lib.dc.page.php @ 3509:652d583aa806

Visit:

Revision 3509:652d583aa806, 36.0 KB checked in by franck <carnet.franck.paul@…>, 9 years ago (diff)
Add current blog domain for script and style CSP directives (useful for iframe editing via editor)

Rev	Line
[0]	1	<?php
	2	# -- BEGIN LICENSE BLOCK ---------------------------------------
	3	#
	4	# This file is part of Dotclear 2.
	5	#
[1179]	6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
[0]	7	# Licensed under the GPL version 2.0 license.
	8	# See LICENSE file or
	9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
	10	#
	11	# -- END LICENSE BLOCK -----------------------------------------
	12	if (!defined('DC_RC_PATH')) { return; }
	13
	14	define('DC_AUTH_PAGE','auth.php');
	15
	16	class dcPage
	17	{
[2503]	18	private static $loaded_js = array();
[3021]	19	private static $loaded_css = array();
[2909]	20	private static $xframe_loaded = false;
[2328]	21	private static $N_TYPES = array(
[2503]	22	"success" => "success",
	23	"warning" => "warning-msg",
	24	"error" => "error",
	25	"message" => "message",
[2328]	26	"static" => "static-msg");
[342]	27
[0]	28	# Auth check
	29	public static function check($permissions)
	30	{
	31	global $core;
[1187]	32
[2503]	33	if ($core->blog && $core->auth->check($permissions,$core->blog->id)) {
[0]	34	return;
	35	}
[1187]	36
[0]	37	if (session_id()) {
	38	$core->session->destroy();
	39	}
	40	http::redirect(DC_AUTH_PAGE);
	41	}
[1187]	42
[0]	43	# Check super admin
	44	public static function checkSuper()
	45	{
	46	global $core;
[1187]	47
[0]	48	if (!$core->auth->isSuperAdmin())
	49	{
	50	if (session_id()) {
	51	$core->session->destroy();
	52	}
	53	http::redirect(DC_AUTH_PAGE);
	54	}
	55	}
[1187]	56
[0]	57	# Top of admin page
[2907]	58	public static function open($title='',$head='',$breadcrumb='',$options=array())
[0]	59	{
	60	global $core;
[1144]	61
[0]	62	# List of user's blogs
[2159]	63	if ($core->auth->getBlogCount() == 1 \|\| $core->auth->getBlogCount() > 20)
[0]	64	{
	65	$blog_box =
[999]	66	'<p>'.__('Blog:').' <strong title="'.html::escapeHTML($core->blog->url).'">'.
[0]	67	html::escapeHTML($core->blog->name).'</strong>';
[1187]	68
[2159]	69	if ($core->auth->getBlogCount() > 20) {
[2720]	70	$blog_box .= ' - <a href="'.$core->adminurl->get("admin.blogs").'">'.__('Change blog').'</a>';
[0]	71	}
[999]	72	$blog_box .= '</p>';
[0]	73	}
	74	else
	75	{
	76	$rs_blogs = $core->getBlogs(array('order'=>'LOWER(blog_name)','limit'=>20));
	77	$blogs = array();
	78	while ($rs_blogs->fetch()) {
	79	$blogs[html::escapeHTML($rs_blogs->blog_name.' - '.$rs_blogs->blog_url)] = $rs_blogs->blog_id;
	80	}
	81	$blog_box =
[2005]	82	'<p><label for="switchblog" class="classic">'.
[1309]	83	__('Blogs:').'</label> '.
[0]	84	$core->formNonce().
[454]	85	form::combo('switchblog',$blogs,$core->blog->id).
[2005]	86	'<input type="submit" value="'.__('ok').'" class="hidden-if-js" /></p>';
[0]	87	}
[1187]	88
[36]	89	$safe_mode = isset($_SESSION['sess_safe_mode']) && $_SESSION['sess_safe_mode'];
[1187]	90
[0]	91	# Display
[3292]	92	$headers = new ArrayObject(array());
[2792]	93
[3279]	94	# Content-Type
	95	$headers['content-type'] = 'Content-Type: text/html; charset=UTF-8';
	96
	97	# Prevents Clickjacking as far as possible
[2907]	98	if (isset($options['x-frame-allow'])) {
[3279]	99	self::setXFrameOptions($headers,$options['x-frame-allow']);
[2907]	100	} else {
[3279]	101	self::setXFrameOptions($headers);
[2907]	102	}
[3276]	103
[3492]	104	# Content-Security-Policy (only if safe mode if not active, it may help)
	105	if (!$safe_mode && $core->blog->settings->system->csp_admin_on) {
[3292]	106	// Get directives from settings if exist, else set defaults
	107	$csp = new ArrayObject(array());
[3432]	108
	109	// SQlite Clearbricks driver does not allow using single quote at beginning or end of a field value
	110	// so we have to use neutral values (localhost and 127.0.0.1) for some CSP directives
	111	$csp_prefix = $core->con->driver() == 'sqlite' ? 'localhost ' : ''; // Hack for SQlite Clearbricks driver
	112	$csp_suffix = $core->con->driver() == 'sqlite' ? ' 127.0.0.1' : ''; // Hack for SQlite Clearbricks driver
	113
	114	$csp['default-src'] = $core->blog->settings->system->csp_admin_default ?:
	115	$csp_prefix."'self'".$csp_suffix;
	116	$csp['script-src'] = $core->blog->settings->system->csp_admin_script ?:
	117	$csp_prefix."'self' 'unsafe-inline' 'unsafe-eval'".$csp_suffix;
	118	$csp['style-src'] = $core->blog->settings->system->csp_admin_style ?:
	119	$csp_prefix."'self' 'unsafe-inline'".$csp_suffix;
	120	$csp['img-src'] = $core->blog->settings->system->csp_admin_img ?:
	121	$csp_prefix."'self' data: media.dotaddict.org blob:";
[3292]	122
[3307]	123	# Cope with blog post preview (via public URL in iframe)
	124	if (!is_null($core->blog->host)) {
	125	$csp['default-src'] .= ' '.parse_url($core->blog->host,PHP_URL_HOST);
[3509]	126	$csp['script-src'] .= ' '.parse_url($core->blog->host,PHP_URL_HOST);
	127	$csp['style-src'] .= ' '.parse_url($core->blog->host,PHP_URL_HOST);
[3307]	128	}
	129	# Cope with media display in media manager (via public URL)
	130	if (!is_null($core->media)) {
	131	$csp['img-src'] .= ' '.parse_url($core->media->root_url,PHP_URL_HOST);
	132	}
[3319]	133	# Allow everything in iframe (used by editors to preview public content)
	134	$csp['child-src'] = "*";
[3307]	135
[3292]	136	# --BEHAVIOR-- adminPageHTTPHeaderCSP
	137	$core->callBehavior('adminPageHTTPHeaderCSP',$csp);
	138
	139	// Construct CSP header
	140	$directives = array();
	141	foreach ($csp as $key => $value) {
	142	if ($value) {
	143	$directives[] = $key.' '.$value;
	144	}
	145	}
	146	if (count($directives)) {
	147	if (version_compare(phpversion(),'5.4','>=')) {
	148	// csp_report.php needs PHP ≥ 5.4
	149	$directives[] = "report-uri ".DC_ADMIN_URL."csp_report.php";
	150	}
[3326]	151	$report_only = ($core->blog->settings->system->csp_admin_report_only) ? '-Report-Only' : '';
	152	$headers['csp'] = "Content-Security-Policy".$report_only.": ".implode(" ; ",$directives);
[3292]	153	}
[3291]	154	}
[3279]	155
	156	# --BEHAVIOR-- adminPageHTTPHeaders
	157	$core->callBehavior('adminPageHTTPHeaders',$headers);
	158	foreach ($headers as $key => $value) {
	159	header($value);
	160	}
[3276]	161
[0]	162	echo
[2760]	163	'<!DOCTYPE html>'.
