function phabricator_render_form(PhabricatorUser $user, $attributes, $content) { if (strcasecmp(idx($attributes, 'method'), 'POST') == 0 && !preg_match('#^(https?:|//)#', idx($attributes, 'action'))) { $content = phutil_render_tag('input', array('type' => 'hidden', 'name' => AphrontRequest::getCSRFTokenName(), 'value' => $user->getCSRFToken())) . phutil_render_tag('input', array('type' => 'hidden', 'name' => '__form__', 'value' => true)) . $content; } return javelin_render_tag('form', $attributes, $content); }
function phabricator_form(PhabricatorUser $user, $attributes, $content) { $body = array(); $http_method = idx($attributes, 'method'); $is_post = strcasecmp($http_method, 'POST') === 0; $http_action = idx($attributes, 'action'); $is_absolute_uri = preg_match('#^(https?:|//)#', $http_action); if ($is_post) { // NOTE: We only include CSRF tokens if a URI is a local URI on the same // domain. This is an important security feature and prevents forms which // submit to foreign sites from leaking CSRF tokens. // In some cases, we may construct a fully-qualified local URI. For example, // we can construct these for download links, depending on configuration. // These forms do not receive CSRF tokens, even though they safely could. // This can be confusing, if you're developing for Phabricator and // manage to construct a local form with a fully-qualified URI, since it // won't get CSRF tokens and you'll get an exception at the other end of // the request which is a bit disconnected from the actual root cause. // However, this is rare, and there are reasonable cases where this // construction occurs legitimately, and the simplest fix is to omit CSRF // tokens for these URIs in all cases. The error message you receive also // gives you some hints as to this potential source of error. if (!$is_absolute_uri) { $body[] = phutil_tag('input', array('type' => 'hidden', 'name' => AphrontRequest::getCSRFTokenName(), 'value' => $user->getCSRFToken())); $body[] = phutil_tag('input', array('type' => 'hidden', 'name' => '__form__', 'value' => true)); } } if (is_array($content)) { $body = array_merge($body, $content); } else { $body[] = $content; } return javelin_tag('form', $attributes, $body); }
private function renderDataInputs() { if (!$this->user) { throw new Exception('You must pass the user to AphrontFormView.'); } $data = $this->data + array('__form__' => 1, AphrontRequest::getCSRFTokenName() => $this->user->getCSRFToken()); $inputs = array(); foreach ($data as $key => $value) { if ($value === null) { continue; } $inputs[] = phutil_render_tag('input', array('type' => 'hidden', 'name' => $key, 'value' => $value)); } return implode("\n", $inputs); }
protected function willRenderPage() { parent::willRenderPage(); if (!$this->getRequest()) { throw new Exception(pht('You must set the %s to render a %s.', 'Request', __CLASS__)); } $console = $this->getConsole(); require_celerity_resource('phabricator-core-css'); require_celerity_resource('phabricator-zindex-css'); require_celerity_resource('phui-button-css'); require_celerity_resource('phui-spacing-css'); require_celerity_resource('phui-form-css'); require_celerity_resource('phabricator-standard-page-view'); require_celerity_resource('conpherence-durable-column-view'); require_celerity_resource('font-lato'); require_celerity_resource('font-aleo'); Javelin::initBehavior('workflow', array()); $request = $this->getRequest(); $user = null; if ($request) { $user = $request->getUser(); } if ($user) { if ($user->isUserActivated()) { $offset = $user->getTimeZoneOffset(); $ignore_key = PhabricatorTimezoneIgnoreOffsetSetting::SETTINGKEY; $ignore = $user->getUserSetting($ignore_key); Javelin::initBehavior('detect-timezone', array('offset' => $offset, 'uri' => '/settings/timezone/', 'message' => pht('Your browser timezone setting differs from the timezone ' . 'setting in your profile, click to reconcile.'), 'ignoreKey' => $ignore_key, 'ignore' => $ignore)); if ($user->getIsAdmin()) { $server_https = $request->isHTTPS(); $server_protocol = $server_https ? 'HTTPS' : 'HTTP'; $client_protocol = $server_https ? 'HTTP' : 'HTTPS'; $doc_name = 'Configuring a Preamble Script'; $doc_href = PhabricatorEnv::getDoclink($doc_name); Javelin::initBehavior('setup-check-https', array('server_https' => $server_https, 'doc_name' => pht('See Documentation'), 'doc_href' => $doc_href, 'message' => pht('Phabricator thinks you are using %s, but your ' . 