lib.dc.page.php @ 2792:08fe3c330258

Visit:

Revision 2792:08fe3c330258, 29.5 KB checked in by franck <carnet.franck.paul@…>, 11 years ago (diff)
Prevents Clickjacking as far as possible (see https://www.owasp.org/index.php/Clickjacking), thanks Narendra Bhati for reporting this.

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12	if (!defined('DC_RC_PATH')) { return; }
13
14	define('DC_AUTH_PAGE','auth.php');
15
16	class dcPage
17	{
18	private static $loaded_js = array();
19	private static $N_TYPES = array(
20	"success" => "success",
21	"warning" => "warning-msg",
22	"error" => "error",
23	"message" => "message",
24	"static" => "static-msg");
25
26	# Auth check
27	public static function check($permissions)
28	{
29	global $core;
30
31	if ($core->blog && $core->auth->check($permissions,$core->blog->id)) {
32	return;
33	}
34
35	if (session_id()) {
36	$core->session->destroy();
37	}
38	http::redirect(DC_AUTH_PAGE);
39	}
40
41	# Check super admin
42	public static function checkSuper()
43	{
44	global $core;
45
46	if (!$core->auth->isSuperAdmin())
47	{
48	if (session_id()) {
49	$core->session->destroy();
50	}
51	http::redirect(DC_AUTH_PAGE);
52	}
53	}
54
55	# Top of admin page
56	public static function open($title='',$head='',$breadcrumb='')
57	{
58	global $core;
59
60	# List of user's blogs
61	if ($core->auth->getBlogCount() == 1 \|\| $core->auth->getBlogCount() > 20)
62	{
63	$blog_box =
64	'<p>'.__('Blog:').' <strong title="'.html::escapeHTML($core->blog->url).'">'.
65	html::escapeHTML($core->blog->name).'</strong>';
66
67	if ($core->auth->getBlogCount() > 20) {
68	$blog_box .= ' - <a href="'.$core->adminurl->get("admin.blogs").'">'.__('Change blog').'</a>';
69	}
70	$blog_box .= '</p>';
71	}
72	else
73	{
74	$rs_blogs = $core->getBlogs(array('order'=>'LOWER(blog_name)','limit'=>20));
75	$blogs = array();
76	while ($rs_blogs->fetch()) {
77	$blogs[html::escapeHTML($rs_blogs->blog_name.' - '.$rs_blogs->blog_url)] = $rs_blogs->blog_id;
78	}
79	$blog_box =
80	'<p><label for="switchblog" class="classic">'.
81	__('Blogs:').'</label> '.
82	$core->formNonce().
83	form::combo('switchblog',$blogs,$core->blog->id).
84	'<input type="submit" value="'.__('ok').'" class="hidden-if-js" /></p>';
85	}
86
87	$safe_mode = isset($_SESSION['sess_safe_mode']) && $_SESSION['sess_safe_mode'];
88
89	# Display
90	header('Content-Type: text/html; charset=UTF-8');
91
92	// Prevents Clickjacking as far as possible
93	header('X-Frame-Options: SAMEORIGIN'); // FF 3.6.9+ Chrome 4.1+ IE 8+ Safari 4+ Opera 10.5+
94
95	echo
96	'<!DOCTYPE html>'.
97	'<html lang="'.$core->auth->getInfo('user_lang').'">'."\n".
98	"<head>\n".
99	' <meta charset="UTF-8" />'."\n".
100	' <meta name="ROBOTS" content="NOARCHIVE,NOINDEX,NOFOLLOW" />'."\n".
101	' <meta name="GOOGLEBOT" content="NOSNIPPET" />'."\n".
102	' <meta name="viewport" content="width=device-width, initial-scale=1.0" />'."\n".
103	' <title>'.$title.' - '.html::escapeHTML($core->blog->name).' - '.html::escapeHTML(DC_VENDOR_NAME).' - '.DC_VERSION.'</title>'."\n".
104
105
106	self::jsLoadIE7().
107	' <link rel="stylesheet" href="style/default.css" type="text/css" media="screen" />'."\n";
108	if (l10n::getTextDirection($GLOBALS['_lang']) == 'rtl') {
109	echo
110	' <link rel="stylesheet" href="style/default-rtl.css" type="text/css" media="screen" />'."\n";
111	}
112
113	$core->auth->user_prefs->addWorkspace('interface');
114	$user_ui_hide_std_favicon = $core->auth->user_prefs->interface->hide_std_favicon;
115	if (!$user_ui_hide_std_favicon) {
116	echo
117	'<link rel="icon" type="image/png" href="images/favicon96-login.png" />'.
118	'<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon" />';
119	}
120	echo
121	self::jsCommon().
122	self::jsToggles().
123	$head;
124
125	# --BEHAVIOR-- adminPageHTMLHead
126	$core->callBehavior('adminPageHTMLHead');
127
128	echo
129	"</head>\n".
130	'<body id="dotclear-admin'.