	164	'<html lang="'.$core->auth->getInfo('user_lang').'">'."\n".
[0]	165	"<head>\n".
[2760]	166	' <meta charset="UTF-8" />'."\n".
[0]	167	' <meta name="ROBOTS" content="NOARCHIVE,NOINDEX,NOFOLLOW" />'."\n".
	168	' <meta name="GOOGLEBOT" content="NOSNIPPET" />'."\n".
[1310]	169	' <meta name="viewport" content="width=device-width, initial-scale=1.0" />'."\n".
[489]	170	' <title>'.$title.' - '.html::escapeHTML($core->blog->name).' - '.html::escapeHTML(DC_VENDOR_NAME).' - '.DC_VERSION.'</title>'."\n".
[1187]	171
	172
[3021]	173	self::cssLoad('style/default.css');
[0]	174	if (l10n::getTextDirection($GLOBALS['_lang']) == 'rtl') {
[3021]	175	echo self::cssLoad('style/default-rtl.css');
[0]	176	}
[237]	177
[244]	178	$core->auth->user_prefs->addWorkspace('interface');
	179	$user_ui_hide_std_favicon = $core->auth->user_prefs->interface->hide_std_favicon;
	180	if (!$user_ui_hide_std_favicon) {
[2503]	181	echo
[3021]	182	'<link rel="icon" type="image/png" href="images/favicon96-login.png" />'."\n".
	183	'<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon" />'."\n";
[244]	184	}
[3408]	185
	186	if ($core->auth->user_prefs->interface->htmlfontsize) {
	187	echo
	188	'<script type="text/javascript">'."\n".
[3421]	189	self::jsVar('dotclear_htmlFontSize',$core->auth->user_prefs->interface->htmlfontsize)."\n".
[3408]	190	"</script>\n";
	191	}
	192
[0]	193	echo
	194	self::jsCommon().
[1699]	195	self::jsToggles().
[0]	196	$head;
[1187]	197
[3398]	198	if ($core->auth->user_prefs->interface->hidemoreinfo) {
	199	echo
	200	'<script type="text/javascript">'."\n".
[3421]	201	'dotclear.hideMoreInfo = true;'."\n".
[3398]	202	"</script>\n";
	203	}
	204
[0]	205	# --BEHAVIOR-- adminPageHTMLHead
	206	$core->callBehavior('adminPageHTMLHead');
[1187]	207
[0]	208	echo
	209	"</head>\n".
[36]	210	'<body id="dotclear-admin'.
[3499]	211	($safe_mode ? ' safe-mode' : '').'" class="no-js'.
	212	($core->auth->user_prefs->interface->dynfontsize ? ' responsive-font' : '').'">'."\n".
[1187]	213
[1590]	214	'<ul id="prelude">'.
	215	'<li><a href="#content">'.__('Go to the content').'</a></li>'.
	216	'<li><a href="#main-menu">'.__('Go to the menu').'</a></li>'.
	217	'<li><a href="#qx">'.__('Go to search').'</a></li>'.
[2304]	218	'<li><a href="#help">'.__('Go to help').'</a></li>'.
[1590]	219	'</ul>'."\n".
[2784]	220	'<div id="header" role="banner">'.
[2720]	221	'<h1><a href="'.$core->adminurl->get("admin.home").'"><span class="hidden">'.DC_VENDOR_NAME.'</span></a></h1>'."\n";
[1187]	222
[0]	223	echo
[2720]	224	'<form action="'.$core->adminurl->get("admin.home").'" method="post" id="top-info-blog">'.
[0]	225	$blog_box.
[2225]	226	'<p><a href="'.$core->blog->url.'" class="outgoing" title="'.__('Go to site').
	227	'">'.__('Go to site').'<img src="images/outgoing.png" alt="" /></a>'.
[999]	228	'</p></form>'.
[2005]	229	'<ul id="top-info-user">'.
[2817]	230	'<li><a class="'.(preg_match('/'.preg_quote($core->adminurl->get('admin.home')).'$/',$_SERVER['REQUEST_URI']) ? ' active' : '').'" href="'.$core->adminurl->get("admin.home").'">'.__('My dashboard').'</a></li>'.
	231	'<li><a class="smallscreen'.(preg_match('/'.preg_quote($core->adminurl->get('admin.user.preferences')).'(\?.*)?$/',$_SERVER['REQUEST_URI']) ? ' active' : '').
[2720]	232	'" href="'.$core->adminurl->get("admin.user.preferences").'">'.__('My preferences').'</a></li>'.
	233	'<li><a href="'.$core->adminurl->get("admin.home",array('logout' => 1)).'" class="logout"><span class="nomobile">'.sprintf(__('Logout %s'),$core->auth->userID()).
[2034]	234	'</span><img src="images/logout.png" alt="" /></a></li>'.
[2005]	235	'</ul>'.
	236	'</div>'; // end header
[1187]	237
[0]	238	echo
[1741]	239	'<div id="wrapper" class="clearfix">'."\n".
[3445]	240	'<div class="hidden-if-no-js collapser-box"><button type="button" id="collapser" class="void-btn">'.
[3355]	241	'<img class="collapse-mm visually-hidden" src="images/collapser-hide.png" alt="'.__('Hide main menu').'" />'.
	242	'<img class="expand-mm visually-hidden" src="images/collapser-show.png" alt="'.__('Show main menu').'" />'.
[3434]	243	'</button></div>'.
[2784]	244	'<div id="main" role="main">'."\n".
[1741]	245	'<div id="content" class="clearfix">'."\n";
[1187]	246
[36]	247	# Safe mode
	248	if ($safe_mode)
[0]	249	{
	250	echo
[2787]	251	'<div class="warning" role="alert"><h3>'.__('Safe mode').'</h3>'.
[37]	252	'<p>'.__('You are in safe mode. All plugins have been temporarily disabled. Remind to log out then log in again normally to get back all functionalities').'</p>'.
