/**
* Displays the online list.
**/
public function index_action()
{
$this->contact_count = Contact::countBySQL('owner_id=?', array(User::findCurrent()->id));
// Total number of contacts
$this->users = $this->getOnlineUsers($this->settings['show_groups']);
$this->showOnlyBuddies = $this->settings['show_only_buddys'];
$this->showGroups = $this->settings['show_groups'];
$this->limit = Config::getInstance()->ENTRIES_PER_PAGE;
$max_page = ceil(count($this->users['users']) / $this->limit);
$this->page = min(Request::int('page', 1), $max_page);
// Setup sidebar
$sidebar = Sidebar::get();
$sidebar->setImage('sidebar/person-sidebar.png');
// Add buddy configuration option to sidebar only if the user actually
// has buddies
if ($this->contact_count > 0) {
$actions = new OptionsWidget();
$actions->addCheckbox(_('Nur Kontakte in der Übersicht der aktiven Benutzer anzeigen'), $this->settings['show_only_buddys'], $this->url_for('online/config/show_buddies/' . get_ticket()));
$actions->addCheckbox(_('Kontaktgruppen bei der Darstellung berücksichtigen'), $this->settings['show_groups'], $this->url_for('online/config/show_groups/' . get_ticket()));
$sidebar->addWidget($actions);
}
}
<?
if (isset($flash['question']) && isset($flash['candidate'])) {
$dialog = $GLOBALS['template_factory']->open('shared/question');
echo $this->render_partial($dialog, array(
"question" => $flash['question'],
"approvalLink" => $controller->url_for('course/studygroup/edit_members/'
. $sem_id . '/remove_approved/todo/' . get_ticket()
. '?user='******'candidate']),
"disapprovalLink" => $controller->url_for('course/studygroup/members/' . $sem_id . '/' . $page),
));
}
$view = count($moderators) + count($tutors) + count($autors) >= 50 ? "list" : "gallery";
?>
<?php
echo $this->render_partial("course/studygroup/_feedback", compact('anzahl', 'page', 'sem_id'));
?>
<? $partial = $view == 'list' ? 'course/studygroup/_members_list.php' : 'course/studygroup/gallery.php' ?>
<? if (!empty($moderators)) : ?>
<?php
echo $this->render_partial($partial, array('title' => $sem_class['title_dozent_plural'] ?: _("Gruppenadministrator/-innen"), 'sem_id' => $sem_id, 'members' => $moderators, 'moderator_list' => true));
?>
<? endif ?>
<? if (!empty($tutors)) : ?>
<?php
echo $this->render_partial($partial, array('title' => $sem_class['title_tutor_plural'] ?: _("Moderator/-innen"), 'sem_id' => $sem_id, 'members' => $tutors));
?>
<? endif ?>
function plugin_approve_action()
{
global $vars, $post;
if (auth::check_role('readonly')) {
die_message(_('PKWK_READONLY prohibits editing'));
}
if (auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
// Petit SPAM Check (Client(Browser)-Server Ticket Check)
$spam = FALSE;
if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) {
$s_tracker = md5(get_ticket() . 'Approve');
error_log("\$s_tracker: " . $s_tracker);
error_log("\$_SESSION['tracker']: " . $_SESSION['tracker']);
} else {
if (isset($post['encode_hint']) && $post['encode_hint'] != '') {
error_log("\$post['encode_hint']: " . $post['encode_hint']);
if (PKWK_ENCODING_HINT != $post['encode_hint']) {
$spam = TRUE;
}
} else {
error_log("PKWK_ENCODING_HINT: " . PKWK_ENCODING_HINT);
if (PKWK_ENCODING_HINT != '') {
$spam = TRUE;
}
}
error_log("is_spampost: " . is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT));
if (is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT)) {
$spam = TRUE;
}
}
error_log("isSpam: " . $spam);
if ($spam) {
honeypot_write();
return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>');
}
$name = isset($post['name']) ? $post['name'] : '';
$page = isset($post['_page']) ? $post['_page'] : '';
if ($name == '') {
return '<p>approve(): empty name.</p>';
}
if ($page == '') {
return '<p>approve(): empty page.</p>';
}
$config_path = PLUGIN_APPROVE_CONFIG_ROOT . $name;
$config = new YamlConfig($config_path);
if (!$config->read()) {
return array('msg' => 'Approve', 'body' => '<p>approve(): failed to load config. "' . $config_path . '"</p>');
}
$pattern = $config[PLUGIN_APPROVE_KEY_PATTERN];
$replace = $config[PLUGIN_APPROVE_KEY_REPLACE];
$page_regex = $config[PLUGIN_APPROVE_KEY_PAGE_REGEX];
if ($page == '') {
return array('msg' => 'Approve', 'body' => '<p>approve(): empty page.</p>');
}
if ($pattern == '') {
return array('msg' => 'Approve', 'body' => '<p>approve(): empty pattern.</p>');
}
if ($page_regex == '') {
return array('msg' => 'Approve', 'body' => '<p>approve(): empty page_regex.</p>');
}
if (!preg_match($page_regex, $page)) {
return array('msg' => 'Approve', 'body' => '<p>approve(): page not match.</p>');
}
if (PKWK_READONLY > 0 || is_freeze($vars['page']) || !plugin_approve_is_edit_authed($page)) {
return array('msg' => 'Approve', 'body' => '<p>approve(): prohibit editing. "' . $page . '"</p>');
}
$source = get_source($page, TRUE, TRUE);
if ($source === FALSE) {
return array('msg' => 'Approve', 'body' => '<p>approve(): failed to load page. "' . $page . '"</p>');
}
if (strpos($source, $pattern) === FALSE) {
return array('msg' => 'Approve', 'body' => '<p>approve(): pattern not match.</p>');
}
$source = str_replace($pattern, $replace, $source);
//return array('msg'=>'Approve', 'body'=>$source);
page_write($page, $source);
pkwk_headers_sent();
header('Location: ' . get_page_location_uri($page));
exit;
}
function plugin_commentx_convert()
{
global $vars, $digest;
//, $_btn_comment, $_btn_name, $_msg_comment;
static $numbers = array();
static $all_numbers = 0;
$_btn_name = _("Name: ");
$_btn_comment = _("Post Comment");
$_msg_comment = _("Comment: ");
$auth_guide = '';
if (PKWK_READONLY == ROLE_AUTH) {
// Plus!
if (exist_plugin('login')) {
$auth_guide = do_plugin_inline('login');
}
}
if (is_callable(array('auth', 'check_role'))) {
// Plus!