131	($safe_mode ? ' safe-mode' : '').'" class="no-js">'."\n".
132
133	'<ul id="prelude">'.
134	'<li><a href="#content">'.__('Go to the content').'</a></li>'.
135	'<li><a href="#main-menu">'.__('Go to the menu').'</a></li>'.
136	'<li><a href="#qx">'.__('Go to search').'</a></li>'.
137	'<li><a href="#help">'.__('Go to help').'</a></li>'.
138	'</ul>'."\n".
139	'<div id="header" role="banner">'.
140	'<h1><a href="'.$core->adminurl->get("admin.home").'"><span class="hidden">'.DC_VENDOR_NAME.'</span></a></h1>'."\n";
141
142	echo
143	'<form action="'.$core->adminurl->get("admin.home").'" method="post" id="top-info-blog">'.
144	$blog_box.
145	'<p><a href="'.$core->blog->url.'" class="outgoing" title="'.__('Go to site').
146	'">'.__('Go to site').'<img src="images/outgoing.png" alt="" /></a>'.
147	'</p></form>'.
148	'<ul id="top-info-user">'.
149	'<li><a class="'.(preg_match('/index.php$/',$_SERVER['REQUEST_URI']) ? ' active' : '').'" href="'.$core->adminurl->get("admin.home").'">'.__('My dashboard').'</a></li>'.
150	'<li><a class="smallscreen'.(preg_match('/preferences.php(\?.*)?$/',$_SERVER['REQUEST_URI']) ? ' active' : '').
151	'" href="'.$core->adminurl->get("admin.user.preferences").'">'.__('My preferences').'</a></li>'.
152	'<li><a href="'.$core->adminurl->get("admin.home",array('logout' => 1)).'" class="logout"><span class="nomobile">'.sprintf(__('Logout %s'),$core->auth->userID()).
153	'</span><img src="images/logout.png" alt="" /></a></li>'.
154	'</ul>'.
155	'</div>'; // end header
156
157	echo
158	'<div id="wrapper" class="clearfix">'."\n".
159	'<div class="hidden-if-no-js collapser-box"><a href="#" id="collapser">'.
160	'<img class="collapse-mm" src="images/collapser-hide.png" alt="'.__('Hide main menu').'" />'.
161	'<img class="expand-mm" src="images/collapser-show.png" alt="'.__('Show main menu').'" />'.
162	'</a></div>'.
163	'<div id="main" role="main">'."\n".
164	'<div id="content" class="clearfix">'."\n";
165
166	# Safe mode
167	if ($safe_mode)
168	{
169	echo
170	'<div class="warning" role="alert"><h3>'.__('Safe mode').'</h3>'.
171	'<p>'.__('You are in safe mode. All plugins have been temporarily disabled. Remind to log out then log in again normally to get back all functionalities').'</p>'.
172	'</div>';
173	}
174
175	// Display breadcrumb (if given) before any error message
176	echo $breadcrumb;
177
178	if ($core->error->flag()) {
179	echo
180	'<div class="error"><p><strong>'.(count($core->error->getErrors()) > 1 ? __('Errors:') : __('Error:')).'</strong></p>'.
181	$core->error->toHTML().
182	'</div>';
183	}
184
185	// Display notices
186	echo self::notices();
187	}
188
189	public static function notices()
190	{
191	// return notices if any
192	$res = '';
193	if (isset($_SESSION['notifications'])) {
194	$notifications = $_SESSION['notifications'];
195	foreach ($_SESSION['notifications'] as $notification) {
196	$res .= self::getNotification($notification);
197	}
198	unset($_SESSION['notifications']);
199	}
200	return $res;
201	}
202
203	public static function addNotice($type,$message,$options=array())
204	{
205	if (isset(self::$N_TYPES[$type])){
206	$class = self::$N_TYPES[$type];
207	} else {
208	$class=$type;
209	}
210	if (isset($_SESSION['notifications']) && is_array($_SESSION['notifications'])) {
211	$notifications = $_SESSION['notifications'];
212	} else {
213	$notifications = array();
214	}
215
216	$n = array_merge($options,array('class' => $class,'ts' => time(), 'text' => $message));
217	if ($type != "static") {
218	$notifications[] = $n;
219	} else {
220	array_unshift($notifications, $n);
221	}
222	$_SESSION['notifications'] = $notifications;
223	}
224
225	public static function addSuccessNotice($message,$options=array())
226	{
227	self::addNotice("success",$message,$options);
228	}
229
230	public static function addWarningNotice($message,$options=array())
231	{
232	self::addNotice("warning",$message,$options);
233	}
234
235	public static function addErrorNotice($message,$options=array())
236	{
237	self::addNotice("error",$message,$options);
238	}
239
240	protected static function getNotification($n)
241	{
242	global $core;
243	$tag = (isset($n['divtag'])&& $n['divtag'])?'div':'p';
244	$ts = '';
245	if (!isset($n['with_ts']) \|\| ($n['with_ts'] == true)) {
246	$ts = dt::str(__('[%H:%M:%S]'),$n['ts'],$core->auth->getInfo('user_tz')).' ';
247	}
248	$res = '<'.$tag.' class="'.$n['class'].'" role="alert">'.$ts.$n['text'].'</'.$tag.'>';
249	return $res;
250	}
251
252	public static function close()
253	{
254	global $core;
255
256	if (!$GLOBALS['__resources']['ctxhelp']) {
257	echo
258	'<p id="help-button"><a href="'.$core->adminurl->get("admin.help").'" class="outgoing" title="'.