[0]	253	'</div>';
	254	}
[1187]	255
[3076]	256	// Display breadcrumb (if given) before any error messages
[1357]	257	echo $breadcrumb;
[1355]	258
[3076]	259	// Display notices and errors
[2199]	260	echo self::notices();
	261	}
	262
	263	public static function notices()
	264	{
[3076]	265	global $core;
	266	static $error_displayed = false;
[3457]	267
[3076]	268	$res = '';
	269
	270	// return error messages if any
	271	if ($core->error->flag() && !$error_displayed) {
[3457]	272
	273	# --BEHAVIOR-- adminPageNotificationError
[3459]	274	$notice_error = $core->callBehavior('adminPageNotificationError',$core,$core->error);
[3457]	275
[3458]	276	if (isset($notice_error) && !empty($notice_error)) {
[3457]	277	$res .= $notice_error;
	278	} else {
	279	$res .= '<div class="error"><p>'.
	280	'<strong>'.(count($core->error->getErrors()) > 1 ? __('Errors:') : __('Error:')).'</strong>'.
	281	'</p>'.$core->error->toHTML().'</div>';
	282	}
[3076]	283	$error_displayed = true;
	284	}
	285
[2199]	286	// return notices if any
[2181]	287	if (isset($_SESSION['notifications'])) {
[2328]	288	foreach ($_SESSION['notifications'] as $notification) {
[3457]	289
	290	# --BEHAVIOR-- adminPageNotification
[3459]	291	$notice = $core->callBehavior('adminPageNotification',$core,$notification);
[3457]	292
[3458]	293	$res .= (isset($notice) && !empty($notice) ? $notice : self::getNotification($notification));
[2181]	294	}
	295	unset($_SESSION['notifications']);
	296	}
[2199]	297	return $res;
[0]	298	}
[2191]	299
[2328]	300	public static function addNotice($type,$message,$options=array())
[2191]	301	{
[2328]	302	if (isset(self::$N_TYPES[$type])){
	303	$class = self::$N_TYPES[$type];
	304	} else {
	305	$class=$type;
	306	}
	307	if (isset($_SESSION['notifications']) && is_array($_SESSION['notifications'])) {
	308	$notifications = $_SESSION['notifications'];
	309	} else {
	310	$notifications = array();
	311	}
[2503]	312
[2328]	313	$n = array_merge($options,array('class' => $class,'ts' => time(), 'text' => $message));
	314	if ($type != "static") {
	315	$notifications[] = $n;
	316	} else {
	317	array_unshift($notifications, $n);
	318	}
	319	$_SESSION['notifications'] = $notifications;
[2181]	320	}
[2191]	321
[2328]	322	public static function addSuccessNotice($message,$options=array())
[2191]	323	{
[2328]	324	self::addNotice("success",$message,$options);
[2181]	325	}
[2191]	326
[2328]	327	public static function addWarningNotice($message,$options=array())
[2191]	328	{
[2328]	329	self::addNotice("warning",$message,$options);
[2181]	330	}
[2191]	331
[2328]	332	public static function addErrorNotice($message,$options=array())
[2191]	333	{
[2328]	334	self::addNotice("error",$message,$options);
[2191]	335	}
	336
[2328]	337	protected static function getNotification($n)
[2191]	338	{
[2181]	339	global $core;
[3340]	340	$tag = (isset($n['divtag']) && $n['divtag']) ? 'div' : 'p';
[2328]	341	$ts = '';
	342	if (!isset($n['with_ts']) \|\| ($n['with_ts'] == true)) {
	343	$ts = dt::str(__('[%H:%M:%S]'),$n['ts'],$core->auth->getInfo('user_tz')).' ';
	344	}
[2787]	345	$res = '<'.$tag.' class="'.$n['class'].'" role="alert">'.$ts.$n['text'].'</'.$tag.'>';
[2191]	346	return $res;
[2181]	347	}
[2191]	348
[0]	349	public static function close()
	350	{
[942]	351	global $core;
	352
[1933]	353	if (!$GLOBALS['__resources']['ctxhelp']) {
	354	echo
[2720]	355	'<p id="help-button"><a href="'.$core->adminurl->get("admin.help").'" class="outgoing" title="'.
[2306]	356	__('Global help').'">'.__('Global help').'</a></p>';
[1933]	357	}
	358
[0]	359	$menu =& $GLOBALS['_menu'];
[1187]	360
[0]	361	echo
	362	"</div>\n". // End of #content
	363	"</div>\n". // End of #main
[1187]	364
[2784]	365	'<div id="main-menu" role="navigation">'."\n".
[1311]	366
[2769]	367	'<form id="search-menu" action="'.$core->adminurl->get("admin.search").'" method="get" role="search">'.
[1589]	368	'<p><label for="qx" class="hidden">'.__('Search:').' </label>'.form::field('qx',30,255,'').
[1311]	369	'<input type="submit" value="'.__('OK').'" /></p>'.
	370	'</form>';
[1187]	371
[0]	372	foreach ($menu as $k => $v) {
	373	echo $menu[$k]->draw();
	374	}
[1187]	375
[1140]	376	$text = sprintf(__('Thank you for using %s.'),'Dotclear '.DC_VERSION);
[942]	377
	378	# --BEHAVIOR-- adminPageFooter
[946]	379	$textAlt = $core->callBehavior('adminPageFooter',$core,$text);
[1140]	380	if ($textAlt != '') {
	381	$text = $textAlt;
	382	}
[1142]	383	$text = html::escapeHTML($text);
[942]	384
[0]	385	echo
	386	'</div>'."\n". // End of #main-menu
[1946]	387	"</div>\n"; // End of #wrapper
[1861]	388
[3294]	389	echo '<p id="gototop"><a href="#wrapper">'.__('Page top').'</a></p>'."\n";
	390
[3060]	391	$figure = "
[3224]	392	/\_/\
	393	(='.'=)
[3454]	394	(\")-(\")";
[3060]	395
[1946]	396	echo
[2784]	397	'<div id="footer" role="contentinfo">'.
[2296]	398	'<a href="http://dotclear.org/" title="'.$text.'">'.
	399	'<img src="style/dc_logos/w-dotclear90.png" alt="'.$text.'" /></a></div>'."\n".
[2796]	400	"<!-- "."\n".
[3060]	401	$figure.
[2796]	402	" -->"."\n";
[1187]	403
[3294]	404
	405
[0]	406	if (defined('DC_DEV') && DC_DEV === true) {
	407	echo self::debugInfo();
	408	}
[1187]	409
[0]	410	echo
	411	'</body></html>';
	412	}
[1187]	413
[1358]	414	public static function openPopup($title='',$head='',$breadcrumb='')
[0]	415	{
	416	global $core;
[1187]	417
[0]	418	# Display
	419	header('Content-Type: text/html; charset=UTF-8');
[2792]	420
	421	// Prevents Clickjacking as far as possible
	422	header('X-Frame-Options: SAMEORIGIN'); // FF 3.6.9+ Chrome 4.1+ IE 8+ Safari 4+ Opera 10.5+
	423
[0]	424	echo
[2760]	425	'<!DOCTYPE html>'.
