket, $paymentBasket->gateway_account, $paymentBasket->payment_type, $chosenPaymentSelector ); /** @var $chosenPaymentSelector cbpaidGatewaySelector */ $this->modifyAspectPayMethodButton( $payChoicePayButton, $chosenPaymentSelector->paymentType ); $dummy = null; $payChoicePayButtonHtmlArray = $this->_renderPayChoicesArray( array( $payChoicePayButton ), $paymentBasket, 'buttons', $chosenPaymentMethod, $payChoicesHtmlRadiosArray, $dummy ); $payChoicesHtmlBottomArray = array_merge( $payChoicesHtmlBottomArray, $payChoicePayButtonHtmlArray ); } if ( true ) { // always add cancel link cbpaidApp::import( 'processors.cancelpay.cancelpay' ); $cancelmethod = new cbpaidGatewayAccountcancelpay(); $payClass = $cancelmethod->getPayMean(); $payChoicesHtmlBottomArray[] = $payClass->getPaymentBasketProcess( $user, $paymentBasket, 'buttons' ); // never redirectNow a cancel link :D ! } $basketHtml = $paymentBasket->displayBasket(); if ( $allow_select_currency == 2 ) { $currencySelector = $this->displayCurrencySelector( $paymentBasket ); } else { $currencySelector = null; } $txtConclusion = $params->get('conclusion_text'); $txtFinal = $params->get('final_text'); $txtTerms = null; if ( $basket_requiredterms == 1 ) { global $_CB_database, $_CB_framework; $query = 'SELECT ' . $_CB_database->NameQuote( 'params' ) . "\n FROM " . $_CB_database->NameQuote( '#__comprofiler_fields' ) . "\n WHERE " . $_CB_database->NameQuote( 'name' ) . " = " . $_CB_database->Quote( 'acceptedterms' ); $_CB_database->setQuery( $query ); $tcParams = new Registry( $_CB_database->loadResult() ); $termsOutput = $tcParams->get( 'terms_output', 'url' ); $termsDisplay = $tcParams->get( 'terms_display', 'modal' ); $termsURL = $tcParams->get( 'terms_url', null ); $termsText = $tcParams->get( 'terms_text', null ); $termsWidth = (int) $tcParams->get( 'terms_width', 400 ); $termsHeight = (int) $tcParams->get( 'terms_height', 200 ); if ( ! $termsHeight ) { $termsHeight = 200; } if ( ( ( $termsOutput == 'url' ) && $termsURL ) || ( ( $termsOutput == 'text' ) && $termsText ) ) { if ( $termsDisplay == 'iframe' ) { if ( $termsOutput == 'url' ) { $txtTerms .= '<iframe class="cbTermsFrameURL" height="' . $termsHeight . '" width="' . ( $termsWidth ? $termsWidth : '100%' ) . '" src="' . htmlspecialchars( $termsURL ) . '"></iframe>'; } else { $txtTerms .= '<div class="cbTermsFrameText" style="height:' . $termsHeight . 'px;width:' . ( $termsWidth ? $termsWidth . 'px' : '100%' ) . ';overflow:auto;">' . CBPTXT::T( $termsText ) . '</div>'; } } if ( $termsDisplay != 'iframe' ) { $attributes = ' class="cbTermsLink"'; if ( ( $termsOutput == 'text' ) && ( $termsDisplay == 'window' ) ) { $termsDisplay = 'modal'; } if ( $termsDisplay == 'modal' ) { if ( ! $termsWidth ) { $termsWidth = 400; } if ( $termsOutput == 'url' ) { $tooltip = '<iframe class="cbTermsModalURL" height="' . $termsHeight . '" width="' . $termsWidth . '" src="' . htmlspecialchars( $termsURL ) . '"></iframe>'; } else { $tooltip = '<div class="cbTermsModalText" style="height:' . $termsHeight . 'px;width:' . $termsWidth . 'px;overflow:auto;">' . CBPTXT::T( $termsText ) . '</div>'; } $url = 'javascript:void(0);'; $attributes .= ' ' . cbTooltip( $_CB_framework->getUi(), $tooltip, CBPTXT::T( 'Terms and Conditions' ), 'auto', null, null, null, 'data-cbtooltip="true" data-modal="true"' ); } else { $url = htmlspecialchars( $termsURL ); $attributes .= ' target="_blank"'; } $txtTerms .= CBPTXT::P( 'I have read and approve the <a href="[url]"[attributes]>Terms and Conditions</a>', array( '[url]' => $url, '[attributes]' => $attributes ) ); } else { $txtTerms .= CBPTXT::T( 'I have read and approve the above Terms and Conditions.' ); } } } elseif ( $basket_requiredterms == 2 ) { $txtTerms = $params->get( 'basket_termsandconditions' ); } if ($introText) { $result .= '<div class="cbregIntro">' . CBPTXT::Th( $introText ) . "</div>\n"; } $result .= $basketHtml; if ( $allow_select_currency == 2 ) { $result .= $currencySelector; } if ( $invoicingAddressQuery > 0 ) { $errorMsg = $paymentBasket->checkAddressComplete(); if ( $errorMsg && ( $invoicingAddressQuery == 2 ) ) { $result = ''; $introAddrNeeded = $params->get('invoicing_address_required_into_text'); if ($introAddrNeeded) { $result .= '<div class="cbregIntro">' . CBPTXT::Th( $introAddrNeeded ) . "</div>\n"; } $result .= $paymentBasket->renderInvoicingAddressForm( $user ); // $xmlController->handleAction( 'action', 'editinvoiceaddress' ); return $result; } else { if ( $errorMsg ) { cbpaidApp::getBaseClass()->_setErrorMSG( $errorMsg ); } $result .