if (auth::check_role('readonly')) {
return $auth_guide;
}
} else {
if (PKWK_READONLY) {
return '';
}
}
if (!isset($numbers[$vars['page']])) {
$numbers[$vars['page']] = 0;
}
$comment_no = $numbers[$vars['page']]++;
$comment_all_no = $all_numbers++;
$options = func_num_args() ? func_get_args() : array();
$noname = in_array('noname', $options);
$nodate = in_array('nodate', $options) ? '1' : '0';
$above = in_array('above', $options) ? '1' : (in_array('below', $options) ? '0' : PLUGIN_COMMENTX_DIRECTION_DEFAULT);
$textarea = in_array('textarea', $options) ? TRUE : (in_array('textfield', $options) ? FALSE : PLUGIN_COMMENTX_TEXTAREA);
list($user, $link, $disabled) = plugin_commentx_get_nick();
if ($noname) {
$nametags = '<label for="_p_comment_comment_' . $comment_all_no . '">' . $_msg_comment . '</label>';
} else {
if ($textarea) {
$nametags = '<label for="_p_comment_name_' . $comment_all_no . '">' . $_btn_name . '</label>' . '<input type="text" name="name" id="_p_comment_name_' . $comment_all_no . '" size="' . PLUGIN_COMMENTX_SIZE_TEXTAREA_NAME . '" value="' . $user . '"' . $disabled . ' /><br />' . "\n";
} else {
$nametags = '<label for="_p_comment_name_' . $comment_all_no . '">' . $_btn_name . '</label>' . '<input type="text" name="name" id="_p_comment_name_' . $comment_all_no . '" size="' . PLUGIN_COMMENTX_SIZE_NAME . '" value="' . $user . '"' . $disabled . ' />' . "\n";
}
}
if ($textarea) {
$comment_box = '<textarea name="msg" id="_p_comment_comment_{' . $comment_all_no . '}" rows="' . PLUGIN_COMMENTX_SIZE_TEXTAREA_ROWS . '" style="width:' . PLUGIN_COMMENTX_SIZE_TEXTAREA_COLS . ';" /></textarea>';
} else {
$comment_box = '<input type="text" name="msg" id="_p_comment_comment_{' . $comment_all_no . '}" style="width:' . PLUGIN_COMMENTX_SIZE_MSG . ';" />';
}
if (function_exists('edit_form_assistant')) {
// Plus!
$helptags = edit_form_assistant();
}
$refpage = '';
$script = get_script_uri();
$s_page = htmlspecialchars($vars['page']);
$r_page = htmlspecialchars(rawurlencode($vars['page']));
$ticket = md5(MUTIME);
if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) {
$keyword = $ticket;
$_SESSION[$keyword] = md5(get_ticket() . $digest);
}
$string = <<<EOD
<br />
{$auth_guide}
<form action="{$script}?{$r_page}" method="post">
<div class="commentform" onmouseup="pukiwiki_pos()" onkeyup="pukiwiki_pos()">
<input type="hidden" name="refpage" value="{$refpage}" />
<input type="hidden" name="plugin" value="commentx" />
<input type="hidden" name="refer" value="{$s_page}" />
<input type="hidden" name="comment_no" value="{$comment_no}" />
<input type="hidden" name="nodate" value="{$nodate}" />
<input type="hidden" name="above" value="{$above}" />
<input type="hidden" name="digest" value="{$digest}" />
<input type="hidden" name="ticket" value="{$ticket}" />
{$nametags}
{$comment_box}
<input type="submit" name="comment" value="{$_btn_comment}" />
{$helptags}
</div>
</form>
EOD;
return $string;
}
/**
* deletes a studygroup
*
* @param string id of a studypgroup
* @param boolean approveDelete
* @param string studipticket
*
* @return void
*
*/
function delete_action($id, $approveDelete = false, $studipticket = false)
{
global $perm;
if ($perm->have_studip_perm('dozent', $id)) {
if ($approveDelete && check_ticket($studipticket)) {
$messages = array();
$sem = new Seminar($id);
$sem->delete();
if ($messages = $sem->getStackedMessages()) {
$this->flash['messages'] = $messages;
}
unset($sem);
// Weiterleitung auf die "meine Seminare", wenn es kein Admin
// ist, ansonsten auf die Studiengruppenseite
if (!$perm->have_perm('root')) {
$this->redirect(URLHelper::getURL('dispatch.php/my_courses'));
} else {
$this->redirect(URLHelper::getURL('dispatch.php/studygroup/browse'));
}
return;
} else {
if (!$approveDelete) {
$template = $GLOBALS['template_factory']->open('shared/question');
$template->set_attribute('approvalLink', $this->url_for('course/studygroup/delete/' . $id . '/true/' . get_ticket()));
$template->set_attribute('disapprovalLink', $this->url_for('course/studygroup/edit/' . $id));
$template->set_attribute('question', _("Sind Sie sicher, dass Sie diese Studiengruppe löschen möchten?"));
$this->flash['question'] = $template->render();
$this->redirect('course/studygroup/edit/' . $id);
return;
}
}
}
throw new Trails_Exception(401);
}
function edit_form($page, $postdata, $digest = FALSE, $b_template = TRUE)
{
global $script, $vars, $rows, $cols, $hr, $function_freeze;
global $load_template_func, $load_refer_related;
global $notimeupdate;
global $_button, $_string;
global $ajax, $ctrl_unload;
// Newly generate $digest or not
if ($digest === FALSE) {
$digest = md5(get_source($page, TRUE, TRUE));
}
$refer = $template = $addtag = $add_top = $add_ajax = '';
$checked_top = isset($vars['add_top']) ? ' checked="checked"' : '';
$checked_time = isset($vars['notimestamp']) ? ' checked="checked"' : '';
if (isset($vars['add'])) {
$addtag = '<input type="hidden" name="add" value="true" />';
$add_top = '<input type="checkbox" name="add_top" value="true"' . $checked_top . ' /><span class="small">' . $_button['addtop'] . '</span>';
}
if ($load_template_func && $b_template) {
$pages = array();
foreach (auth::get_existpages() as $_page) {
if (is_cantedit($_page) || check_non_list($_page)) {
continue;
}
$s_page = htmlspecialchars($_page);
$pages[$_page] = ' <option value="' . $s_page . '">' . $s_page . '</option>';
}
ksort($pages, SORT_STRING);
$s_pages = join("\n", $pages);
$template = <<<EOD
<select name="template_page">
<option value="">-- {$_button['template']} --</option>
{$s_pages}
</select>
<input type="submit" name="template" value="{$_button['load']}" accesskey="r" />
<br />
EOD;
if ($load_refer_related) {
if (isset($vars['refer']) && $vars['refer'] != '') {
$refer = '[[' . strip_bracket($vars['refer']) . ']]' . "\n\n";
}
}
}
$r_page = rawurlencode($page);
$s_page = htmlspecialchars($page);
$s_digest = htmlspecialchars($digest);
$s_postdata = htmlspecialchars($refer . $postdata);
$s_original = isset($vars['original']) ? htmlspecialchars($vars['original']) : $s_postdata;
$s_id = isset($vars['id']) ? htmlspecialchars($vars['id']) : '';