	426	'<html lang="'.$core->auth->getInfo('user_lang').'">'."\n".
[0]	427	"<head>\n".
[2760]	428	' <meta charset="UTF-8" />'."\n".
[2513]	429	' <meta name="viewport" content="width=device-width, initial-scale=1.0" />'."\n".
[0]	430	' <title>'.$title.' - '.html::escapeHTML($core->blog->name).' - '.html::escapeHTML(DC_VENDOR_NAME).' - '.DC_VERSION.'</title>'."\n".
[1187]	431
[0]	432	' <meta name="ROBOTS" content="NOARCHIVE,NOINDEX,NOFOLLOW" />'."\n".
	433	' <meta name="GOOGLEBOT" content="NOSNIPPET" />'."\n".
[1187]	434
[3021]	435	self::cssLoad('style/default.css');
[0]	436	if (l10n::getTextDirection($GLOBALS['_lang']) == 'rtl') {
[3021]	437	echo self::cssLoad('style/default-rtl.css');
[0]	438	}
[1187]	439
[3408]	440	$core->auth->user_prefs->addWorkspace('interface');
	441	if ($core->auth->user_prefs->interface->htmlfontsize) {
	442	echo
	443	'<script type="text/javascript">'."\n".
[3421]	444	self::jsVar('dotclear_htmlFontSize',$core->auth->user_prefs->interface->htmlfontsize)."\n".
[3408]	445	"</script>\n";
	446	}
	447
[0]	448	echo
	449	self::jsCommon().
[1699]	450	self::jsToggles().
[0]	451	$head;
[1187]	452
[3398]	453	if ($core->auth->user_prefs->interface->hidemoreinfo) {
	454	echo
	455	'<script type="text/javascript">'."\n".
[3421]	456	'dotclear.hideMoreInfo = true;'."\n".
[3398]	457	"</script>\n";
	458	}
	459
[0]	460	# --BEHAVIOR-- adminPageHTMLHead
	461	$core->callBehavior('adminPageHTMLHead');
[1187]	462
[0]	463	echo
	464	"</head>\n".
[3499]	465	'<body id="dotclear-admin" class="popup'.
	466	($core->auth->user_prefs->interface->dynfontsize ? ' responsive-font' : '').'">'."\n".
[1187]	467
[2046]	468	'<h1>'.DC_VENDOR_NAME.'</h1>'."\n";
[1187]	469
[0]	470	echo
	471	'<div id="wrapper">'."\n".
[2784]	472	'<div id="main" role="main">'."\n".
[0]	473	'<div id="content">'."\n";
[1187]	474
[1358]	475	// display breadcrumb if given
	476	echo $breadcrumb;
	477
[3076]	478	// Display notices and errors
	479	echo self::notices();
[0]	480	}
[1187]	481
[0]	482	public static function closePopup()
	483	{
	484	echo
	485	"</div>\n". // End of #content
	486	"</div>\n". // End of #main
[2046]	487	"</div>\n". // End of #wrapper
[3294]	488
	489	'<p id="gototop"><a href="#wrapper">'.__('Page top').'</a></p>'."\n".
	490
[2784]	491	'<div id="footer" role="contentinfo"><p> </p></div>'."\n".
[0]	492	'</body></html>';
	493	}
[907]	494
[2166]	495	public static function breadcrumb($elements=null,$options=array())
[1328]	496	{
[2720]	497	global $core;
[3340]	498	$with_home_link = isset($options['home_link']) ? $options['home_link'] : true;
	499	$hl = isset($options['hl']) ? $options['hl'] : true;
	500	$hl_pos = isset($options['hl_pos']) ? $options['hl_pos'] : -1;
[1328]	501	// First item of array elements should be blog's name, System or Plugins
[1340]	502	$res = '<h2>'.($with_home_link ?
[2720]	503	'<a class="go_home" href="'.$core->adminurl->get("admin.home").'"><img src="style/dashboard.png" alt="'.__('Go to dashboard').'" /></a>' :
[1340]	504	'<img src="style/dashboard-alt.png" alt="" />');
[1328]	505	$index = 0;
[2167]	506	if ($hl_pos < 0) {
	507	$hl_pos = count($elements)+$hl_pos;
[2166]	508	}
[1328]	509	foreach ($elements as $element => $url) {
[2167]	510	if ($hl && $index == $hl_pos) {
[2166]	511	$element = sprintf('<span class="page-title">%s</span>',$element);
	512	}
[1358]	513	$res .= ($with_home_link ? ($index == 1 ? ' : ' : ' &rsaquo; ') : ($index == 0 ? ' ' : ' &rsaquo; ')).
	514	($url ? '<a href="'.$url.'">' : '').$element.($url ? '</a>' : '');
[1328]	515	$index++;
	516	}
	517	$res .= '</h2>';
	518	return $res;
	519	}
	520
[1548]	521	public static function message($msg,$timestamp=true,$div=false,$echo=true,$class='message')
[907]	522	{
[910]	523	global $core;
[1187]	524
[907]	525	$res = '';
	526	if ($msg != '') {
[1548]	527	$res = ($div ? '<div class="'.$class.'">' : '').'<p'.($div ? '' : ' class="'.$class.'"').'>'.
[2191]	528	($timestamp ? dt::str(__('[%H:%M:%S]'),null,$core->auth->getInfo('user_tz')).' ' : '').$msg.
[1161]	529	'</p>'.($div ? '</div>' : '');
[907]	530	if ($echo) {
	531	echo $res;
	532	}
	533	}
	534	return $res;
	535	}
[1187]	536
[1548]	537	public static function success($msg,$timestamp=true,$div=false,$echo=true)
	538	{
[1927]	539	return self::message($msg,$timestamp,$div,$echo,"success");
[1548]	540	}
	541
[1725]	542	public static function warning($msg,$timestamp=true,$div=false,$echo=true)
	543	{
[1927]	544	return self::message($msg,$timestamp,$div,$echo,"warning-msg");
[1725]	545	}
	546
[0]	547	private static function debugInfo()
	548	{
	549	$global_vars = implode(', ',array_keys($GLOBALS));
[1187]	550
[0]	551	$res =
	552	'<div id="debug"><div>'.
	553	'<p>memory usage: '.memory_get_usage().' ('.files::size(memory_get_usage()).')</p>';
[1187]	554
[0]	555	if (function_exists('xdebug_get_profiler_filename'))
	556	{
	557	$res .= '<p>Elapsed time: '.xdebug_time_index().' seconds</p>';
[1187]	558
[0]	559	$prof_file = xdebug_get_profiler_filename();
	560	if ($prof_file) {
	561	$res .= '<p>Profiler file : '.xdebug_get_profiler_filename().'</p>';
	562	} else {
	563	$prof_url = http::getSelfURI();
[321]	564	$prof_url .= (strpos($prof_url,'?') === false) ? '?' : '&';
[0]	565	$prof_url .= 'XDEBUG_PROFILE';
[321]	566	$res .= '<p><a href="'.html::escapeURL($prof_url).'">Trigger profiler</a></p>';
[0]	567	}
[1187]	568
[0]	569	/* xdebug configuration:
	570	zend_extension = /.../xdebug.so
	571	xdebug.auto_trace = On
	572	xdebug.trace_format = 0
	573	xdebug.trace_options = 1
	574	xdebug.show_mem_delta = On
	575	xdebug.profiler_enable = 0
	576	xdebug.profiler_enable_trigger = 1
	577	xdebug.profiler_output_dir = /tmp
	578	xdebug.profiler_append = 0
	579	xdebug.profiler_output_name = timestamp
	580	*/
	581	}
[1187]	582
[0]	583	$res .=
	584	'<p>Global vars: '.$global_vars.'</p>'.