259	__('Global help').'">'.__('Global help').'</a></p>';
260	}
261
262	$menu =& $GLOBALS['_menu'];
263
264	echo
265	"</div>\n". // End of #content
266	"</div>\n". // End of #main
267
268	'<div id="main-menu" role="navigation">'."\n".
269
270	'<form id="search-menu" action="'.$core->adminurl->get("admin.search").'" method="get" role="search">'.
271	'<p><label for="qx" class="hidden">'.__('Search:').' </label>'.form::field('qx',30,255,'').
272	'<input type="submit" value="'.__('OK').'" /></p>'.
273	'</form>';
274
275	foreach ($menu as $k => $v) {
276	echo $menu[$k]->draw();
277	}
278
279	$text = sprintf(__('Thank you for using %s.'),'Dotclear '.DC_VERSION);
280
281	# --BEHAVIOR-- adminPageFooter
282	$textAlt = $core->callBehavior('adminPageFooter',$core,$text);
283	if ($textAlt != '') {
284	$text = $textAlt;
285	}
286	$text = html::escapeHTML($text);
287
288	echo
289	'</div>'."\n". // End of #main-menu
290	"</div>\n"; // End of #wrapper
291
292	echo
293	'<div id="footer" role="contentinfo">'.
294	'<a href="http://dotclear.org/" title="'.$text.'">'.
295	'<img src="style/dc_logos/w-dotclear90.png" alt="'.$text.'" /></a></div>'."\n".
296	"<!-- \n \n ,;:'`'::\n".
297	" __\|\|\n _____/LLLL\_\n \__________\"\|\n".
298	" ~^~^~^~^~^~^~^~^~^~\n -->\n";
299
300	if (defined('DC_DEV') && DC_DEV === true) {
301	echo self::debugInfo();
302	}
303
304	echo
305	'</body></html>';
306	}
307
308	public static function openPopup($title='',$head='',$breadcrumb='')
309	{
310	global $core;
311
312	# Display
313	header('Content-Type: text/html; charset=UTF-8');
314
315	// Prevents Clickjacking as far as possible
316	header('X-Frame-Options: SAMEORIGIN'); // FF 3.6.9+ Chrome 4.1+ IE 8+ Safari 4+ Opera 10.5+
317
318	echo
319	'<!DOCTYPE html>'.
320	'<html lang="'.$core->auth->getInfo('user_lang').'">'."\n".
321	"<head>\n".
322	' <meta charset="UTF-8" />'."\n".
323	' <meta name="viewport" content="width=device-width, initial-scale=1.0" />'."\n".
324	' <title>'.$title.' - '.html::escapeHTML($core->blog->name).' - '.html::escapeHTML(DC_VENDOR_NAME).' - '.DC_VERSION.'</title>'."\n".
325
326	' <meta name="ROBOTS" content="NOARCHIVE,NOINDEX,NOFOLLOW" />'."\n".
327	' <meta name="GOOGLEBOT" content="NOSNIPPET" />'."\n".
328
329	self::jsLoadIE7().
330	' <link rel="stylesheet" href="style/default.css" type="text/css" media="screen" />'."\n";
331	if (l10n::getTextDirection($GLOBALS['_lang']) == 'rtl') {
332	echo
333	' <link rel="stylesheet" href="style/default-rtl.css" type="text/css" media="screen" />'."\n";
334	}
335
336	echo
337	self::jsCommon().
338	self::jsToggles().
339	$head;
340
341	# --BEHAVIOR-- adminPageHTMLHead
342	$core->callBehavior('adminPageHTMLHead');
343
344	echo
345	"</head>\n".
346	'<body id="dotclear-admin" class="popup">'."\n".
347
348	'<h1>'.DC_VENDOR_NAME.'</h1>'."\n";
349
350	echo
351	'<div id="wrapper">'."\n".
352	'<div id="main" role="main">'."\n".
353	'<div id="content">'."\n";
354
355	// display breadcrumb if given
356	echo $breadcrumb;
357
358	if ($core->error->flag()) {
359	echo
360	'<div class="error" role="alert"><strong>'.__('Errors:').'</strong>'.
361	$core->error->toHTML().
362	'</div>';
363	}
364	}
365
366	public static function closePopup()
367	{
368	echo
369	"</div>\n". // End of #content
370	"</div>\n". // End of #main
371	"</div>\n". // End of #wrapper
372	'<div id="footer" role="contentinfo"><p> </p></div>'."\n".