$b_preview = isset($vars['preview']);
// TRUE when preview
$btn_preview = $b_preview ? $_button['repreview'] : $_button['preview'];
$s_ticket = md5(MUTIME);
if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) {
// BugTrack/95 fix Problem: browser RSS request with session
$_SESSION[$s_ticket] = md5(get_ticket() . $digest);
$_SESSION['origin' . $s_ticket] = md5(get_ticket() . str_replace("\r", '', $s_original));
}
if ($ajax && !is_mobile()) {
$add_ajax = '<input type="button" name="add_ajax" value="' . $btn_preview . '" accesskey="p" onclick="pukiwiki_apx(this.form.page.value)" />';
} else {
$add_ajax = '<input type="submit" name="preview" value="' . $btn_preview . '" accesskey="p" />';
}
$add_notimestamp = '';
if ($notimeupdate != 0 && is_page($page)) {
// enable 'do not change timestamp'
$add_notimestamp = <<<EOD
<input type="checkbox" name="notimestamp" id="_edit_form_notimestamp" value="true"{$checked_time} />
<label for="_edit_form_notimestamp"><span class="small">{$_button['notchangetimestamp']}</span></label>
EOD;
if ($notimeupdate == 2 && auth::check_role('role_adm_contents')) {
// enable only administrator
$add_notimestamp .= <<<EOD
<input type="password" name="pass" size="12" />
EOD;
}
$add_notimestamp .= ' ';
}
$refpage = isset($vars['refpage']) ? htmlspecialchars($vars['refpage']) : '';
$add_assistant = edit_form_assistant();
$body = <<<EOD
<div id="realview_outer"><div id="realview"></div><br /></div>
<form action="{$script}" method="post" id="form">
<div class="edit_form" onmouseup="pukiwiki_pos()" onkeyup="pukiwiki_pos()">
{$template}
{$addtag}
<input type="hidden" name="cmd" value="edit" />
<input type="hidden" name="page" value="{$s_page}" />
<input type="hidden" name="digest" value="{$s_digest}" />
<input type="hidden" name="ticket" value="{$s_ticket}" />
<input type="hidden" name="id" value="{$s_id}" />
<textarea id="msg" name="msg" rows="{$rows}" cols="{$cols}" onselect="pukiwiki_apv(this.form.page.value,this)" onfocus="pukiwiki_apv(this.form.page.value,this)" onkeyup="pukiwiki_apv(this.form.page.value,this)" onmouseup="pukiwiki_apv(this.form.page.value,this)">{$s_postdata}</textarea>
<br />
{$add_assistant}
<br />
<input type="submit" name="write" value="{$_button['update']}" accesskey="s" />
{$add_top}
{$add_ajax}
{$add_notimestamp}
<input type="submit" id="cancel" name="cancel" value="{$_button['cancel']}" accesskey="c" />
<textarea id="original" name="original" rows="1" cols="1" style="display:none">{$s_original}</textarea>
</div>
</form>
EOD;
if ($ajax) {
global $head_tags;
$head_tags[] = ' <script type="text/javascript" charset="utf-8" src="' . SKIN_URI . 'ajax/msxml.js"></script>';
$head_tags[] = ' <script type="text/javascript" charset="utf-8" src="' . SKIN_URI . 'ajax/realedit.js"></script>';
}
if ($ctrl_unload) {
global $head_tags;
$head_tags[] = ' <script type="text/javascript" charset="utf-8" src="' . SKIN_URI . 'ajax/ctrl_unload.js"></script>';
}
return $body;
}
function get_ticket_response($ticket_number)
{
$ticket = get_ticket($ticket_number);
$data = array("response_type" => "in_channel", "attachments" => array(array("title" => $ticket->getDisplayId() . " - " . $ticket->getSubject(), "fallback" => "Case " . $ticket->getDisplayId(), "title_link" => "http://prosoftxp.com/support/staff/index.php?/Tickets/Ticket/View/" . $ticket->getDisplayId(), "fields" => array(array("title" => "Creator", "value" => $ticket->getFullName(), "short" => "true"), array("title" => "Assigned To", "value" => $ticket->getOwnerStaffName() == "" ? "Unassigned" : $ticket->getOwnerStaffName(), "short" => "true")))));
return $data;
}
function plugin_guiedit_edit_form($page, $postdata, $digest = FALSE, $b_template = TRUE)
{
global $vars;
global $load_template_func, $whatsnew;
global $_button;
global $notimeupdate;
global $js_tags, $link_tags, $js_blocks;
global $guiedit_use_fck;
$script = get_script_uri();
// Newly generate $digest or not
if ($digest === FALSE) {
$digest = md5(get_source($page, TRUE, TRUE));
}
$s_id = isset($vars['id']) ? Utility::htmlsc($vars['id']) : '';
if (!$guiedit_use_fck) {
$body = edit_form($page, $postdata, $digest, $b_template);
$pattern = "/(<input\\s+type=\"hidden\"\\s+name=\"cmd\"\\s+value=\")edit(\"\\s*\\/?>)/";
$replace = "\$1guiedit\$2\n" . ' <input type="hidden" name="id" value="' . $s_id . '" />' . ' <input type="hidden" name="text" value="1" />';
$body = preg_replace($pattern, $replace, $body);
return $body;
}
// require_once(GUIEDIT_CONF_PATH . 'guiedit.ini.php');
// フォームの値の設定
$s_digest = Utility::htmlsc($digest);
$s_page = Utility::htmlsc($page);
$s_original = Utility::htmlsc($vars['original']);
$s_ticket = md5(MUTIME);
if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) {
// BugTrack/95 fix Problem: browser RSS request with session
$_SESSION[$s_ticket] = md5(get_ticket() . $digest);
$_SESSION['origin' . $s_ticket] = md5(get_ticket() . str_replace("\r", '', $s_original));
}
// テンプレート
$template = '';
if ($load_template_func) {
global $guiedit_non_list;
$pages = array();
foreach (get_existpages() as $_page) {
if ($_page == $whatsnew || check_non_list($_page)) {
continue;
}
foreach ($guiedit_non_list as $key) {
$pos = strpos($_page . '/', $key . '/');
if ($pos !== FALSE && $pos == 0) {
continue 2;
}
}
$_s_page = Utility::htmlsc($_page);
$pages[$_page] = ' <option value="' . $_s_page . '">' . $_s_page . '</option>';
}
ksort($pages);
$s_pages = join("\n", $pages);
$template = <<<EOD
<select name="template_page">
\t<option value="">-- {$_button['template']} --</option>
{$s_pages}
</select>
<br />
EOD;
}
// チェックボックス「タイムスタンプを変更しない」
$add_notimestamp = '';
if ($notimeupdate != 0) {
$checked_time = isset($vars['notimestamp']) ? ' checked="checked"' : '';
// if ($notimeupdate == 2) {
if ($notimeupdate == 2 && Auth::check_role('role_contents_admin')) {
$add_notimestamp = ' ' . '<input type="password" name="pass" size="12" />' . "\n";
}
$add_notimestamp = '<input type="checkbox" name="notimestamp" ' . 'id="_edit_form_notimestamp" value="true"' . $checked_time . ' />' . "\n" . ' ' . '<label for="_edit_form_notimestamp"><span class="small">' . $_button['notchangetimestamp'] . '</span></label>' . "\n" . $add_notimestamp . ' ';