	585	'</div></div>';
[1187]	586
[0]	587	return $res;
	588	}
[1187]	589
[0]	590	public static function help($page,$index='')
	591	{
	592	# Deprecated but we keep this for plugins.
	593	}
[1187]	594
[0]	595	public static function helpBlock()
	596	{
[2720]	597	global $core;
[0]	598	$args = func_get_args();
[1458]	599
	600	$args = new ArrayObject($args);
	601
	602	# --BEHAVIOR-- adminPageHelpBlock
	603	$GLOBALS['core']->callBehavior('adminPageHelpBlock',$args);
	604
[0]	605	if (empty($args)) {
	606	return;
	607	};
[1187]	608
[0]	609	global $__resources;
	610	if (empty($__resources['help'])) {
	611	return;
	612	}
[1187]	613
[0]	614	$content = '';
	615	foreach ($args as $v)
	616	{
	617	if (is_object($v) && isset($v->content)) {
	618	$content .= $v->content;
	619	continue;
	620	}
[1187]	621
[0]	622	if (!isset($__resources['help'][$v])) {
	623	continue;
	624	}
	625	$f = $__resources['help'][$v];
	626	if (!file_exists($f) \|\| !is_readable($f)) {
	627	continue;
	628	}
[1187]	629
[0]	630	$fc = file_get_contents($f);
	631	if (preg_match('\|<body[^>]?>(.?)</body>\|ms',$fc,$matches)) {
	632	$content .= $matches[1];
	633	} else {
	634	$content .= $fc;
	635	}
	636	}
[1187]	637
[0]	638	if (trim($content) == '') {
	639	return;
	640	}
[1187]	641
[1933]	642	// Set contextual help global flag
	643	$GLOBALS['__resources']['ctxhelp'] = true;
	644
[0]	645	echo
[1573]	646	'<div id="help"><hr /><div class="help-content clear"><h3>'.__('Help about this page').'</h3>'.
[0]	647	$content.
[494]	648	'</div>'.
	649	'<div id="helplink"><hr />'.
	650	'<p>'.
[2720]	651	sprintf(__('See also %s'),sprintf('<a href="'.$core->adminurl->get("admin.help").'">%s</a>',__('the global help'))).
[2011]	652	'.</p>'.
[0]	653	'</div></div>';
	654	}
[1187]	655
[3086]	656	public static function cssLoad($src,$media='screen',$v='')
[3021]	657	{
	658	$escaped_src = html::escapeHTML($src);
	659	if (!isset(self::$loaded_css[$escaped_src])) {
	660	self::$loaded_css[$escaped_src] = true;
[3086]	661	$escaped_src = self::appendVersion($escaped_src,$v);
[3021]	662
	663	return '<link rel="stylesheet" href="'.$escaped_src.'" type="text/css" media="'.$media.'" />'."\n";
	664	}
	665	}
	666
[3086]	667	public static function jsLoad($src,$v='')
[0]	668	{
[342]	669	$escaped_src = html::escapeHTML($src);
	670	if (!isset(self::$loaded_js[$escaped_src])) {
[3020]	671	self::$loaded_js[$escaped_src] = true;
[3086]	672	$escaped_src = self::appendVersion($escaped_src,$v);
[342]	673	return '<script type="text/javascript" src="'.$escaped_src.'"></script>'."\n";
	674	}
[0]	675	}
[1187]	676
[3086]	677	private static function appendVersion($src,$v='')
[3021]	678	{
[3129]	679	$src .= (strpos($src,'?') === false ? '?' : '&').'v=';
[3021]	680	if (defined('DC_DEV') && DC_DEV === true) {
	681	$src .= md5(uniqid());
	682	} else {
[3086]	683	$src .= ($v === '' ? DC_VERSION : $v);
[3021]	684	}
	685	return $src;
	686	}
	687
[0]	688	public static function jsVar($n,$v)
	689	{
	690	return $n." = '".html::escapeJS($v)."';\n";
	691	}
[1187]	692
[1699]	693	public static function jsToggles()
	694	{
	695	if($GLOBALS['core']->auth->user_prefs->toggles) {
	696	$unfolded_sections = explode(',',$GLOBALS['core']->auth->user_prefs->toggles->unfolded_sections);
	697	foreach ($unfolded_sections as $k=>&$v) {
	698	if ($v == '') {
	699	unset($unfolded_sections[$k]);
	700	} else {
	701	$v = "'".html::escapeJS($v)."':true";
	702	}
	703	}
	704	} else {
	705	$unfolded_sections=array();
	706	}
	707	return '<script type="text/javascript">'."\n".
[3421]	708	'dotclear.unfolded_sections = {'.join(",",$unfolded_sections)."};\n".
[1699]	709	"</script>\n";
	710	}
[2503]	711
[0]	712	public static function jsCommon()
	713	{
[1771]	714	$mute_or_no = '';
[1841]	715	if (empty($GLOBALS['core']->blog) \|\| $GLOBALS['core']->blog->settings->system->jquery_migrate_mute) {
[1771]	716	$mute_or_no .=
	717	'<script type="text/javascript">'."\n".
[3421]	718	'jQuery.migrateMute = true;'."\n".
[1771]	719	"</script>\n";
	720	}
	721
[0]	722	return
	723	self::jsLoad('js/jquery/jquery.js').
[1771]	724	$mute_or_no.
[3178]	725	self::jsLoad('js/jquery/jquery-migrate.js').
[0]	726	self::jsLoad('js/jquery/jquery.biscuit.js').
	727	self::jsLoad('js/jquery/jquery.bgFade.js').
	728	self::jsLoad('js/common.js').
[447]	729	self::jsLoad('js/prelude.js').
[1187]	730
[0]	731	'<script type="text/javascript">'."\n".
[2614]	732	'jsToolBar = {}, jsToolBar.prototype = { elements : {} };'."\n".
[3460]	733
[0]	734	self::jsVar('dotclear.nonce',$GLOBALS['core']->getNonce()).
[3460]	735
[1019]	736	self::jsVar('dotclear.img_plus_src','images/expand.png').
[0]	737	self::jsVar('dotclear.img_plus_alt',__('uncover')).
[1019]	738	self::jsVar('dotclear.img_minus_src','images/hide.png').
[0]	739	self::jsVar('dotclear.img_minus_alt',__('hide')).
