lib.dc.page.php @ 3279:0fc10be22e4c

Visit:

Revision 3279:0fc10be22e4c, 33.0 KB checked in by franck <carnet.franck.paul@…>, 9 years ago (diff)
Add adminPageHTTPHeaders behavior : give third party code opportunity to modify, add or reset some HTTP headers

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12	if (!defined('DC_RC_PATH')) { return; }
13
14	define('DC_AUTH_PAGE','auth.php');
15
16	class dcPage
17	{
18	private static $loaded_js = array();
19	private static $loaded_css = array();
20	private static $xframe_loaded = false;
21	private static $N_TYPES = array(
22	"success" => "success",
23	"warning" => "warning-msg",
24	"error" => "error",
25	"message" => "message",
26	"static" => "static-msg");
27
28	# Auth check
29	public static function check($permissions)
30	{
31	global $core;
32
33	if ($core->blog && $core->auth->check($permissions,$core->blog->id)) {
34	return;
35	}
36
37	if (session_id()) {
38	$core->session->destroy();
39	}
40	http::redirect(DC_AUTH_PAGE);
41	}
42
43	# Check super admin
44	public static function checkSuper()
45	{
46	global $core;
47
48	if (!$core->auth->isSuperAdmin())
49	{
50	if (session_id()) {
51	$core->session->destroy();
52	}
53	http::redirect(DC_AUTH_PAGE);
54	}
55	}
56
57	# Top of admin page
58	public static function open($title='',$head='',$breadcrumb='',$options=array())
59	{
60	global $core;
61
62	# List of user's blogs
63	if ($core->auth->getBlogCount() == 1 \|\| $core->auth->getBlogCount() > 20)
64	{
65	$blog_box =
66	'<p>'.__('Blog:').' <strong title="'.html::escapeHTML($core->blog->url).'">'.
67	html::escapeHTML($core->blog->name).'</strong>';
68
69	if ($core->auth->getBlogCount() > 20) {
70	$blog_box .= ' - <a href="'.$core->adminurl->get("admin.blogs").'">'.__('Change blog').'</a>';
71	}
72	$blog_box .= '</p>';
73	}
74	else
75	{
76	$rs_blogs = $core->getBlogs(array('order'=>'LOWER(blog_name)','limit'=>20));
77	$blogs = array();
78	while ($rs_blogs->fetch()) {
79	$blogs[html::escapeHTML($rs_blogs->blog_name.' - '.$rs_blogs->blog_url)] = $rs_blogs->blog_id;
80	}
81	$blog_box =
82	'<p><label for="switchblog" class="classic">'.
83	__('Blogs:').'</label> '.
84	$core->formNonce().
85	form::combo('switchblog',$blogs,$core->blog->id).
86	'<input type="submit" value="'.__('ok').'" class="hidden-if-js" /></p>';
87	}
88
89	$safe_mode = isset($_SESSION['sess_safe_mode']) && $_SESSION['sess_safe_mode'];
90
91	# Display
92	$headers = new arrayobject(array());
93
94	# Content-Type
95	$headers['content-type'] = 'Content-Type: text/html; charset=UTF-8';
96
97	# Prevents Clickjacking as far as possible
98	if (isset($options['x-frame-allow'])) {
99	self::setXFrameOptions($headers,$options['x-frame-allow']);
100	} else {
101	self::setXFrameOptions($headers);
102	}
103
104	# Content-Security-Policy (report only up to now)
105	$headers['csp'] =
106	"Content-Security-Policy: ".
107	"default-src 'self' ; ".
108	"script-src 'self' 'unsafe-inline' 'unsafe-eval' ; ".
109	"style-src 'self' 'unsafe-inline' ; ".
110	"img-src 'self' data: media.dotaddict.org".
111	(version_compare(phpversion(),'5.4','>=') ? " ; report-uri ".DC_ADMIN_URL."csp_report.php" : '');
112
113	# --BEHAVIOR-- adminPageHTTPHeaders
114	$core->callBehavior('adminPageHTTPHeaders',$headers);
115	foreach ($headers as $key => $value) {
116	header($value);
117	}
118
119	echo
120	'<!DOCTYPE html>'.
121	'<html lang="'.$core->auth->getInfo('user_lang').'">'."\n".
122	"<head>\n".
123	' <meta charset="UTF-8" />'."\n".
124	' <meta name="ROBOTS" content="NOARCHIVE,NOINDEX,NOFOLLOW" />'."\n".
125	' <meta name="GOOGLEBOT" content="NOSNIPPET" />'."\n".
126	' <meta name="viewport" content="width=device-width, initial-scale=1.0" />'."\n".