}
// フォーム
$body = <<<EOD
<div id="guiedit">
\t<form id="guiedit_form" action="{$script}" method="post" style="margin-bottom:0px;">
\t{$template}
\t\t<input type="hidden" name="cmd" value="guiedit" />
\t\t<input type="hidden" name="page" value="{$s_page}" />
\t\t<input type="hidden" name="digest" value="{$s_digest}" />
\t\t<input type="hidden" name="ticket" value="{$s_ticket}" />
\t\t<input type="hidden" name="id" value="{$s_id}" />
\t\t<textarea name="original" rows="1" cols="1" style="display:none">{$s_original}</textarea>
\t\t<textarea name="msg" id="editor"></textarea>
\t\t<div class="pull-left">
\t\t<button type="submit" name="write" accesskey="s" class="btn btn-primary">{$_button['update']}</button>
\t\t<button type="button" name="preview" accesskey="p" class="btn btn-secondary">{$_button['preview']}</button>
\t\t{$add_notimestamp}
\t\t</div>
\t</form>
\t<form action="{$script}" method="post">
\t\t<input type="hidden" name="cmd" value="guiedit" />
\t\t<input type="hidden" name="page" value="{$s_page}" />
\t\t<input type="submit" name="cancel" value="{$_button['cancel']}" class="btn btn-warning" accesskey="c" />
\t</form>
</div>
EOD;
$js_tags[] = array('type' => 'text/javascript', 'src' => COMMON_URI . 'js/ckeditor/ckeditor.js', 'defer' => 'defer');
$js_tags[] = array('type' => 'text/javascript', 'src' => COMMON_URI . 'js/ckeditor/adapters/jquery.js', 'defer' => 'defer');
$js_tags[] = array('type' => 'text/javascript', 'src' => COMMON_URI . 'js/plugin/guiedit/guiedit.js', 'defer' => 'defer');
return $body;
}
/**
* show institute basicdata page
*
* @param mixed $i_id Optional institute id
* @throws AccessDeniedException
*/
public function index_action($i_id = false)
{
PageLayout::setTitle(_('Verwaltung der Grunddaten'));
Navigation::activateItem('/admin/institute/details');
//get ID from an open Institut
$i_view = $i_id ?: Request::option('i_view', $GLOBALS['SessSemName'][1]);
if (!$i_view) {
require_once 'lib/admin_search.inc.php';
// This search just died a little inside, so it should be safe to
// continue here but we nevertheless return just to be sure
return;
} elseif ($i_view === 'new') {
closeObject();
}
// allow only inst-admin and root to view / edit
if ($i_view && !$GLOBALS['perm']->have_studip_perm('admin', $i_view) && $i_view !== 'new') {
throw new AccessDeniedException();
}
//Change header_line if open object
$header_line = getHeaderLine($i_view);
if ($header_line) {
PageLayout::setTitle($header_line . ' - ' . PageLayout::getTitle());
}
if (Request::get('i_trykill')) {
$message = _('Sind Sie sicher, dass Sie diese Einrichtung löschen wollen?');
$post['i_kill'] = 1;
$post['studipticket'] = get_ticket();
$this->question = createQuestion2($message, $post, array(), $this->url_for('institute/basicdata/delete/' . $i_view));
}
$lockrule = LockRules::getObjectRule($i_view);
if ($lockrule->description && LockRules::CheckLockRulePermission($i_view, $lockrule['permission'])) {
PageLayout::postMessage(MessageBox::info(formatLinks($lockrule->description)));
}
// Load institute data
$institute = new Institute($i_view === 'new' ? null : $i_view);
//add the free administrable datafields
$datafields = array();
$localEntries = DataFieldEntry::getDataFieldEntries($institute->id, 'inst');
if ($localEntries) {
$invalidEntries = $this->flash['invalid_entries'] ?: array();
foreach ($localEntries as $entry) {
if (!$entry->isVisible()) {
continue;
}
$color = '#000000';
if (in_array($entry->getId(), $invalidEntries)) {
$color = '#ff0000';
}
$datafields[] = array('color' => $color, 'title' => $entry->getName(), 'value' => $GLOBALS['perm']->have_perm($entry->isEditable()) && !LockRules::Check($institute['Institut_id'], $entry->getId()) ? $entry->getHTML('datafields') : $entry->getDisplayValue());
}
}
// Read faculties if neccessary
if (count($institute->sub_institutes) === 0) {
if ($GLOBALS['perm']->have_perm('root')) {
$this->faculties = Institute::findBySQL('Institut_id = fakultaets_id ORDER BY Name ASC', array($i_view));
} else {
$temp = User::find($GLOBALS['user']->id)->institute_memberships->findBy('inst_perms', 'admin')->pluck('institute');
$institutes = SimpleORMapCollection::createFromArray($temp);
$faculties = $institutes->filter(function ($institute) {
return $institute->is_fak;
});
$this->faculties = $faculties;
}
}
// Indicates whether the current user is allowed to delete the institute
$this->may_delete = $i_view !== 'new' && !(count($institute->home_courses) || count($institute->sub_institutes)) && ($GLOBALS['perm']->have_perm('root') || $GLOBALS['perm']->is_fak_admin() && get_config('INST_FAK_ADMIN_PERMS') == 'all');
if (!$this->may_delete) {
//Set infotext for disabled delete-button
$reason_txt = _('Löschen nicht möglich.');
if (count($institute->home_courses) > 0) {
$reason_txt .= ' ';
$reason_txt .= sprintf(ngettext('Es ist eine Veranstaltung zugeordnet.', 'Es sind %u Veranstaltungen zugeordnet.', count($institute->home_courses)), count($institute->home_courses));
}
if (count($institute->sub_institutes) > 0) {
$reason_txt .= ' ';
$reason_txt .= sprintf(ngettext('Es ist eine Einrichtung zugeordnet.', 'Es sind %u Einrichtungen zugeordnet.', count($institute->sub_institutes)), count($institute->sub_institutes));
}
}
// Indicates whether the current user is allowed to change the faculty
$this->may_edit_faculty = $GLOBALS['perm']->is_fak_admin() && !LockRules::Check($institute['Institut_id'], 'fakultaets_id') && ($GLOBALS['perm']->have_studip_perm('admin', $institute['fakultaets_id']) || $i_view === 'new');
// Prepare template
$this->institute = $institute;
$this->i_view = $i_view;
$this->datafields = $datafields;
$this->reason_txt = $reason_txt;
}
/**
* Generic verififcation dialog
*
* @param String $message Message to be displayed to the user
* @param mixed $approved Arguments to pass to url_for if the user
* approves the question
* @param mixed $rejected Arguments to pass to url_for if the user
* disapproves the question
* @return String Rendered output of the verification dialog.