	740	self::jsVar('dotclear.img_menu_on','images/menu_on.png').
	741	self::jsVar('dotclear.img_menu_off','images/menu_off.png').
[2503]	742
[2195]	743	self::jsVar('dotclear.img_plus_theme_src','images/plus-theme.png').
	744	self::jsVar('dotclear.img_plus_theme_alt',__('uncover')).
	745	self::jsVar('dotclear.img_minus_theme_src','images/minus-theme.png').
	746	self::jsVar('dotclear.img_minus_theme_alt',__('hide')).
[1187]	747
[0]	748	self::jsVar('dotclear.msg.help',
[1933]	749	__('Need help?')).
[2225]	750	self::jsVar('dotclear.msg.new_window',
	751	__('new window')).
[1302]	752	self::jsVar('dotclear.msg.help_hide',
	753	__('Hide')).
[1556]	754	self::jsVar('dotclear.msg.to_select',
	755	__('Select:')).
[0]	756	self::jsVar('dotclear.msg.no_selection',
	757	__('no selection')).
	758	self::jsVar('dotclear.msg.select_all',
	759	__('select all')).
	760	self::jsVar('dotclear.msg.invert_sel',
[1556]	761	__('Invert selection')).
[0]	762	self::jsVar('dotclear.msg.website',
	763	__('Web site:')).
	764	self::jsVar('dotclear.msg.email',
	765	__('Email:')).
	766	self::jsVar('dotclear.msg.ip_address',
	767	__('IP address:')).
	768	self::jsVar('dotclear.msg.error',
	769	__('Error:')).
	770	self::jsVar('dotclear.msg.entry_created',
	771	__('Entry has been successfully created.')).
	772	self::jsVar('dotclear.msg.edit_entry',
	773	__('Edit entry')).
	774	self::jsVar('dotclear.msg.view_entry',
	775	__('view entry')).
	776	self::jsVar('dotclear.msg.confirm_delete_posts',
	777	__("Are you sure you want to delete selected entries (%s)?")).
[2202]	778	self::jsVar('dotclear.msg.confirm_delete_medias',
	779	__("Are you sure you want to delete selected medias (%d)?")).
[1525]	780	self::jsVar('dotclear.msg.confirm_delete_categories',
	781	__("Are you sure you want to delete selected categories (%s)?")).
[0]	782	self::jsVar('dotclear.msg.confirm_delete_post',
	783	__("Are you sure you want to delete this entry?")).
[1395]	784	self::jsVar('dotclear.msg.click_to_unlock',
[1450]	785	__("Click here to unlock the field")).
[1049]	786	self::jsVar('dotclear.msg.confirm_spam_delete',
	787	__('Are you sure you want to delete all spams?')).
[0]	788	self::jsVar('dotclear.msg.confirm_delete_comments',
	789	__('Are you sure you want to delete selected comments (%s)?')).
	790	self::jsVar('dotclear.msg.confirm_delete_comment',
	791	__('Are you sure you want to delete this comment?')).
	792	self::jsVar('dotclear.msg.cannot_delete_users',
	793	__('Users with posts cannot be deleted.')).
	794	self::jsVar('dotclear.msg.confirm_delete_user',
	795	__('Are you sure you want to delete selected users (%s)?')).
[3403]	796	self::jsVar('dotclear.msg.confirm_delete_blog',
	797	__('Are you sure you want to delete selected blogs (%s)?')).
[0]	798	self::jsVar('dotclear.msg.confirm_delete_category',
	799	__('Are you sure you want to delete category "%s"?')).
	800	self::jsVar('dotclear.msg.confirm_reorder_categories',
	801	__('Are you sure you want to reorder all categories?')).
	802	self::jsVar('dotclear.msg.confirm_delete_media',
	803	__('Are you sure you want to remove media "%s"?')).
[2512]	804	self::jsVar('dotclear.msg.confirm_delete_directory',
	805	__('Are you sure you want to remove directory "%s"?')).
[0]	806	self::jsVar('dotclear.msg.confirm_extract_current',
	807	__('Are you sure you want to extract archive in current directory?')).
	808	self::jsVar('dotclear.msg.confirm_remove_attachment',
	809	__('Are you sure you want to remove attachment "%s"?')).
	810	self::jsVar('dotclear.msg.confirm_delete_lang',
	811	__('Are you sure you want to delete "%s" language?')).
	812	self::jsVar('dotclear.msg.confirm_delete_plugin',
	813	__('Are you sure you want to delete "%s" plugin?')).
[2487]	814	self::jsVar('dotclear.msg.confirm_delete_plugins',
	815	__('Are you sure you want to delete selected plugins?')).
[0]	816	self::jsVar('dotclear.msg.use_this_theme',
	817	__('Use this theme')).
	818	self::jsVar('dotclear.msg.remove_this_theme',
	819	__('Remove this theme')).
	820	self::jsVar('dotclear.msg.confirm_delete_theme',
	821	__('Are you sure you want to delete "%s" theme?')).
[2487]	822	self::jsVar('dotclear.msg.confirm_delete_themes',
	823	__('Are you sure you want to delete selected themes?')).
[1462]	824	self::jsVar('dotclear.msg.confirm_delete_backup',
	825	__('Are you sure you want to delete this backup?')).
[2503]	826	self::jsVar('dotclear.msg.confirm_revert_backup',
	827	__('Are you sure you want to revert to this backup?')).
[0]	828	self::jsVar('dotclear.msg.zip_file_content',
	829	__('Zip file content')).
	830	self::jsVar('dotclear.msg.xhtml_validator',
	831	__('XHTML markup validator')).
	832	self::jsVar('dotclear.msg.xhtml_valid',
	833	__('XHTML content is valid.')).
	834	self::jsVar('dotclear.msg.xhtml_not_valid',
	835	__('There are XHTML markup errors.')).
[1861]	836	self::jsVar('dotclear.msg.warning_validate_no_save_content',
[1832]	837	__('Attention: an audit of a content not yet registered.')).
[0]	838	self::jsVar('dotclear.msg.confirm_change_post_format',
	839	__('You have unsaved changes. Switch post format will loose these changes. Proceed anyway?')).
[1256]	840	self::jsVar('dotclear.msg.confirm_change_post_format_noconvert',
	841	__("Warning: post format change will not convert existing content. You will need to apply new format by yourself. Proceed anyway?")).
[224]	842	self::jsVar('dotclear.msg.load_enhanced_uploader',
	843	__('Loading enhanced uploader, please wait.')).
[2156]	844
	845	self::jsVar('dotclear.msg.module_author',
	846	__('Author:')).
	847	self::jsVar('dotclear.msg.module_details',
	848	__('Details')).
	849	self::jsVar('dotclear.msg.module_support',
[2157]	850	__('Support')).
[2156]	851	self::jsVar('dotclear.msg.module_help',
[2157]	852	__('Help:')).
[2156]	853	self::jsVar('dotclear.msg.module_section',
	854	__('Section:')).