= '<div class="cbregInvoicingAddress">' . $paymentBasket->renderInvoicingAddressFieldset() . '</div>'; } // display current invoicing address with a link to change/edit it with a back link to the payment basket id // if the address is not mandatory. // If it is mandatory, check that it is complete (and later also screened), // if not display instead of this the invoicing address edit page ! } $integrationsResults = $_PLUGINS->trigger( 'onCbSubsAfterPaymentBasket', array( $paymentBasket, &$result, &$txtTerms ) ); foreach ( $integrationsResults as $intRes ) { if ( is_string( $intRes ) ) { $result .= $intRes; } } if ( $txtConclusion ) { $result .= '<div class="cbregConcl">' . CBPTXT::Th( $txtConclusion ) . "</div>\n"; } if ( count( $payChoicesHtmlRadiosArray ) > 0 ) { $radios_intro_html = CBPTXT::Th( $params->get( 'radios_intro_html' ) ); $radios_conclusion_html = CBPTXT::Th( $params->get( ( $chosenPaymentMethod != null ) ? 'radios_selected_conclusion_html' : 'radios_unselected_conclusion_html' ) ); $htmlList = '<ul class="cbregPaymentMethodChoiceList">' . "\n"; foreach ( $payChoicesHtmlRadiosArray as $selHtmlArr ) { if ( $selHtmlArr[0] ) { $htmlList .= '<li class="cbregCCradioLi cbregCCradioSelected">'; } else { $htmlList .= '<li class="cbregCCradioLi">'; //LATER: class="cbpaidCCradio cbpaidRadio_<?php echo htmlspecialchars( $this->payNameForCssClass ); " id="<?php echo htmlspecialchars( $this->butId ); } $htmlList .= '<div class="cbregCCradioLiBg"></div>' // This allows to use the CSS trick for highlighting as explained here: http://www.commentcamarche.net/forum/affich-3898635-transparance-du-fond-uniquement . $selHtmlArr[1] . "</li>\n"; } $htmlList .= "</ul>\n"; $methodsHTML = '<div class="cbregPaymentMethodChoice ' . ( ( $chosenPaymentMethod != null ) ? 'cbregPMselected' : 'cbregPMunselected' ) . '">' . ( $radios_intro_html ? '<h2 class="contentheading cbregPaymenMethodChoiceIntro">' . $radios_intro_html . '</h2>' : '' ) . $htmlList . '<span class="cb_button_wrapper">' . '<button type="submit" id="cbregSelectPayment">' . CBPTXT::Th("Change Payment Method") . '</button>' . '</span>' . ( $radios_conclusion_html ? '<div class="cbregPaymenMethodChoiceConclusion">' . $radios_conclusion_html . '</div>' : '' ) . "</div>\n" ; $getParams = $paymentBasket->getSetBasketPaymentMethodUrl( $user ); $ajaxGetParams = cbUnHtmlspecialchars( $paymentBasket->getSetBasketPaymentMethodUrl( $user, 'raw' ) ); $formHiddens = array( cbpaidApp::getBaseClass()->_getPagingParamName('act') => 'setbsktpmtmeth', 'ajaxurl' => bin2hex( $ajaxGetParams ) ); $result .= '<div class="cbregPaymentMethodsSelect">' . $subscriptionsGUI->drawForm( $methodsHTML, null, $formHiddens, $getParams ) . "</div>\n"; $termsCanBeDisplayed = ( $payment_method_selection_type != 'radios' ) || ( $chosenPaymentMethod != null ); } else { $termsCanBeDisplayed = true; } if ( $txtTerms ) { if ( $termsCanBeDisplayed ) { $accepted = ( cbGetParam( $_POST, 'terms_accepted', 0 ) == 1 ); $settings = '<div class="cbregTermsAccept"><input type="checkbox" class="required" name="terms_accepted" id="terms_accepted" value="1"' . ( $accepted ? ' checked="checked" disabled="disabled" ' : '' ) . '/> ' . '<label for="terms_accepted">' . $txtTerms . '</label></div>' ; if ( ! $accepted ) { $settings .= '<span class="cb_button_wrapper">' . '<button type="submit" id="cbTermsAccept" title="' . htmlspecialchars( CBPTXT::T( $basket_requiredtermserror ) ) . '">' . CBPTXT::Th("Accept Terms") . '</button>' . '</span>' ; } $getParams = $accepted ? '#' : $paymentBasket->getShowBasketUrl( false ); $formHiddens = $accepted ? array( 'terms_accepted' => 1 ) : array(); $result .= '<div class="cbregTerms">' . $subscriptionsGUI->drawForm( $settings, null, $formHiddens, $getParams ) . "</div>\n"; } else { $accepted = false; } } else { $accepted = true; } $result .= '<div class="cbpayChoices cbclearboth"' . ( $termsCanBeDisplayed && $txtTerms && ! $accepted ? ' style="display:none;"' : '' ) . ">\n " . implode ( "\n ", $payChoicesHtmlBottomArray ) . "\n</div>\n"; if ( $txtFinal ) { $result .= '<div class="cbregFinalText">' . CBPTXT::Th( $txtFinal ) . "</div>\n"; } $result = '<div class="cbpayBasketView">' . $result . '</div>'; if ( ! $ajax ) { $result = '<div id="cbpayOrderContainer">' // Needed for Javascript delegated binding . $result . '</div>'; } return $result; }