373	'</body></html>';
374	}
375
376	public static function breadcrumb($elements=null,$options=array())
377	{
378	global $core;
379	$with_home_link = isset($options['home_link'])?$options['home_link']:true;
380	$hl = isset($options['hl'])?$options['hl']:true;
381	$hl_pos = isset($options['hl_pos'])?$options['hl_pos']:-1;
382	// First item of array elements should be blog's name, System or Plugins
383	$res = '<h2>'.($with_home_link ?
384	'<a class="go_home" href="'.$core->adminurl->get("admin.home").'"><img src="style/dashboard.png" alt="'.__('Go to dashboard').'" /></a>' :
385	'<img src="style/dashboard-alt.png" alt="" />');
386	$index = 0;
387	if ($hl_pos < 0) {
388	$hl_pos = count($elements)+$hl_pos;
389	}
390	foreach ($elements as $element => $url) {
391	if ($hl && $index == $hl_pos) {
392	$element = sprintf('<span class="page-title">%s</span>',$element);
393	}
394	$res .= ($with_home_link ? ($index == 1 ? ' : ' : ' &rsaquo; ') : ($index == 0 ? ' ' : ' &rsaquo; ')).
395	($url ? '<a href="'.$url.'">' : '').$element.($url ? '</a>' : '');
396	$index++;
397	}
398	$res .= '</h2>';
399	return $res;
400	}
401
402	public static function message($msg,$timestamp=true,$div=false,$echo=true,$class='message')
403	{
404	global $core;
405
406	$res = '';
407	if ($msg != '') {
408	$res = ($div ? '<div class="'.$class.'">' : '').'<p'.($div ? '' : ' class="'.$class.'"').'>'.
409	($timestamp ? dt::str(__('[%H:%M:%S]'),null,$core->auth->getInfo('user_tz')).' ' : '').$msg.
410	'</p>'.($div ? '</div>' : '');
411	if ($echo) {
412	echo $res;
413	}
414	}
415	return $res;
416	}
417
418	public static function success($msg,$timestamp=true,$div=false,$echo=true)
419	{
420	return self::message($msg,$timestamp,$div,$echo,"success");
421	}
422
423	public static function warning($msg,$timestamp=true,$div=false,$echo=true)
424	{
425	return self::message($msg,$timestamp,$div,$echo,"warning-msg");
426	}
427
428	private static function debugInfo()
429	{
430	$global_vars = implode(', ',array_keys($GLOBALS));
431
432	$res =
433	'<div id="debug"><div>'.
434	'<p>memory usage: '.memory_get_usage().' ('.files::size(memory_get_usage()).')</p>';
435
436	if (function_exists('xdebug_get_profiler_filename'))
437	{
438	$res .= '<p>Elapsed time: '.xdebug_time_index().' seconds</p>';
439
440	$prof_file = xdebug_get_profiler_filename();
441	if ($prof_file) {
442	$res .= '<p>Profiler file : '.xdebug_get_profiler_filename().'</p>';
443	} else {
444	$prof_url = http::getSelfURI();
445	$prof_url .= (strpos($prof_url,'?') === false) ? '?' : '&';
446	$prof_url .= 'XDEBUG_PROFILE';
447	$res .= '<p><a href="'.html::escapeURL($prof_url).'">Trigger profiler</a></p>';
448	}
449
450	/* xdebug configuration:
451	zend_extension = /.../xdebug.so
452	xdebug.auto_trace = On
453	xdebug.trace_format = 0
454	xdebug.trace_options = 1
455	xdebug.show_mem_delta = On
456	xdebug.profiler_enable = 0
457	xdebug.profiler_enable_trigger = 1
458	xdebug.profiler_output_dir = /tmp
459	xdebug.profiler_append = 0
460	xdebug.profiler_output_name = timestamp
461	*/
462	}
463
464	$res .=
465	'<p>Global vars: '.$global_vars.'</p>'.
466	'</div></div>';
467
468	return $res;
469	}
470
471	public static function help($page,$index='')
472	{
473	# Deprecated but we keep this for plugins.
474	}
475
476	public static function helpBlock()
477	{
478	global $core;
479	$args = func_get_args();
480
481	$args = new ArrayObject($args);
482
483	# --BEHAVIOR-- adminPageHelpBlock
484	$GLOBALS['core']->callBehavior('adminPageHelpBlock',$args);
485
486	if (empty($args)) {
487	return;
488	};
489
490	global $__resources;
491	if (empty($__resources['help'])) {
492	return;
493	}
494
495	$content = '';
496	foreach ($args as $v)
497	{
498	if (is_object($v) && isset($v->content)) {
499	$content .= $v->content;
500	continue;
501	}
502
503	if (!isset($__resources['help'][$v])) {
504	continue;
505	}
506	$f = $__resources['help'][$v];
507	if (!file_exists($f) \|\| !is_readable($f)) {
508	continue;
509	}
510
511	$fc = file_get_contents($f);
512	if (preg_match('\|<body[^>]?>(.?)</body>\|ms',$fc,$matches)) {
513	$content .= $matches[1];
514	} else {
515	$content .= $fc;
516	}
517	}
518
519	if (trim($content) == '') {
520	return;
521	}
522
523	// Set contextual help global flag
524	$GLOBALS['__resources']['ctxhelp'] = true;
525
526	echo
527	'<div id="help"><hr /><div class="help-content clear"><h3>'.__('Help about this page').'</h3>'.