'client is conviced that it is using %s. This is a serious ' . 'misconfiguration with subtle, but significant, consequences.', $server_protocol, $client_protocol))); } } $default_img_uri = celerity_get_resource_uri('rsrc/image/icon/fatcow/document_black.png'); $download_form = phabricator_form($user, array('action' => '#', 'method' => 'POST', 'class' => 'lightbox-download-form', 'sigil' => 'download'), phutil_tag('button', array(), pht('Download'))); Javelin::initBehavior('lightbox-attachments', array('defaultImageUri' => $default_img_uri, 'downloadForm' => $download_form)); } Javelin::initBehavior('aphront-form-disable-on-submit'); Javelin::initBehavior('toggle-class', array()); Javelin::initBehavior('history-install'); Javelin::initBehavior('phabricator-gesture'); $current_token = null; if ($user) { $current_token = $user->getCSRFToken(); } Javelin::initBehavior('refresh-csrf', array('tokenName' => AphrontRequest::getCSRFTokenName(), 'header' => AphrontRequest::getCSRFHeaderName(), 'viaHeader' => AphrontRequest::getViaHeaderName(), 'current' => $current_token)); Javelin::initBehavior('device'); Javelin::initBehavior('high-security-warning', $this->getHighSecurityWarningConfig()); if (PhabricatorEnv::isReadOnly()) { Javelin::initBehavior('read-only-warning', array('message' => PhabricatorEnv::getReadOnlyMessage(), 'uri' => PhabricatorEnv::getReadOnlyURI())); } if ($console) { require_celerity_resource('aphront-dark-console-css'); $headers = array(); if (DarkConsoleXHProfPluginAPI::isProfilerStarted()) { $headers[DarkConsoleXHProfPluginAPI::getProfilerHeader()] = 'page'; } if (DarkConsoleServicesPlugin::isQueryAnalyzerRequested()) { $headers[DarkConsoleServicesPlugin::getQueryAnalyzerHeader()] = true; } Javelin::initBehavior('dark-console', $this->getConsoleConfig()); // Change this to initBehavior when there is some behavior to initialize require_celerity_resource('javelin-behavior-error-log'); } if ($user) { $viewer = $user; } else { $viewer = new PhabricatorUser(); } $menu = id(new PhabricatorMainMenuView())->setUser($viewer); if ($this->getController()) { $menu->setController($this->getController()); } $application_menu = $this->getApplicationMenu(); if ($application_menu) { if ($application_menu instanceof PHUIApplicationMenuView) { $crumbs = $this->getCrumbs(); if ($crumbs) { $application_menu->setCrumbs($crumbs); } $application_menu = $application_menu->buildListView(); } $menu->setApplicationMenu($application_menu); } $this->menuContent = $menu->render(); }
protected function willRenderPage() { if (!$this->getRequest()) { throw new Exception("You must set the Request to render a PhabricatorStandardPageView."); } $console = $this->getConsole(); require_celerity_resource('phabricator-core-css'); require_celerity_resource('phabricator-core-buttons-css'); require_celerity_resource('phabricator-standard-page-view'); $current_token = null; $request = $this->getRequest(); if ($request) { $user = $request->getUser(); if ($user) { $current_token = $user->getCSRFToken(); } } Javelin::initBehavior('workflow', array()); Javelin::initBehavior('refresh-csrf', array('tokenName' => AphrontRequest::getCSRFTokenName(), 'header' => AphrontRequest::getCSRFHeaderName(), 'current' => $current_token)); Javelin::initBehavior('phabricator-keyboard-shortcuts', array('helpURI' => '/help/keyboardshortcut/')); if ($console) { require_celerity_resource('aphront-dark-console-css'); Javelin::initBehavior('dark-console', array('uri' => '/~/')); // Change this to initBehavior when there is some behavior to initialize require_celerity_resource('javelin-behavior-error-log'); } $this->bodyContent = $this->renderChildren(); }