*/
public function verifyDialog($message, $approved, $rejected)
{
$template = $GLOBALS['template_factory']->open('shared/question');
// inject tickets into arguments
$arguments = is_array(end($approved)) ? array_pop($approved) : array();
$arguments['studipticket'] = get_ticket();
$approved[] = $arguments;
$template->approvalLink = call_user_func_array(array($this, 'url_for'), $approved);
$template->disapprovalLink = call_user_func_array(array($this, 'url_for'), $rejected);
$template->question = $message;
return $template->render();
}
<?
# Lifter010: TODO
use Studip\Button, Studip\LinkButton;
?>
<? if ($delete_role): ?>
<?php
echo $GLOBALS['template_factory']->render('shared/question', array('question' => sprintf(_('Wollen Sie wirklich die Rolle "%s" löschen?'), $roles[$delete_role]->getRolename()), 'approvalLink' => $controller->url_for('admin/role/remove_role', $delete_role) . '?ticket=' . get_ticket(), 'disapprovalLink' => $controller->url_for('admin/role')));
?>
<? endif ?>
<table class="default">
<caption>
<?php
echo _('Vorhandene Rollen');
?>
</caption>
<thead>
<tr>
<th><?php
echo _('Name');
?>
</th>
<th style="text-align: right;"><?php
echo _('Benutzer');
?>
</th>
<th style="text-align: right;"><?php
echo _('Plugins');
?>
</th>
<?php
/** on vérifie si une variable de session existe */
if (!isset($_SESSION['id'])) {
/** retour à l'index */
header('Location: index.php');
}
/** sinon on récupère les données des tickets */
include_once 'model/tickets.php';
/** on vérifie si des variables sont passés par l'url */
if (isset($_GET['a_recup'])) {
/** @var array contient les données du ticket */
$ticket = get_ticket($_GET['a_recup']);
/** on vérifie si l'utilisateur a l'autorisation */
if ($_SESSION['nm_grp'] != 'Techicien' && $ticket[0]['idVisiteur'] != $_SESSION['id'] && $ticket[0]['etat_ticket'] != 'Ouvert' && $ticket[0]['etat_ticket'] != 'En Attente') {
/** retour à l'index */
header('Location: index.php?page=tickets');
}
}
/** @var array récupère tous les tickets */
$tickets = get_tickets();
/** @var array récupère tous les équipements */
$equipements = get_equipements();
/** on appel la view des tickets */
include_once 'view/tickets.php';
function plugin_bugtrack_print_form($base, $category)
{
global $_plugin_bugtrack, $script;
static $id = 0;
++$id;
$select_priority = "\n";
$count = count($_plugin_bugtrack['priority_list']);
$selected = '';
for ($i = 0; $i < $count; ++$i) {
if ($i == $count - 1) {
$selected = ' selected="selected"';
}
// The last one
$priority_list = htmlspecialchars($_plugin_bugtrack['priority_list'][$i]);
$select_priority .= ' <option value="' . $priority_list . '"' . $selected . '>' . $priority_list . '</option>' . "\n";
}
$select_state = "\n";
for ($i = 0; $i < count($_plugin_bugtrack['state_list']); ++$i) {
$state_list = htmlspecialchars($_plugin_bugtrack['state_list'][$i]);
$select_state .= ' <option value="' . $state_list . '">' . $state_list . '</option>' . "\n";
}
if (empty($category)) {
$encoded_category = '<input name="category" id="_p_bugtrack_category_' . $id . '" type="text" />';
} else {
$encoded_category = '<select name="category" id="_p_bugtrack_category_' . $id . '">';
foreach ($category as $_category) {
$s_category = htmlspecialchars($_category);
$encoded_category .= '<option value="' . $s_category . '">' . $s_category . '</option>' . "\n";
}
$encoded_category .= '</select>';
}
$ticket = md5(MUTIME);
if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) {
$keyword = 'B_' . $ticket;
$_SESSION[$keyword] = md5(get_ticket() . $ticket);
}
$s_base = htmlspecialchars($base);
$s_name = htmlspecialchars($_plugin_bugtrack['name']);
$s_category = htmlspecialchars($_plugin_bugtrack['category']);
$s_priority = htmlspecialchars($_plugin_bugtrack['priority']);
$s_state = htmlspecialchars($_plugin_bugtrack['state']);
$s_pname = htmlspecialchars($_plugin_bugtrack['pagename']);
$s_pnamec = htmlspecialchars($_plugin_bugtrack['pagename_comment']);
$s_version = htmlspecialchars($_plugin_bugtrack['version']);
$s_versionc = htmlspecialchars($_plugin_bugtrack['version_comment']);
$s_summary = htmlspecialchars($_plugin_bugtrack['summary']);
$s_body = htmlspecialchars($_plugin_bugtrack['body']);
$s_submit = htmlspecialchars($_plugin_bugtrack['submit']);
$body = <<<EOD
<form action="{$script}" method="post">
<table border="0">
<tr>
<th><label for="_p_bugtrack_name_{$id}">{$s_name}</label></th>
<td><input id="_p_bugtrack_name_{$id}" name="name" size="20" type="text" /></td>
</tr>
<tr>
<th><label for="_p_bugtrack_category_{$id}">{$s_category}</label></th>
<td>{$encoded_category}</td>
</tr>
<tr>
<th><label for="_p_bugtrack_priority_{$id}">{$s_priority}</label></th>
<td><select id="_p_bugtrack_priority_{$id}" name="priority">{$select_priority} </select></td>
</tr>
<tr>
<th><label for="_p_bugtrack_state_{$id}">{$s_state}</label></th>
<td><select id="_p_bugtrack_state_{$id}" name="state">{$select_state} </select></td>
</tr>
<tr>
<th><label for="_p_bugtrack_pagename_{$id}">{$s_pname}</label></th>
<td><input id="_p_bugtrack_pagename_{$id}" name="pagename" size="20" type="text" />
<small>{$s_pnamec}</small></td>
</tr>
<tr>
<th><label for="_p_bugtrack_version_{$id}">{$s_version}</label></th>
<td><input id="_p_bugtrack_version_{$id}" name="version" size="10" type="text" />
<small>{$s_versionc}</small></td>
</tr>
<tr>
<th><label for="_p_bugtrack_summary_{$id}">{$s_summary}</label></th>
<td><input id="_p_bugtrack_summary_{$id}" name="summary" size="60" type="text" /></td>
</tr>
<tr>
<th><label for="_p_bugtrack_body_{$id}">{$s_body}</label></th>
<td><textarea id="_p_bugtrack_body_{$id}" name="body" cols="60" rows="6"></textarea></td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" value="{$s_submit}" />
<input type="hidden" name="plugin" value="bugtrack" />
<input type="hidden" name="ticket" value="{$ticket}" />
<input type="hidden" name="mode" value="submit" />