528	$content.
529	'</div>'.
530	'<div id="helplink"><hr />'.
531	'<p>'.
532	sprintf(__('See also %s'),sprintf('<a href="'.$core->adminurl->get("admin.help").'">%s</a>',__('the global help'))).
533	'.</p>'.
534	'</div></div>';
535	}
536
537	public static function jsLoad($src)
538	{
539	$escaped_src = html::escapeHTML($src);
540	if (!isset(self::$loaded_js[$escaped_src])) {
541	self::$loaded_js[$escaped_src]=true;
542	return '<script type="text/javascript" src="'.$escaped_src.'"></script>'."\n";
543	}
544	}
545
546	public static function jsVar($n,$v)
547	{
548	return $n." = '".html::escapeJS($v)."';\n";
549	}
550
551	public static function jsToggles()
552	{
553	if($GLOBALS['core']->auth->user_prefs->toggles) {
554	$unfolded_sections = explode(',',$GLOBALS['core']->auth->user_prefs->toggles->unfolded_sections);
555	foreach ($unfolded_sections as $k=>&$v) {
556	if ($v == '') {
557	unset($unfolded_sections[$k]);
558	} else {
559	$v = "'".html::escapeJS($v)."':true";
560	}
561	}
562	} else {
563	$unfolded_sections=array();
564	}
565	return '<script type="text/javascript">'."\n".
566	"//<![CDATA[\n".
567	'dotclear.unfolded_sections = {'.join(",",$unfolded_sections)."};\n".
568	"\n//]]>\n".
569	"</script>\n";
570	}
571
572	public static function jsCommon()
573	{
574	$mute_or_no = '';
575	if (empty($GLOBALS['core']->blog) \|\| $GLOBALS['core']->blog->settings->system->jquery_migrate_mute) {
576	$mute_or_no .=
577	'<script type="text/javascript">'."\n".
578	"//<![CDATA[\n".
579	'jQuery.migrateMute = true;'.
580	"\n//]]>\n".
581	"</script>\n";
582	}
583
584	return
585	self::jsLoad('js/jquery/jquery.js').
586	$mute_or_no.
587	self::jsLoad('js/jquery/jquery-migrate-1.2.1.js').
588	self::jsLoad('js/jquery/jquery.biscuit.js').
589	self::jsLoad('js/jquery/jquery.bgFade.js').
590	self::jsLoad('js/common.js').
591	self::jsLoad('js/prelude.js').
592
593	'<script type="text/javascript">'."\n".
594	"//<![CDATA[\n".
595	'jsToolBar = {}, jsToolBar.prototype = { elements : {} };'."\n".
596	self::jsVar('dotclear.nonce',$GLOBALS['core']->getNonce()).
597	self::jsVar('dotclear.img_plus_src','images/expand.png').
598	self::jsVar('dotclear.img_plus_alt',__('uncover')).
599	self::jsVar('dotclear.img_minus_src','images/hide.png').
600	self::jsVar('dotclear.img_minus_alt',__('hide')).
601	self::jsVar('dotclear.img_menu_on','images/menu_on.png').
602	self::jsVar('dotclear.img_menu_off','images/menu_off.png').
603
604	self::jsVar('dotclear.img_plus_theme_src','images/plus-theme.png').
605	self::jsVar('dotclear.img_plus_theme_alt',__('uncover')).
606	self::jsVar('dotclear.img_minus_theme_src','images/minus-theme.png').
607	self::jsVar('dotclear.img_minus_theme_alt',__('hide')).
608
609	self::jsVar('dotclear.msg.help',
610	__('Need help?')).
611	self::jsVar('dotclear.msg.new_window',
612	__('new window')).
613	self::jsVar('dotclear.msg.help_hide',
614	__('Hide')).
615	self::jsVar('dotclear.msg.to_select',
616	__('Select:')).
617	self::jsVar('dotclear.msg.no_selection',
618	__('no selection')).
619	self::jsVar('dotclear.msg.select_all',
620	__('select all')).
621	self::jsVar('dotclear.msg.invert_sel',
622	__('Invert selection')).
623	self::jsVar('dotclear.msg.website',
624	__('Web site:')).
625	self::jsVar('dotclear.msg.email',
626	__('Email:')).
627	self::jsVar('dotclear.msg.ip_address',
628	__('IP address:')).