protected function willRenderPage() { parent::willRenderPage(); if (!$this->getRequest()) { throw new Exception(pht('You must set the %s to render a %s.', 'Request', __CLASS__)); } $console = $this->getConsole(); require_celerity_resource('phabricator-core-css'); require_celerity_resource('phabricator-zindex-css'); require_celerity_resource('phui-button-css'); require_celerity_resource('phui-spacing-css'); require_celerity_resource('phui-form-css'); require_celerity_resource('phabricator-standard-page-view'); require_celerity_resource('conpherence-durable-column-view'); require_celerity_resource('font-lato'); require_celerity_resource('font-roboto-slab'); Javelin::initBehavior('workflow', array()); $request = $this->getRequest(); $user = null; if ($request) { $user = $request->getUser(); } if ($user) { $default_img_uri = celerity_get_resource_uri('rsrc/image/icon/fatcow/document_black.png'); $download_form = phabricator_form($user, array('action' => '#', 'method' => 'POST', 'class' => 'lightbox-download-form', 'sigil' => 'download'), phutil_tag('button', array(), pht('Download'))); Javelin::initBehavior('lightbox-attachments', array('defaultImageUri' => $default_img_uri, 'downloadForm' => $download_form)); } Javelin::initBehavior('aphront-form-disable-on-submit'); Javelin::initBehavior('toggle-class', array()); Javelin::initBehavior('history-install'); Javelin::initBehavior('phabricator-gesture'); $current_token = null; if ($user) { $current_token = $user->getCSRFToken(); } Javelin::initBehavior('refresh-csrf', array('tokenName' => AphrontRequest::getCSRFTokenName(), 'header' => AphrontRequest::getCSRFHeaderName(), 'current' => $current_token)); Javelin::initBehavior('device'); Javelin::initBehavior('high-security-warning', $this->getHighSecurityWarningConfig()); if ($console) { require_celerity_resource('aphront-dark-console-css'); $headers = array(); if (DarkConsoleXHProfPluginAPI::isProfilerStarted()) { $headers[DarkConsoleXHProfPluginAPI::getProfilerHeader()] = 'page'; } if (DarkConsoleServicesPlugin::isQueryAnalyzerRequested()) { $headers[DarkConsoleServicesPlugin::getQueryAnalyzerHeader()] = true; } Javelin::initBehavior('dark-console', $this->getConsoleConfig()); // Change this to initBehavior when there is some behavior to initialize require_celerity_resource('javelin-behavior-error-log'); } if ($user) { $viewer = $user; } else { $viewer = new PhabricatorUser(); } $menu = id(new PhabricatorMainMenuView())->setUser($viewer); if ($this->getController()) { $menu->setController($this->getController()); } if ($this->getApplicationMenu()) { $menu->setApplicationMenu($this->getApplicationMenu()); } $this->menuContent = $menu->render(); }
protected function willRenderPage() { if (!$this->getRequest()) { throw new Exception("You must set the Request to render a PhabricatorStandardPageView."); } $console = $this->getConsole(); require_celerity_resource('phabricator-core-css'); require_celerity_resource('phabricator-core-buttons-css'); require_celerity_resource('phabricator-standard-page-view'); if (PhabricatorEnv::getEnvConfig('notification.enabled')) { require_celerity_resource('phabricator-notification-css'); } $current_token = null; $request = $this->getRequest(); if ($request) { $user = $request->getUser(); if ($user) { $current_token = $user->getCSRFToken(); } } Javelin::initBehavior('workflow', array()); Javelin::initBehavior('refresh-csrf', array('tokenName' => AphrontRequest::getCSRFTokenName(), 'header' => AphrontRequest::getCSRFHeaderName(), 'current' => $current_token)); $pref_shortcut = PhabricatorUserPreferences::PREFERENCE_SEARCH_SHORTCUT; if ($user) { $shortcut = $user->loadPreferences()->getPreference($pref_shortcut, 1); } else { $shortcut = 1; } Javelin::initBehavior('phabricator-keyboard-shortcuts', array('helpURI' => '/help/keyboardshortcut/', 'search_shortcut' => $shortcut)); if ($console) { require_celerity_resource('aphront-dark-console-css'); Javelin::initBehavior('dark-console', array('uri' => '/~/', 'request_uri' => $request ? (string) $request->getRequestURI() : '/')); // Change this to initBehavior when there is some behavior to initialize require_celerity_resource('javelin-behavior-error-log'); } $this->bodyContent = $this->renderChildren(); }