<input type="hidden" name="base" value="{$s_base}" />
</td>
</tr>
</table>
</form>
EOD;
return $body;
}
function plugin_comment_convert()
{
global $vars, $digest, $script;
//, $_btn_comment, $_btn_name, $_msg_comment;
static $numbers = array();
static $all_numbers = 0;
static $comment_cols = PLUGIN_COMMENT_SIZE_MSG;
$_btn_name = _("Name: ");
$_btn_comment = _("Post Comment");
$_msg_comment = _("Comment: ");
$auth_guide = '';
if (PKWK_READONLY == ROLE_AUTH) {
exist_plugin('login');
$auth_guide = do_plugin_inline('login');
}
// if (PKWK_READONLY) return ''; // Show nothing
if (auth::check_role('readonly')) {
return $auth_guide;
}
if (!isset($numbers[$vars['page']])) {
$numbers[$vars['page']] = 0;
}
$comment_no = $numbers[$vars['page']]++;
$comment_all_no = $all_numbers++;
$options = func_num_args() ? func_get_args() : array();
list($user, $link, $disabled) = plugin_comment_get_nick();
if (in_array('noname', $options)) {
$nametags = '<label for="_p_comment_comment_' . $comment_all_no . '">' . $_msg_comment . '</label>';
} else {
$nametags = '<label for="_p_comment_name_' . $comment_all_no . '">' . $_btn_name . '</label>' . '<input type="text" name="name" id="_p_comment_name_' . $comment_all_no . '" size="' . PLUGIN_COMMENT_SIZE_NAME . '" value="' . htmlspecialchars($user) . '"' . $disabled . ' />' . "\n";
}
$helptags = edit_form_assistant();
$nodate = in_array('nodate', $options) ? '1' : '0';
$above = in_array('above', $options) ? '1' : (in_array('below', $options) ? '0' : PLUGIN_COMMENT_DIRECTION_DEFAULT);
$refpage = '';
$s_page = htmlspecialchars($vars['page']);
$ticket = md5(MUTIME);
if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) {
$keyword = $ticket;
$_SESSION[$keyword] = md5(get_ticket() . $digest);
}
$string = <<<EOD
<br />
{$auth_guide}
<form action="{$script}" method="post">
<div class="commentform" onmouseup="pukiwiki_pos()" onkeyup="pukiwiki_pos()">
<input type="hidden" name="refpage" value="{$refpage}" />
<input type="hidden" name="plugin" value="comment" />
<input type="hidden" name="refer" value="{$s_page}" />
<input type="hidden" name="comment_no" value="{$comment_no}" />
<input type="hidden" name="nodate" value="{$nodate}" />
<input type="hidden" name="above" value="{$above}" />
<input type="hidden" name="digest" value="{$digest}" />
<input type="hidden" name="ticket" value="{$ticket}" />
{$nametags}
<input type="text" name="msg" id="_p_comment_comment_{$comment_all_no}" size="{$comment_cols}" />
<input type="submit" name="comment" value="{$_btn_comment}" />
{$helptags}
</div>
</form>
EOD;
return $string;
}
<?php
echo Button::create(_('Auswählen'), 'select', array('title' => _('Plugin auswählen')));
?>
</form>
<? if ($pluginid): ?>
<form action="<?php
echo $controller->url_for('admin/role/save_plugin_role', $pluginid);
?>
" method="POST">
<?php
echo CSRFProtection::tokenTag();
?>
<input type="hidden" name="ticket" value="<?php
echo get_ticket();
?>
">
<table class="default nohover">
<tr>
<th style="text-align: center;"><?php
echo _('Gegenwärtig zugewiesene Rollen');
?>
</th>
<th></th>
<th><?php
echo _('Verfügbare Rollen');
?>
</th>
</tr>
<tr class="table_row_even">
/**
* Displays a page.
*
* @param mixed $id Id of the page to display, optional - defaults to
* first page in set.
*/
public function index_action($id = null)
{
$temp = StudipScmEntry::findByRange_id($GLOBALS['SessSemName'][1], 'ORDER BY position ASC');
$this->scms = SimpleORMapCollection::createFromArray($temp);
$this->scm = $id ? $this->scms->find($id) : $this->scms->first();
if (!$this->scm) {
throw new Trails_Exception(404, _('Es konnte keine freie Informationsseite mit der angegebenen Id gefunden werden.'));
}
if (Request::get('verify') == 'delete') {
$this->verification = $GLOBALS['template_factory']->open('shared/question')->render(array('approvalLink' => $this->url_for('course/scm/delete/' . $this->scm->id . '?ticket=' . get_ticket()), 'disapprovalLink' => $this->url_for('course/scm/' . $this->scm->id), 'question' => _('Wollen Sie diese Seite wirklich löschen?')));
}
$this->set_title($this->scm->tab_name);
Navigation::activateItem('/course/scm/' . $this->scm->id);
}
function plugin_guiedit_edit_form($page, $postdata, $digest = FALSE, $b_template = TRUE)
{
global $vars;
global $load_template_func, $whatsnew;
global $_button;
global $notimeupdate;
global $head_tags, $javascript;
global $guiedit_use_fck;
// Newly generate $digest or not
if ($digest === FALSE) {
$digest = md5(get_source($page, TRUE, TRUE));
}
$s_id = isset($vars['id']) ? htmlspecialchars($vars['id']) : '';
if (!$guiedit_use_fck) {
$body = edit_form($page, $postdata, $digest, $b_template);
$pattern = "/(<input\\s+type=\"hidden\"\\s+name=\"cmd\"\\s+value=\")edit(\"\\s*\\/?>)/";
$replace = "\$1guiedit\$2\n" . ' <input type="hidden" name="id" value="' . $s_id . '" />' . ' <input type="hidden" name="text" value="1" />';
$body = preg_replace($pattern, $replace, $body);
return $body;
}
require_once GUIEDIT_LIB_PATH . 'guiedit.ini.php';
// フォームの値の設定
$s_digest = htmlspecialchars($digest);
$s_page = htmlspecialchars($page);
$s_original = htmlspecialchars($vars['original']);
$s_ticket = md5(MUTIME);
if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) {
// BugTrack/95 fix Problem: browser RSS request with session
$_SESSION[$s_ticket] = md5(get_ticket() . $digest);
$_SESSION['origin' . $s_ticket] = md5(get_ticket() . str_replace("\r", '', $s_original));
}
// テンプレート
$template = '';
if ($load_template_func) {
global $guiedit_non_list;
$pages = array();
foreach (get_existpages() as $_page) {
if ($_page == $whatsnew || check_non_list($_page)) {
continue;
}
foreach ($guiedit_non_list as $key) {
$pos = strpos($_page . '/', $key . '/');
if ($pos !== FALSE && $pos == 0) {
continue 2;
}
}
$_s_page = htmlspecialchars($_page);
$pages[$_page] = ' <option value="' . $_s_page . '">' . $_s_page . '</option>';
}
ksort($pages);
$s_pages = join("\n", $pages);
$template = <<<EOD