629	self::jsVar('dotclear.msg.error',
630	__('Error:')).
631	self::jsVar('dotclear.msg.entry_created',
632	__('Entry has been successfully created.')).
633	self::jsVar('dotclear.msg.edit_entry',
634	__('Edit entry')).
635	self::jsVar('dotclear.msg.view_entry',
636	__('view entry')).
637	self::jsVar('dotclear.msg.confirm_delete_posts',
638	__("Are you sure you want to delete selected entries (%s)?")).
639	self::jsVar('dotclear.msg.confirm_delete_medias',
640	__("Are you sure you want to delete selected medias (%d)?")).
641	self::jsVar('dotclear.msg.confirm_delete_categories',
642	__("Are you sure you want to delete selected categories (%s)?")).
643	self::jsVar('dotclear.msg.confirm_delete_post',
644	__("Are you sure you want to delete this entry?")).
645	self::jsVar('dotclear.msg.click_to_unlock',
646	__("Click here to unlock the field")).
647	self::jsVar('dotclear.msg.confirm_spam_delete',
648	__('Are you sure you want to delete all spams?')).
649	self::jsVar('dotclear.msg.confirm_delete_comments',
650	__('Are you sure you want to delete selected comments (%s)?')).
651	self::jsVar('dotclear.msg.confirm_delete_comment',
652	__('Are you sure you want to delete this comment?')).
653	self::jsVar('dotclear.msg.cannot_delete_users',
654	__('Users with posts cannot be deleted.')).
655	self::jsVar('dotclear.msg.confirm_delete_user',
656	__('Are you sure you want to delete selected users (%s)?')).
657	self::jsVar('dotclear.msg.confirm_delete_category',
658	__('Are you sure you want to delete category "%s"?')).
659	self::jsVar('dotclear.msg.confirm_reorder_categories',
660	__('Are you sure you want to reorder all categories?')).
661	self::jsVar('dotclear.msg.confirm_delete_media',
662	__('Are you sure you want to remove media "%s"?')).
663	self::jsVar('dotclear.msg.confirm_delete_directory',
664	__('Are you sure you want to remove directory "%s"?')).
665	self::jsVar('dotclear.msg.confirm_extract_current',
666	__('Are you sure you want to extract archive in current directory?')).
667	self::jsVar('dotclear.msg.confirm_remove_attachment',
668	__('Are you sure you want to remove attachment "%s"?')).
669	self::jsVar('dotclear.msg.confirm_delete_lang',
670	__('Are you sure you want to delete "%s" language?')).
671	self::jsVar('dotclear.msg.confirm_delete_plugin',
672	__('Are you sure you want to delete "%s" plugin?')).
673	self::jsVar('dotclear.msg.confirm_delete_plugins',
674	__('Are you sure you want to delete selected plugins?')).
675	self::jsVar('dotclear.msg.use_this_theme',
676	__('Use this theme')).
677	self::jsVar('dotclear.msg.remove_this_theme',
678	__('Remove this theme')).
679	self::jsVar('dotclear.msg.confirm_delete_theme',
680	__('Are you sure you want to delete "%s" theme?')).
681	self::jsVar('dotclear.msg.confirm_delete_themes',
682	__('Are you sure you want to delete selected themes?')).
683	self::jsVar('dotclear.msg.confirm_delete_backup',
684	__('Are you sure you want to delete this backup?')).
685	self::jsVar('dotclear.msg.confirm_revert_backup',
686	__('Are you sure you want to revert to this backup?')).
687	self::jsVar('dotclear.msg.zip_file_content',
688	__('Zip file content')).
689	self::jsVar('dotclear.msg.xhtml_validator',
690	__('XHTML markup validator')).
691	self::jsVar('dotclear.msg.xhtml_valid',
692	__('XHTML content is valid.')).
693	self::jsVar('dotclear.msg.xhtml_not_valid',
694	__('There are XHTML markup errors.')).
695	self::jsVar('dotclear.msg.warning_validate_no_save_content',
696	__('Attention: an audit of a content not yet registered.')).
697	self::jsVar('dotclear.msg.confirm_change_post_format',
698	__('You have unsaved changes. Switch post format will loose these changes. Proceed anyway?')).
699	self::jsVar('dotclear.msg.confirm_change_post_format_noconvert',
700	__("Warning: post format change will not convert existing content. You will need to apply new format by yourself. Proceed anyway?")).
701	self::jsVar('dotclear.msg.load_enhanced_uploader',
702	__('Loading enhanced uploader, please wait.')).
703
704	self::jsVar('dotclear.msg.module_author',
705	__('Author:')).
706	self::jsVar('dotclear.msg.module_details',
707	__('Details')).
708	self::jsVar('dotclear.msg.module_support',
709	__('Support')).
710	self::jsVar('dotclear.msg.module_help',
711	__('Help:')).
712	self::jsVar('dotclear.msg.module_section',
713	__('Section:')).
714	self::jsVar('dotclear.msg.module_tags',
715	__('Tags:')).