	855	self::jsVar('dotclear.msg.module_tags',
	856	__('Tags:')).
[3460]	857
	858	self::jsVar('dotclear.msg.close_notice',
	859	__('Hide this notice')).
	860
[3421]	861	"\n".
[0]	862	"</script>\n";
	863	}
[1187]	864
[3418]	865	/**
	866	@deprecated since version 2.11
	867	*/
[0]	868	public static function jsLoadIE7()
	869	{
[3418]	870	return '';
[0]	871	}
[1187]	872
[0]	873	public static function jsConfirmClose()
	874	{
	875	$args = func_get_args();
	876	if (count($args) > 0) {
	877	foreach ($args as $k => $v) {
	878	$args[$k] = "'".html::escapeJS($v)."'";
	879	}
	880	$args = implode(',',$args);
	881	} else {
	882	$args = '';
	883	}
[1187]	884
[0]	885	return
	886	self::jsLoad('js/confirm-close.js').
	887	'<script type="text/javascript">'."\n".
	888	"confirmClosePage = new confirmClose(".$args."); ".
	889	"confirmClose.prototype.prompt = '".html::escapeJS(__('You have unsaved changes.'))."'; ".
	890	"</script>\n";
	891	}
[1187]	892
[0]	893	public static function jsPageTabs($default=null)
	894	{
	895	if ($default) {
	896	$default = "'".html::escapeJS($default)."'";
	897	}
[2503]	898
[0]	899	return
	900	self::jsLoad('js/jquery/jquery.pageTabs.js').
	901	'<script type="text/javascript">'."\n".
[2010]	902	'$(function() {'."\n".
[3421]	903	' $.pageTabs('.$default.');'."\n".
[2113]	904	'});'.
[3418]	905	"</script>\n";
[2010]	906	}
[1161]	907
[2202]	908	public static function jsModal()
	909	{
	910	return
[3368]	911	self::jsLoad('js/jquery/jquery.magnific-popup.js');
[0]	912	}
[1187]	913
[2202]	914	public static function jsColorPicker()
	915	{
	916	return
[3021]	917	self::cssLoad('style/farbtastic/farbtastic.css').
[2202]	918	self::jsLoad('js/jquery/jquery.farbtastic.js').
	919	self::jsLoad('js/color-picker.js');
[0]	920	}
[1187]	921
[2202]	922	public static function jsDatePicker()
	923	{
	924	return
[3021]	925	self::cssLoad('style/date-picker.css').
[2202]	926	self::jsLoad('js/date-picker.js').
	927	'<script type="text/javascript">'."\n".
[1187]	928
[2202]	929	"datePicker.prototype.months[0] = '".html::escapeJS(__('January'))."'; ".
	930	"datePicker.prototype.months[1] = '".html::escapeJS(__('February'))."'; ".
	931	"datePicker.prototype.months[2] = '".html::escapeJS(__('March'))."'; ".
	932	"datePicker.prototype.months[3] = '".html::escapeJS(__('April'))."'; ".
	933	"datePicker.prototype.months[4] = '".html::escapeJS(__('May'))."'; ".
	934	"datePicker.prototype.months[5] = '".html::escapeJS(__('June'))."'; ".
	935	"datePicker.prototype.months[6] = '".html::escapeJS(__('July'))."'; ".
	936	"datePicker.prototype.months[7] = '".html::escapeJS(__('August'))."'; ".
	937	"datePicker.prototype.months[8] = '".html::escapeJS(__('September'))."'; ".
	938	"datePicker.prototype.months[9] = '".html::escapeJS(__('October'))."'; ".
	939	"datePicker.prototype.months[10] = '".html::escapeJS(__('November'))."'; ".
	940	"datePicker.prototype.months[11] = '".html::escapeJS(__('December'))."'; ".
[1161]	941
[2202]	942	"datePicker.prototype.days[0] = '".html::escapeJS(__('Monday'))."'; ".
	943	"datePicker.prototype.days[1] = '".html::escapeJS(__('Tuesday'))."'; ".
	944	"datePicker.prototype.days[2] = '".html::escapeJS(__('Wednesday'))."'; ".
	945	"datePicker.prototype.days[3] = '".html::escapeJS(__('Thursday'))."'; ".
	946	"datePicker.prototype.days[4] = '".html::escapeJS(__('Friday'))."'; ".
	947	"datePicker.prototype.days[5] = '".html::escapeJS(__('Saturday'))."'; ".
	948	"datePicker.prototype.days[6] = '".html::escapeJS(__('Sunday'))."'; ".
	949
	950	"datePicker.prototype.img_src = 'images/date-picker.png'; ".
[2788]	951	"datePicker.prototype.img_alt = '".html::escapeJS(__('Choose date'))."'; ".
[2202]	952
	953	"datePicker.prototype.close_msg = '".html::escapeJS(__('close'))."'; ".
	954	"datePicker.prototype.now_msg = '".html::escapeJS(__('now'))."'; ".
	955
	956	"</script>\n";
[0]	957	}
[1187]	958
[2720]	959
[2202]	960	public static function jsToolBar()
	961	{
[2614]	962	# Deprecated but we keep this for plugins.
[2202]	963	}
	964
	965	public static function jsUpload($params=array(),$base_url=null)
	966	{
	967	if (!$base_url) {
	968	$base_url = path::clean(dirname(preg_replace('/(\?.*$)?/','',$_SERVER['REQUEST_URI']))).'/';
	969	}
	970
	971	$params = array_merge($params,array(
	972	'sess_id='.session_id(),
	973	'sess_uid='.$_SESSION['sess_browser_uid'],
	974	'xd_check='.$GLOBALS['core']->getNonce()
[0]	975	));
[1187]	976
[2202]	977	return
	978	'<script type="text/javascript">'."\n".
	979	"dotclear.jsUpload = {};\n".
	980	"dotclear.jsUpload.msg = {};\n".
	981	self::jsVar('dotclear.msg.enhanced_uploader_activate',__('Temporarily activate enhanced uploader')).
	982	self::jsVar('dotclear.msg.enhanced_uploader_disable',__('Temporarily disable enhanced uploader')).
	983	self::jsVar('dotclear.jsUpload.msg.limit_exceeded',__('Limit exceeded.')).
	984	self::jsVar('dotclear.jsUpload.msg.size_limit_exceeded',__('File size exceeds allowed limit.')).
	985	self::jsVar('dotclear.jsUpload.msg.canceled',__('Canceled.')).
	986	self::jsVar('dotclear.jsUpload.msg.http_error',__('HTTP Error:')).
	987	self::jsVar('dotclear.jsUpload.msg.error',__('Error:')).
	988	self::jsVar('dotclear.jsUpload.msg.choose_file',__('Choose file')).
	989	self::jsVar('dotclear.jsUpload.msg.choose_files',__('Choose files')).
	990	self::jsVar('dotclear.jsUpload.msg.cancel',__('Cancel')).
	991	self::jsVar('dotclear.jsUpload.msg.clean',__('Clean')).
