function IIRS_0_set_message($mess_no, $message, $message_detail = null, $level = IIRS_MESSAGE_USER_INFORMATION, $_user_action = null, $_args = null) { // global $IIRS_widget_mode requires that the message is included in the HTML output // because the user is viewing the message through HTML transported in the widget on a *different* website // normal message display, that is through a plugin / module on *this* website can use the host framework function // e.g. Drupal uses drupal_set_message() which *indirectly* queues the message for display (once) $class = IIRS_0_message_class($level); IIRS_0_print_HTML("<div class=\"IIRS_0_message IIRS_0_message_{$mess_no} IIRS_0_message_level_{$class}\">" . IIRS_0_escape_for_HTML_text($message) . '</div>'); }
function IIRS_0_message_html($mess_no, $message, $message_detail = null, $level = IIRS_MESSAGE_USER_INFORMATION, $user_action = null, $args = null) { // SECURITY: $message is text, NOT HTML. it will be pushed through IIRS_0_escape_for_HTML_text() // SECURITY: $message_detail is text. SHOULD NOT be dynamic. it will be translated // the caller should NOT escape the input // IIRS_0_message_html() output should be pushed through IIRS_0_print_HTML() // $message is also NOT translated. the caller must use the translation functions // this is because the message may comprise of several separately translated parts $class = IIRS_0_message_class($level); $html = "<div class=\"IIRS_0_message IIRS_Error IIRS_Error_{$mess_no} IIRS_0_message_level_{$class}\">"; if ($user_action) { $html .= '<a class="IIRS_0_user_action" href="' . $user_action . '">' . IIRS_0_translation('continue') . '</a>'; } if ($message) { $html .= '<div class="IIRS_friendly_err_message">' . IIRS_0_escape_for_HTML_text($message) . '</div>'; } $html .= '<div class="IIRS_message_detail">'; $html .= IIRS_0_translation($message_detail); if ($args) { $html .= '<ul>'; foreach ($args as $key => $value) { $html .= "<li>{$key} = {$value}</li>"; } $html .= '</ul>'; } $html .= '</div>'; $html .= '</div>'; return $html; }
</style> <div class="IIRS_0_h1"><?php IIRS_0_print_translated_HTML_text(IGNORE_TRANSLATION, 'list of Transition Initiative around the world'); ?> <?php IIRS_0_print_language_selector(); ?> </div> <ul id="list" class="IIRS_0_bare_list"> <?php foreach ($all_TIs as $TI) { $date = $TI['date']; $editable = $usersTI && $usersTI['native_ID'] == $TI['native_ID']; $edit_link = $editable ? '<a class="IIRS_0_edit_link post-edit-link" href="/IIRS/edit">' . IIRS_0_translation(IGNORE_TRANSLATION, 'edit') . '</a>' : ''; $name_escaped = IIRS_0_escape_for_HTML_text($TI['name']); $html = <<<HTML <li> <h2 class="entry-title"><a href="/IIRS/view?ID={$TI['native_ID']}">{$name_escaped}</a></h2> <div class="entry-meta"> <span class="edit-link">{$edit_link}</span> </div> <div class="IIRS_0_status">{$date}</div> </li> HTML; IIRS_0_print_HTML($html); } ?> </ul> </div>
function IIRS_0_location_to_HTML($location_array, &$location_uniques = array(), $select = false, $town_name = '') { static $option = 1; $location_description = $location_array['description']; $location_latitude = $location_array['latitude']; $location_longitude = $location_array['longitude']; $location_full_address = $location_array['full_address']; $location_country = $location_array['country']; $location_granuality = $location_array['granuality']; $location_bounds = $location_array['bounds']; if (IIRS_is_error($location_array)) { $location_output = $location_array; } else { // unique identity output $unique_id = "{$location_latitude},{$location_longitude}"; if (!$location_uniques || !$unique_id || !isset($location_uniques[$unique_id])) { if (is_numeric($location_latitude) && is_numeric($location_longitude)) { $google_map_URL = "https://www.google.com/maps/@{$location_latitude},{$location_longitude},16z"; $google_map_link = '<a target="_blank" href="' . $google_map_URL . '\\">' . IIRS_0_translation('view on map') . '</a>'; $selected = $select ? 'checked="1"' : ''; $selected_class = $select ? 'selected' : ''; $location_value_serialised = urlencode(serialize($location_array)); // status, description, links // SECURITY: $location_status is un-escaped output // $location_latitude && $location_longitude in $google_map_link are numeric // translations are the responsibility of the administrator if (IIRS_0_TI_search_result_already_registered($town_name, $location_latitude, $location_longitude, $location_description)) { $location_status = IIRS_0_translation(IGNORE_TRANSLATION, 'transition initiative already registered') . " {$google_map_link}<br/>"; $location_status .= '<input class="IIRS_0_button" type="button" value="' . IIRS_0_translation(IGNORE_TRANSLATION, 'join!') . '"/>'; $location_status .= '<input class="IIRS_0_button" type="button" value="' . IIRS_0_translation(IGNORE_TRANSLATION, 'message') . '"/>'; $disabled = 'disabled="1"'; } else { $location_status = IIRS_0_translation('transition initiative not registered yet!') . " {$google_map_link}<br/>"; // $location_status .= IIRS_0_translation( IGNORE_TRANSLATION, 'closest initiative' ) . ': 5' . IIRS_0_translation( IGNORE_TRANSLATION, 'km' ); $disabled = ''; } // HTML assemble $location_description_escaped = IIRS_0_escape_for_HTML_text($location_description); $location_full_address_escaped = IIRS_0_escape_for_HTML_text("{$location_granuality}: {$location_full_address}"); $location_output = <<<HTML <li class="{$selected_class}"> <input {$disabled} {$selected} name="place" class="IIRS_0_radio IIRS_0_required" value="{$location_value_serialised}" type="radio" id="IIRS_0_location_{$option}_input" /> <label for="IIRS_0_location_{$option}_input"> {$location_description_escaped} <div class="IIRS_0_full_address">{$location_full_address_escaped}</div> <div class="IIRS_0_status">{$location_status}</div> </label> </li> HTML; // record for uniqueness if ($unique_id && $location_uniques) { $location_uniques[$unique_id] = 1; } } } $option++; } return $location_output; }