716	"\n//]]>\n".
717	"</script>\n";
718	}
719
720	public static function jsLoadIE7()
721	{
722	return
723	'<!--[if lt IE 9]>'."\n".
724	self::jsLoad('js/ie7/IE9.js').
725	'<link rel="stylesheet" type="text/css" href="style/iesucks.css" />'."\n".
726	'<![endif]-->'."\n";
727	}
728
729	public static function jsConfirmClose()
730	{
731	$args = func_get_args();
732	if (count($args) > 0) {
733	foreach ($args as $k => $v) {
734	$args[$k] = "'".html::escapeJS($v)."'";
735	}
736	$args = implode(',',$args);
737	} else {
738	$args = '';
739	}
740
741	return
742	self::jsLoad('js/confirm-close.js').
743	'<script type="text/javascript">'."\n".
744	"//<![CDATA[\n".
745	"confirmClosePage = new confirmClose(".$args."); ".
746	"confirmClose.prototype.prompt = '".html::escapeJS(__('You have unsaved changes.'))."'; ".
747	"\n//]]>\n".
748	"</script>\n";
749	}
750
751	public static function jsPageTabs($default=null)
752	{
753	if ($default) {
754	$default = "'".html::escapeJS($default)."'";
755	}
756
757	return
758	self::jsLoad('js/jquery/jquery.pageTabs.js').
759	'<script type="text/javascript">'."\n".
760	"//<![CDATA[\n".
761	'$(function() {'."\n".
762	'$.pageTabs('.$default.');'."\n".
763	'});'.
764	"\n//]]>\n".
765	"</script>\n".
766	'<!--[if lt IE 8]>'."\n".
767	self::jsLoad('js/ie7/ie7-hashchange.js').
768	'<script type="text/javascript">'."\n".
769	"//<![CDATA[\n".
770	'$(window).hashchange();'.
771	"\n//]]>\n".
772	"</script>\n".
773	'<![endif]-->'."\n";
774	}
775
776	public static function jsModal()
777	{
778	return
779	'<link rel="stylesheet" type="text/css" href="style/modal/modal.css" />'."\n".
780	self::jsLoad('js/jquery/jquery.modal.js').
781	'<script type="text/javascript">'."\n".
782	"//<![CDATA[\n".
783	self::jsVar('$.modal.prototype.params.loader_img','style/modal/loader.gif').
784	self::jsVar('$.modal.prototype.params.close_img','style/modal/close.png').
785	"\n//]]>\n".
786	"</script>\n";
787	}
788
789	public static function jsColorPicker()
790	{
791	return
792	'<link rel="stylesheet" type="text/css" href="style/farbtastic/farbtastic.css" />'."\n".
793	self::jsLoad('js/jquery/jquery.farbtastic.js').
794	self::jsLoad('js/color-picker.js');
795	}
796
797	public static function jsDatePicker()
798	{
799	return
800	'<link rel="stylesheet" type="text/css" href="style/date-picker.css" />'."\n".
801	self::jsLoad('js/date-picker.js').
802	'<script type="text/javascript">'."\n".
803	"//<![CDATA[\n".
804
805	"datePicker.prototype.months[0] = '".html::escapeJS(__('January'))."'; ".
806	"datePicker.prototype.months[1] = '".html::escapeJS(__('February'))."'; ".
807	"datePicker.prototype.months[2] = '".html::escapeJS(__('March'))."'; ".
808	"datePicker.prototype.months[3] = '".html::escapeJS(__('April'))."'; ".
809	"datePicker.prototype.months[4] = '".html::escapeJS(__('May'))."'; ".
810	"datePicker.prototype.months[5] = '".html::escapeJS(__('June'))."'; ".
811	"datePicker.prototype.months[6] = '".html::escapeJS(__('July'))."'; ".
812	"datePicker.prototype.months[7] = '".html::escapeJS(__('August'))."'; ".
813	"datePicker.prototype.months[8] = '".html::escapeJS(__('September'))."'; ".
814	"datePicker.prototype.months[9] = '".html::escapeJS(__('October'))."'; ".
815	"datePicker.prototype.months[10] = '".html::escapeJS(__('November'))."'; ".
816	"datePicker.prototype.months[11] = '".html::escapeJS(__('December'))."'; ".
817
818	"datePicker.prototype.days[0] = '".html::escapeJS(__('Monday'))."'; ".
819	"datePicker.prototype.days[1] = '".html::escapeJS(__('Tuesday'))."'; ".
820	"datePicker.prototype.days[2] = '".html::escapeJS(__('Wednesday'))."'; ".
821	"datePicker.prototype.days[3] = '".html::escapeJS(__('Thursday'))."'; ".
822	"datePicker.prototype.days[4] = '".html::escapeJS(__('Friday'))."'; ".
823	"datePicker.prototype.days[5] = '".html::escapeJS(__('Saturday'))."'; ".