protected function willRenderPage() { parent::willRenderPage(); if (!$this->getRequest()) { throw new Exception(pht('You must set the Request to render a PhabricatorStandardPageView.')); } $console = $this->getConsole(); require_celerity_resource('phabricator-core-css'); require_celerity_resource('phabricator-zindex-css'); require_celerity_resource('phui-button-css'); require_celerity_resource('phui-spacing-css'); require_celerity_resource('phui-form-css'); require_celerity_resource('sprite-gradient-css'); require_celerity_resource('phabricator-standard-page-view'); Javelin::initBehavior('workflow', array()); $request = $this->getRequest(); $user = null; if ($request) { $user = $request->getUser(); } if ($user) { $default_img_uri = celerity_get_resource_uri('rsrc/image/icon/fatcow/document_black.png'); $download_form = phabricator_form($user, array('action' => '#', 'method' => 'POST', 'class' => 'lightbox-download-form', 'sigil' => 'download'), phutil_tag('button', array(), pht('Download'))); Javelin::initBehavior('lightbox-attachments', array('defaultImageUri' => $default_img_uri, 'downloadForm' => $download_form)); } Javelin::initBehavior('aphront-form-disable-on-submit'); Javelin::initBehavior('toggle-class', array()); Javelin::initBehavior('konami', array()); Javelin::initBehavior('history-install'); Javelin::initBehavior('phabricator-gesture'); $current_token = null; if ($user) { $current_token = $user->getCSRFToken(); } Javelin::initBehavior('refresh-csrf', array('tokenName' => AphrontRequest::getCSRFTokenName(), 'header' => AphrontRequest::getCSRFHeaderName(), 'current' => $current_token)); Javelin::initBehavior('device'); if ($user->hasSession()) { $hisec = $user->getSession()->getHighSecurityUntil() - time(); if ($hisec > 0) { $remaining_time = phutil_format_relative_time($hisec); Javelin::initBehavior('high-security-warning', array('uri' => '/auth/session/downgrade/', 'message' => pht('Your session is in high security mode. When you ' . 'finish using it, click here to leave.', $remaining_time))); } } if ($console) { require_celerity_resource('aphront-dark-console-css'); $headers = array(); if (DarkConsoleXHProfPluginAPI::isProfilerStarted()) { $headers[DarkConsoleXHProfPluginAPI::getProfilerHeader()] = 'page'; } if (DarkConsoleServicesPlugin::isQueryAnalyzerRequested()) { $headers[DarkConsoleServicesPlugin::getQueryAnalyzerHeader()] = true; } Javelin::initBehavior('dark-console', array('uri' => pht('Main Request'), 'selected' => $user ? $user->getConsoleTab() : null, 'visible' => $user ? (int) $user->getConsoleVisible() : true, 'headers' => $headers)); // Change this to initBehavior when there is some behavior to initialize require_celerity_resource('javelin-behavior-error-log'); } if ($user) { $viewer = $user; } else { $viewer = new PhabricatorUser(); } $menu = id(new PhabricatorMainMenuView())->setUser($viewer); if ($this->getController()) { $menu->setController($this->getController()); } if ($this->getApplicationMenu()) { $menu->setApplicationMenu($this->getApplicationMenu()); } $this->menuContent = $menu->render(); }
function phabricator_render_form(PhabricatorUser $user, $attributes, $content) { return javelin_render_tag('form', $attributes, phutil_render_tag('input', array('type' => 'hidden', 'name' => AphrontRequest::getCSRFTokenName(), 'value' => $user->getCSRFToken())) . phutil_render_tag('input', array('type' => 'hidden', 'name' => '__form__', 'value' => true)) . $content); }
protected function willRenderPage() { if (!$this->getRequest()) { throw new Exception("You must set the Request to render a PhabricatorStandardPageView."); } $console = $this->getConsole(); require_celerity_resource('phabricator-core-css'); require_celerity_resource('autosprite-css'); require_celerity_resource('phabricator-core-buttons-css'); require_celerity_resource('phabricator-standard-page-view'); $current_token = null; $request = $this->getRequest(); if ($request) { $user = $request->getUser(); if ($user) { $current_token = $user->getCSRFToken(); } } Javelin::initBehavior('workflow', array()); Javelin::initBehavior('toggle-class', array()); Javelin::initBehavior('konami', array()); Javelin::initBehavior('refresh-csrf', array('tokenName' => AphrontRequest::getCSRFTokenName(), 'header' => AphrontRequest::getCSRFHeaderName(), 'current' => $current_token)); Javelin::initBehavior('device', array('id' => 'base-page')); if ($console) { require_celerity_resource('aphront-dark-console-css'); Javelin::initBehavior('dark-console', array('uri' => '/~/', 'request_uri' => $request ? (string) $request->getRequestURI() : '/')); // Change this to initBehavior when there is some behavior to initialize require_celerity_resource('javelin-behavior-error-log'); } $this->menuContent = $this->renderMainMenu(); $this->bodyContent = $this->renderChildren(); }