	992	self::jsVar('dotclear.jsUpload.msg.upload',__('Upload')).
	993	self::jsVar('dotclear.jsUpload.msg.send',__('Send')).
	994	self::jsVar('dotclear.jsUpload.msg.file_successfully_uploaded',__('File successfully uploaded.')).
	995	self::jsVar('dotclear.jsUpload.msg.no_file_in_queue',__('No file in queue.')).
	996	self::jsVar('dotclear.jsUpload.msg.file_in_queue',__('1 file in queue.')).
	997	self::jsVar('dotclear.jsUpload.msg.files_in_queue',__('%d files in queue.')).
	998	self::jsVar('dotclear.jsUpload.msg.queue_error',__('Queue error:')).
	999	self::jsVar('dotclear.jsUpload.base_url',$base_url).
	1000	"</script>\n".
[1461]	1001
[3218]	1002	self::jsLoad('js/jquery/jquery-ui.custom.js').
[2202]	1003	self::jsLoad('js/jsUpload/tmpl.js').
	1004	self::jsLoad('js/jsUpload/template-upload.js').
	1005	self::jsLoad('js/jsUpload/template-download.js').
	1006	self::jsLoad('js/jsUpload/load-image.js').
	1007	self::jsLoad('js/jsUpload/jquery.iframe-transport.js').
	1008	self::jsLoad('js/jsUpload/jquery.fileupload.js').
	1009	self::jsLoad('js/jsUpload/jquery.fileupload-process.js').
	1010	self::jsLoad('js/jsUpload/jquery.fileupload-resize.js').
	1011	self::jsLoad('js/jsUpload/jquery.fileupload-ui.js');
	1012	}
[1144]	1013
[2202]	1014	public static function jsMetaEditor()
	1015	{
[3021]	1016	return self::jsLoad('js/meta-editor.js');
[2202]	1017	}
[2849]	1018
[3397]	1019	public static function jsFilterControl($show=true)
	1020	{
	1021	return
	1022	self::jsLoad('js/filter-controls.js').
	1023	'<script type="text/javascript">'."\n".
	1024	self::jsVar('dotclear.msg.show_filters', $show ? 'true':'false')."\n".
	1025	self::jsVar('dotclear.msg.filter_posts_list',__('Show filters and display options'))."\n".
	1026	self::jsVar('dotclear.msg.cancel_the_filter',__('Cancel filters and display options'))."\n".
	1027	"</script>";
	1028	}
	1029
[3256]	1030	public static function jsLoadCodeMirror($theme = '',$multi = true,$modes = array('css','htmlmixed','javascript','php','xml'))
[3251]	1031	{
	1032	$ret =
	1033	self::cssLoad('js/codemirror/lib/codemirror.css').
	1034	self::jsLoad('js/codemirror/lib/codemirror.js');
	1035	if ($multi) {
	1036	$ret .= self::jsLoad('js/codemirror/addon/mode/multiplex.js');
	1037	}
	1038	foreach ($modes as $mode) {
	1039	$ret .= self::jsLoad('js/codemirror/mode/'.$mode.'/'.$mode.'.js');
	1040	}
	1041	$ret .=
	1042	self::jsLoad('js/codemirror/addon/edit/closebrackets.js').
[3253]	1043	self::jsLoad('js/codemirror/addon/edit/matchbrackets.js').
	1044	self::cssLoad('js/codemirror/addon/display/fullscreen.css').
	1045	self::jsLoad('js/codemirror/addon/display/fullscreen.js');
[3251]	1046	if ($theme != '') {
	1047	$ret .= self::cssLoad('js/codemirror/theme/'.$theme.'.css');
	1048	}
	1049	return $ret;
	1050	}
	1051
[3256]	1052	public static function jsRunCodeMirror($name,$id,$mode,$theme = '')
	1053	{
	1054	$ret =
[3421]	1055	'<script type="text/javascript">'."\n".
[3256]	1056	'var '.$name.' = CodeMirror.fromTextArea('.$id.',{'."\n".
	1057	' mode: "'.$mode.'",'."\n".
	1058	' tabMode: "indent",'."\n".
	1059	' lineWrapping: "true",'."\n".
	1060	' lineNumbers: "true",'."\n".
	1061	' matchBrackets: "true",'."\n".
	1062	' autoCloseBrackets: "true",'."\n".
	1063	' extraKeys: {"F11": function(cm) {cm.setOption("fullScreen",!cm.getOption("fullScreen"));}}';
[3421]	1064	if ($theme) {
	1065	$ret .=
	1066	','."\n".
	1067	' theme: "'.$theme.'"';
	1068	}
	1069	$ret .= "\n".
	1070	'});'."\n".
[3256]	1071	'</script>';
	1072	return $ret;
	1073	}
	1074
[3251]	1075	public static function getCodeMirrorThemes()
	1076	{
	1077	$themes = array();
	1078	$themes_root = dirname(__FILE__).'/../../admin'.'/js/codemirror/theme/';
	1079	if (is_dir($themes_root) && is_readable($themes_root)) {
	1080	if (($d = @dir($themes_root)) !== false) {
	1081	while (($entry = $d->read()) !== false) {
	1082	if ($entry != '.' && $entry != '..' && substr($entry, 0, 1) != '.' && is_readable($themes_root.'/'.$entry)) {
	1083	$themes[] = substr($entry,0,-4); // remove .css extension
	1084	}
	1085	}
[3313]	1086	sort($themes);
[3251]	1087	}
	1088	}
	1089	return $themes;
	1090	}
	1091
[3080]	1092	public static function getPF($file)
	1093	{
[2852]	1094	return $GLOBALS['core']->adminurl->get('load.plugin.file',array('pf' => $file));
[2849]	1095	}
[2909]	1096
[3262]	1097	public static function getVF($file)
	1098	{
	1099	return $GLOBALS['core']->adminurl->get('load.var.file',array('vf' => $file));
	1100	}
	1101
[3279]	1102	public static function setXFrameOptions($headers,$origin = null)
[3080]	1103	{
[2909]	1104	if (self::$xframe_loaded) {
	1105	return;
	1106	}
[3490]	1107
[2909]	1108	if ($origin !== null) {
	1109	$url = parse_url($origin);
[3490]	1110	$headers['x-frame-options'] = sprintf('X-Frame-Options: %s',is_array($url) && isset($url['host']) ?
[3080]	1111	("ALLOW-FROM ".(isset($url['scheme']) ? $url['scheme'].':' : '' ).'//'.$url['host']) :
[3279]	1112	'SAMEORIGIN');
[2909]	1113	} else {
[3279]	1114	$headers['x-frame-options'] = 'X-Frame-Options: SAMEORIGIN'; // FF 3.6.9+ Chrome 4.1+ IE 8+ Safari 4+ Opera 10.5+
[2909]	1115	}
	1116	self::$xframe_loaded = true;
	1117	}
[489]	1118	}

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/admin/lib.dc.page.php @ 3509:652d583aa806

Download in other formats:

Sites map