824	"datePicker.prototype.days[6] = '".html::escapeJS(__('Sunday'))."'; ".
825
826	"datePicker.prototype.img_src = 'images/date-picker.png'; ".
827	"datePicker.prototype.img_alt = '".html::escapeJS(__('Choose date'))."'; ".
828
829	"datePicker.prototype.close_msg = '".html::escapeJS(__('close'))."'; ".
830	"datePicker.prototype.now_msg = '".html::escapeJS(__('now'))."'; ".
831
832	"\n//]]>\n".
833	"</script>\n";
834	}
835
836
837	public static function jsToolBar()
838	{
839	# Deprecated but we keep this for plugins.
840	}
841
842	public static function jsUpload($params=array(),$base_url=null)
843	{
844	if (!$base_url) {
845	$base_url = path::clean(dirname(preg_replace('/(\?.*$)?/','',$_SERVER['REQUEST_URI']))).'/';
846	}
847
848	$params = array_merge($params,array(
849	'sess_id='.session_id(),
850	'sess_uid='.$_SESSION['sess_browser_uid'],
851	'xd_check='.$GLOBALS['core']->getNonce()
852	));
853
854	return
855	'<script type="text/javascript">'."\n".
856	"//<![CDATA[\n".
857	"dotclear.jsUpload = {};\n".
858	"dotclear.jsUpload.msg = {};\n".
859	self::jsVar('dotclear.msg.enhanced_uploader_activate',__('Temporarily activate enhanced uploader')).
860	self::jsVar('dotclear.msg.enhanced_uploader_disable',__('Temporarily disable enhanced uploader')).
861	self::jsVar('dotclear.jsUpload.msg.limit_exceeded',__('Limit exceeded.')).
862	self::jsVar('dotclear.jsUpload.msg.size_limit_exceeded',__('File size exceeds allowed limit.')).
863	self::jsVar('dotclear.jsUpload.msg.canceled',__('Canceled.')).
864	self::jsVar('dotclear.jsUpload.msg.http_error',__('HTTP Error:')).
865	self::jsVar('dotclear.jsUpload.msg.error',__('Error:')).
866	self::jsVar('dotclear.jsUpload.msg.choose_file',__('Choose file')).
867	self::jsVar('dotclear.jsUpload.msg.choose_files',__('Choose files')).
868	self::jsVar('dotclear.jsUpload.msg.cancel',__('Cancel')).
869	self::jsVar('dotclear.jsUpload.msg.clean',__('Clean')).
870	self::jsVar('dotclear.jsUpload.msg.upload',__('Upload')).
871	self::jsVar('dotclear.jsUpload.msg.send',__('Send')).
872	self::jsVar('dotclear.jsUpload.msg.file_successfully_uploaded',__('File successfully uploaded.')).
873	self::jsVar('dotclear.jsUpload.msg.no_file_in_queue',__('No file in queue.')).
874	self::jsVar('dotclear.jsUpload.msg.file_in_queue',__('1 file in queue.')).
875	self::jsVar('dotclear.jsUpload.msg.files_in_queue',__('%d files in queue.')).
876	self::jsVar('dotclear.jsUpload.msg.queue_error',__('Queue error:')).
877	self::jsVar('dotclear.jsUpload.base_url',$base_url).
878	"\n//]]>\n".
879	"</script>\n".
880
881	self::jsLoad('js/jsUpload/vendor/jquery.ui.widget.js').
882	self::jsLoad('js/jsUpload/tmpl.js').
883	self::jsLoad('js/jsUpload/template-upload.js').
884	self::jsLoad('js/jsUpload/template-download.js').
885	self::jsLoad('js/jsUpload/load-image.js').
886	self::jsLoad('js/jsUpload/jquery.iframe-transport.js').
887	self::jsLoad('js/jsUpload/jquery.fileupload.js').
888	self::jsLoad('js/jsUpload/jquery.fileupload-process.js').
889	self::jsLoad('js/jsUpload/jquery.fileupload-resize.js').
890	self::jsLoad('js/jsUpload/jquery.fileupload-ui.js');
891	}
892
893	public static function jsToolMan()
894	{
895	return
896	'<script type="text/javascript" src="js/tool-man/core.js"></script>'.
897	'<script type="text/javascript" src="js/tool-man/events.js"></script>'.
898	'<script type="text/javascript" src="js/tool-man/css.js"></script>'.
899	'<script type="text/javascript" src="js/tool-man/coordinates.js"></script>'.
900	'<script type="text/javascript" src="js/tool-man/drag.js"></script>'.
901	'<script type="text/javascript" src="js/tool-man/dragsort.js"></script>'.
902	'<script type="text/javascript" src="js/dragsort-tablerows.js"></script>';
903	}
904
905	public static function jsMetaEditor()
906	{
907	return
908	'<script type="text/javascript" src="js/meta-editor.js"></script>';
909	}
910	}

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/admin/lib.dc.page.php @ 2792:08fe3c330258

Download in other formats:

Sites map