127	' <title>'.$title.' - '.html::escapeHTML($core->blog->name).' - '.html::escapeHTML(DC_VENDOR_NAME).' - '.DC_VERSION.'</title>'."\n".
128
129
130	self::jsLoadIE7().
131	self::cssLoad('style/default.css');
132	if (l10n::getTextDirection($GLOBALS['_lang']) == 'rtl') {
133	echo self::cssLoad('style/default-rtl.css');
134	}
135
136	$core->auth->user_prefs->addWorkspace('interface');
137	$user_ui_hide_std_favicon = $core->auth->user_prefs->interface->hide_std_favicon;
138	if (!$user_ui_hide_std_favicon) {
139	echo
140	'<link rel="icon" type="image/png" href="images/favicon96-login.png" />'."\n".
141	'<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon" />'."\n";
142	}
143	echo
144	self::jsCommon().
145	self::jsToggles().
146	$head;
147
148	# --BEHAVIOR-- adminPageHTMLHead
149	$core->callBehavior('adminPageHTMLHead');
150
151	echo
152	"</head>\n".
153	'<body id="dotclear-admin'.
154	($safe_mode ? ' safe-mode' : '').'" class="no-js">'."\n".
155
156	'<ul id="prelude">'.
157	'<li><a href="#content">'.__('Go to the content').'</a></li>'.
158	'<li><a href="#main-menu">'.__('Go to the menu').'</a></li>'.
159	'<li><a href="#qx">'.__('Go to search').'</a></li>'.
160	'<li><a href="#help">'.__('Go to help').'</a></li>'.
161	'</ul>'."\n".
162	'<div id="header" role="banner">'.
163	'<h1><a href="'.$core->adminurl->get("admin.home").'"><span class="hidden">'.DC_VENDOR_NAME.'</span></a></h1>'."\n";
164
165	echo
166	'<form action="'.$core->adminurl->get("admin.home").'" method="post" id="top-info-blog">'.
167	$blog_box.
168	'<p><a href="'.$core->blog->url.'" class="outgoing" title="'.__('Go to site').
169	'">'.__('Go to site').'<img src="images/outgoing.png" alt="" /></a>'.
170	'</p></form>'.
171	'<ul id="top-info-user">'.
172	'<li><a class="'.(preg_match('/'.preg_quote($core->adminurl->get('admin.home')).'$/',$_SERVER['REQUEST_URI']) ? ' active' : '').'" href="'.$core->adminurl->get("admin.home").'">'.__('My dashboard').'</a></li>'.
173	'<li><a class="smallscreen'.(preg_match('/'.preg_quote($core->adminurl->get('admin.user.preferences')).'(\?.*)?$/',$_SERVER['REQUEST_URI']) ? ' active' : '').
174	'" href="'.$core->adminurl->get("admin.user.preferences").'">'.__('My preferences').'</a></li>'.
175	'<li><a href="'.$core->adminurl->get("admin.home",array('logout' => 1)).'" class="logout"><span class="nomobile">'.sprintf(__('Logout %s'),$core->auth->userID()).
176	'</span><img src="images/logout.png" alt="" /></a></li>'.
177	'</ul>'.
178	'</div>'; // end header
179
180	echo
181	'<div id="wrapper" class="clearfix">'."\n".
182	'<div class="hidden-if-no-js collapser-box"><a href="#" id="collapser">'.
183	'<img class="collapse-mm" src="images/collapser-hide.png" alt="'.__('Hide main menu').'" />'.
184	'<img class="expand-mm" src="images/collapser-show.png" alt="'.__('Show main menu').'" />'.
185	'</a></div>'.
186	'<div id="main" role="main">'."\n".
187	'<div id="content" class="clearfix">'."\n";
188
189	# Safe mode
190	if ($safe_mode)
191	{
192	echo
193	'<div class="warning" role="alert"><h3>'.__('Safe mode').'</h3>'.
194	'<p>'.__('You are in safe mode. All plugins have been temporarily disabled. Remind to log out then log in again normally to get back all functionalities').'</p>'.
195	'</div>';
196	}
197
198	// Display breadcrumb (if given) before any error messages
199	echo $breadcrumb;
200
201	// Display notices and errors
202	echo self::notices();
203	}
204
205	public static function notices()
206	{
207	global $core;
208	static $error_displayed = false;
209	$res = '';
210
211	// return error messages if any
212	if ($core->error->flag() && !$error_displayed) {
213	$res .= '<div class="error"><p><strong>'.(count($core->error->getErrors()) > 1 ? __('Errors:') : __('Error:')).'</strong></p>'.
214	$core->error->toHTML().