<select name="template_page" onchange="Template()">
<option value="">-- {$_button['template']} --</option>
{$s_pages}
</select>
<br />
EOD;
}
// チェックボックス「タイムスタンプを変更しない」
$add_notimestamp = '';
if ($notimeupdate != 0) {
$checked_time = isset($vars['notimestamp']) ? ' checked="checked"' : '';
// if ($notimeupdate == 2) {
if ($notimeupdate == 2 && auth::check_role('role_adm_contents')) {
$add_notimestamp = ' ' . '<input type="password" name="pass" size="12" />' . "\n";
}
$add_notimestamp = '<input type="checkbox" name="notimestamp" ' . 'id="_edit_form_notimestamp" value="true"' . $checked_time . ' />' . "\n" . ' ' . '<label for="_edit_form_notimestamp"><span class="small">' . $_button['notchangetimestamp'] . '</span></label>' . "\n" . $add_notimestamp . ' ';
}
// フォーム
$body = <<<EOD
<div class="edit_form">
<form id="edit_form" action="{$script}" method="post" style="margin-bottom:0px;">
{$template}
<input type="hidden" name="cmd" value="guiedit" />
<input type="hidden" name="page" value="{$s_page}" />
<input type="hidden" name="digest" value="{$s_digest}" />
<input type="hidden" name="ticket" value="{$s_ticket}" />
<input type="hidden" name="id" value="{$s_id}" />
<textarea name="msg" rows="1" cols="1" style="display:none"></textarea>
<div style="float:left;">
<input type="submit" name="write" value="{$_button['update']}" accesskey="s" onclick="Write()" />
<input type="button" name="preview" value="{$_button['preview']}" accesskey="p" onclick="Preview()" />
{$add_notimestamp}
</div>
<textarea name="original" rows="1" cols="1" style="display:none">{$s_original}</textarea>
</form>
<form action="{$script}" method="post" style="margin-top:0px;">
<input type="hidden" name="cmd" value="guiedit" />
<input type="hidden" name="page" value="{$s_page}" />
<input type="submit" name="cancel" value="{$_button['cancel']}" accesskey="c" />
</form>
</div>
<div id="preview_indicator" style="display:none"></div>
<div id="preview_area" style="display:none"></div>
EOD;
// JavaScript を有効にする
$javascript = 1;
$root = get_baseuri('abs');
// ヘッダの設定
$head_tags[] = ' <link rel="stylesheet" type="text/css" href="' . GUIEDIT_LIB_PATH . 'guiedit.css" charset="UTF-8" />';
$head_tags[] = ' <script type="text/javascript" src="' . GUIEDIT_FCK_PATH . 'fckeditor.js" charset="UTF-8"></script>';
$head_tags[] = ' <script type="text/javascript" src="' . GUIEDIT_LIB_PATH . 'ajax.js" charset="UTF-8"></script>';
$head_tags[] = ' <script type="text/javascript" src="' . GUIEDIT_LIB_PATH . 'guiedit.js" charset="UTF-8"></script>';
$head_tags[] = ' <script type="text/javascript">';
$head_tags[] = ' <!-- <![CDATA[';
$head_tags[] = ' var SMILEY_PATH="' . $root . IMAGE_URI . "face/" . '";';
$head_tags[] = ' var FCK_PATH="' . $root . GUIEDIT_FCK_PATH . '";';
$head_tags[] = ' var GUIEDIT_PATH="' . $root . GUIEDIT_LIB_PATH . '";';
$head_tags[] = ' //]]>-->';
$head_tags[] = ' </script>';
return $body;
}
function plugin_tracker_action()
{
global $post, $vars, $now;
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
if (auth::check_role('readonly')) {
die_message(_('PKWK_READONLY prohibits editing'));
}
if (auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
$base = isset($post['_base']) ? $post['_base'] : '';
$refer = isset($post['_refer']) ? $post['_refer'] : '';
$createProxy = isset($post['_createProxy']) ? $post['_createProxy'] : '';
// $page name to add will be decided here
$num = 0;
$name = isset($post['_name']) ? $post['_name'] : '';
if (isset($post['_page'])) {
$real = $page = $post['_page'];
} else {
$real = is_pagename($name) ? $name : ++$num;
$page = get_fullname('./' . $real, $base);
}
if (!is_pagename($page)) {
$page = $base;
}
while (is_page($page)) {
$real = ++$num;
$page = $base . '/' . $real;
}
$config = isset($post['_config']) ? $post['_config'] : '';
$createProxy = isset($post['_createProxy']) ? $post['_createProxy'] : '';
// Petit SPAM Check (Client(Browser)-Server Ticket Check)
$spam = FALSE;
if (function_exists('pkwk_session_start') && pkwk_session_start() != 0) {
$s_tracker = md5(get_ticket() . $config_name);
error_log("\$s_tracker: " . $s_tracker);
error_log("\$_SESSION['tracker']: " . $_SESSION['tracker']);
// if ($_SESSION['tracker'] != $s_tracker) {
// $spam = TRUE;
// }
} else {
if (isset($post['encode_hint']) && $post['encode_hint'] != '') {
if (PKWK_ENCODING_HINT != $post['encode_hint']) {
$spam = TRUE;
}
} else {
if (PKWK_ENCODING_HINT != '') {
$spam = TRUE;
}
}
if (is_spampost(array('body'), PLUGIN_TRACKER_REJECT_SPAMCOUNT)) {
$spam = TRUE;
}
}
if ($spam) {
honeypot_write();
return array('msg' => 'cannot write', 'body' => '<p>prohibits editing</p>');
}
// TODO: Why here
// Default
$_post = array_merge($post, $_FILES);
$_post['_date'] = $now;
$_post['_page'] = $page;
$_post['_name'] = $name;
$_post['_real'] = $real;
// $_post['_refer'] = $_post['refer'];
// TODO: Why here => See BugTrack/662
// Creating an empty page, before attaching files
pkwk_touch_file(get_filename($page));
$from = $to = array();
$tracker_form =& new Tracker_form();
if (!$tracker_form->init($base, $refer, $config)) {
return array('msg' => 'Cannot write', 'body' => htmlspecialchars($tracker_form->error));
}
// Load $template
$template_page = $tracker_form->config->page . '/' . PLUGIN_TRACKER_DEFAULT_PAGE;
$template = plugin_tracker_get_source($template_page);
if ($template === FALSE || empty($template)) {
return array('msg' => 'Cannot write', 'body' => 'Page template (' . htmlspecialchars($template_page) . ') not found');
}
if (!$tracker_form->initFields(plugin_tracker_field_pickup(implode('', $template)))) {
return array('msg' => 'Cannot write', 'body' => htmlspecialchars($tracker_form->error));
}
$fields = $tracker_form->fields;
unset($tracker_form);
foreach (array_keys($fields) as $field) {
$from[] = '[' . $field . ']';
$to[] = isset($_post[$field]) ? $fields[$field]->format_value($_post[$field]) : '';
unset($fields[$field]);
}
// Repalace every [$field]s (found inside $template) to real values
$subject = $escape = array();
foreach (array_keys($template) as $linenum) {
if (trim($template[$linenum]) == '') {
continue;
}
// Escape some TextFormattingRules
$letter = $template[$linenum][0];
if ($letter == '|' || $letter == ':') {
$escape['|'][$linenum] = $template[$linenum];
} else {
if ($letter == ',') {
$escape[','][$linenum] = $template[$linenum];
} else {
// TODO: Escape "\n" except multiline-allowed fields
$subject[$linenum] = $template[$linenum];
}
}
}
foreach (str_replace($from, $to, $subject) as $linenum => $line) {
$template[$linenum] = $line;
}
if ($escape) {
// Escape for some TextFormattingRules
foreach (array_keys($escape) as $hint) {
$to_e = plugin_tracker_escape($to, $hint);
foreach (str_replace($from, $to_e, $escape[$hint]) as $linenum => $line) {
$template[$linenum] = $line;
}
}
unset($to_e);
}
unset($from, $to);
// Write $template, without touch
page_write($page, join('', $template));
// Create proxy page
if ($createProxy && ($proxyPage = isset($_post[$createProxy]) ? $_post[$createProxy] : '')) {
page_write($proxyPage, '#include(' . $page . ',notitle)');
}
pkwk_headers_sent();
header('Location: ' . get_page_location_uri($page));
exit;
}
function plugin_tracker_action()
{
global $vars, $now, $config_name, $_string, $session;
// if (PKWK_READONLY) die_message('PKWK_READONLY prohibits editing');
// Plus! code start
if (Auth::check_role('readonly')) {
die_message($_string['prohibit']);
}
if (Auth::is_check_role(PKWK_CREATE_PAGE)) {
die_message(_('PKWK_CREATE_PAGE prohibits editing'));
}
$base = isset($vars['_base']) ? $vars['_base'] : null;
$refer = isset($vars['_refer']) ? $vars['_refer'] : null;
if (isset($vars['cancel'])) {
Utility::redirect(Router::get_page_uri($refer));
}
$tracker_form = new Tracker_form();
// Petit SPAM Check (Client(Browser)-Server Ticket Check)
$config = $tracker_form->config_name;
// Rescan
if ($session->offsetGet('tracker') !== md5(get_ticket() . $config_name)) {
honeypot_write();
return array('msg' => 'Cannot write', 'body' => 'Prohibits editing');
}
// Plus! code end
// $page name to add will be decided here
$num = 0;
$name = isset($vars['_name']) ? $vars['_name'] : null;
if (isset($vars['_page'])) {
$real = $page = $vars['_page'];
} else {
$real = is_pagename($name) ? $name : ++$num;
$page = get_fullname('./' . $real, $base);
}
if (!is_pagename($page)) {
$page = $base;
}
while (is_page($page)) {
$real = ++$num;
$page = $base . '/' . $real;
}
$config = isset($vars['_config']) ? $vars['_config'] : null;
// TODO: Why here
// Default
if (isset($_FILES)) {
$_post = array_merge($vars, $_FILES);
}
$_post['_date'] = $now;
$_post['_page'] = $page;
$_post['_name'] = $name;
$_post['_real'] = $real;
// $_post['_refer'] = $_post['refer'];
// TODO: Why here => See BugTrack/662
// Creating an empty page, before attaching files
$from = $to = array();
$tracker_form = new Tracker_form();
if (!$tracker_form->init($base, $refer, $config)) {
return array('msg' => 'Cannot write', 'body' => '<p class="alert alert-warning">' . Utility::htmlsc($tracker_form->error) . '</p>');
}
// Load $template
$template_page = $tracker_form->config->page . '/' . PLUGIN_TRACKER_DEFAULT_PAGE;
$template = plugin_tracker_get_source($template_page);
if ($template === FALSE || empty($template)) {
return array('msg' => 'Cannot write', 'body' => '<p class="alert alert-warning">Page template (' . Utility::htmlsc($template_page) . ') not found</p>');
}
if (!$tracker_form->initFields(plugin_tracker_field_pickup(implode(null, $template)))) {
return array('msg' => 'Cannot write', 'body' => '<p class="alert alert-warning">' . Utility::htmlsc($tracker_form->error) . '</p>');
}
$fields = $tracker_form->fields;
unset($tracker_form);
foreach (array_keys($fields) as $field) {
$from[] = '[' . $field . ']';
$to[] = isset($_post[$field]) ? $fields[$field]->format_value($_post[$field]) : null;
unset($fields[$field]);
}
// Repalace every [$field]s (found inside $template) to real values
$subject = $escape = array();
foreach (array_keys($template) as $linenum) {
if (trim($template[$linenum]) == null) {
continue;
}
// Escape some TextFormattingRules
$letter = $template[$linenum][0];
if ($letter == '|' || $letter == ':') {
$escape['|'][$linenum] = $template[$linenum];
} else {
if ($letter == ',') {
$escape[','][$linenum] = $template[$linenum];
} else {
// TODO: Escape "\n" except multiline-allowed fields
$subject[$linenum] = $template[$linenum];
}
}
}
foreach (str_replace($from, $to, $subject) as $linenum => $line) {
$template[$linenum] = $line;
}
if ($escape) {
// Escape for some TextFormattingRules
foreach (array_keys($escape) as $hint) {
$to_e = plugin_tracker_escape($to, $hint);
foreach (str_replace($from, $to_e, $escape[$hint]) as $linenum => $line) {
$template[$linenum] = $line;
}
}
unset($to_e);
}
unset($from, $to);
if (isset($vars['preview'])) {
global $_button;
unset($vars['preview']);
$form[] = '<p class="alert alert-success">' . T_('It will be sent with the contents of the following.') . '</p>';
$form[] = '<form action="' . Router::get_script_uri() . '"enctype="multipart/form-data" method="post" class="form-horizontal plugin-tracker-form">';
foreach ($vars as $key => $value) {
$form[] = '<input type="hidden" name="' . $key . '" value="' . $value . '" />';
}
$form[] = '<button type="submit" class="btn btn-primary" name="write" accesskey="s"><span class="fa fa-check"></span>' . $_button['update'] . '</button>';
$form[] = '<button type="submit" class="btn btn-warning" name="cancel" accesskey="c"><span class="fa fa-ban"></span>' . $_button['cancel'] . '</button>';
$form[] = '</form>';
$form[] = '<hr />';
$form[] = RendererFactory::factory($template);
return array('msg' => 'Preview', 'body' => join("\n", $form));
} else {
// Write $template, without touch
$wiki = Factory::Wiki($page);
$wiki->set($template);
Utility::redirect($wiki->uri());
}
exit;
}