215	'</div>';
216	$error_displayed = true;
217	}
218
219	// return notices if any
220	if (isset($_SESSION['notifications'])) {
221	foreach ($_SESSION['notifications'] as $notification) {
222	$res .= self::getNotification($notification);
223	}
224	unset($_SESSION['notifications']);
225	}
226	return $res;
227	}
228
229	public static function addNotice($type,$message,$options=array())
230	{
231	if (isset(self::$N_TYPES[$type])){
232	$class = self::$N_TYPES[$type];
233	} else {
234	$class=$type;
235	}
236	if (isset($_SESSION['notifications']) && is_array($_SESSION['notifications'])) {
237	$notifications = $_SESSION['notifications'];
238	} else {
239	$notifications = array();
240	}
241
242	$n = array_merge($options,array('class' => $class,'ts' => time(), 'text' => $message));
243	if ($type != "static") {
244	$notifications[] = $n;
245	} else {
246	array_unshift($notifications, $n);
247	}
248	$_SESSION['notifications'] = $notifications;
249	}
250
251	public static function addSuccessNotice($message,$options=array())
252	{
253	self::addNotice("success",$message,$options);
254	}
255
256	public static function addWarningNotice($message,$options=array())
257	{
258	self::addNotice("warning",$message,$options);
259	}
260
261	public static function addErrorNotice($message,$options=array())
262	{
263	self::addNotice("error",$message,$options);
264	}
265
266	protected static function getNotification($n)
267	{
268	global $core;
269	$tag = (isset($n['divtag'])&& $n['divtag'])?'div':'p';
270	$ts = '';
271	if (!isset($n['with_ts']) \|\| ($n['with_ts'] == true)) {
272	$ts = dt::str(__('[%H:%M:%S]'),$n['ts'],$core->auth->getInfo('user_tz')).' ';
273	}
274	$res = '<'.$tag.' class="'.$n['class'].'" role="alert">'.$ts.$n['text'].'</'.$tag.'>';
275	return $res;
276	}
277
278	public static function close()
279	{
280	global $core;
281
282	if (!$GLOBALS['__resources']['ctxhelp']) {
283	echo
284	'<p id="help-button"><a href="'.$core->adminurl->get("admin.help").'" class="outgoing" title="'.
285	__('Global help').'">'.__('Global help').'</a></p>';
286	}
287
288	$menu =& $GLOBALS['_menu'];
289
290	echo
291	"</div>\n". // End of #content
292	"</div>\n". // End of #main
293
294	'<div id="main-menu" role="navigation">'."\n".
295
296	'<form id="search-menu" action="'.$core->adminurl->get("admin.search").'" method="get" role="search">'.
297	'<p><label for="qx" class="hidden">'.__('Search:').' </label>'.form::field('qx',30,255,'').
298	'<input type="submit" value="'.__('OK').'" /></p>'.
299	'</form>';
300
301	foreach ($menu as $k => $v) {
302	echo $menu[$k]->draw();
303	}
304
305	$text = sprintf(__('Thank you for using %s.'),'Dotclear '.DC_VERSION);
306
307	# --BEHAVIOR-- adminPageFooter
308	$textAlt = $core->callBehavior('adminPageFooter',$core,$text);
309	if ($textAlt != '') {
310	$text = $textAlt;
311	}
312	$text = html::escapeHTML($text);
313
314	echo
315	'</div>'."\n". // End of #main-menu
316	"</div>\n"; // End of #wrapper
317
318	$figure = "
319	/\_/\
320	(='.'=)
321	(\")-(\")
322	";
323
324	echo
325	'<div id="footer" role="contentinfo">'.
326	'<a href="http://dotclear.org/" title="'.$text.'">'.
327	'<img src="style/dc_logos/w-dotclear90.png" alt="'.$text.'" /></a></div>'."\n".
328	"<!-- "."\n".
329	$figure.
330	" -->"."\n";
331
332	if (defined('DC_DEV') && DC_DEV === true) {
333	echo self::debugInfo();
334	}
335
336	echo
337	'</body></html>';
338	}
339
340	public static function openPopup($title='',$head='',$breadcrumb='')
341	{
342	global $core;
343
344	# Display
345	header('Content-Type: text/html; charset=UTF-8');
346
347	// Prevents Clickjacking as far as possible
348	header('X-Frame-Options: SAMEORIGIN'); // FF 3.6.9+ Chrome 4.1+ IE 8+ Safari 4+ Opera 10.5+
349
350	echo
351	'<!DOCTYPE html>'.
352	'<html lang="'.$core->auth->getInfo('user_lang').'">'."\n".
353	"<head>\n".
354	' <meta charset="UTF-8" />'."\n".
355	' <meta name="viewport" content="width=device-width, initial-scale=1.0" />'."\n".
356	' <title>'.$title.' - '.html::escapeHTML($core->blog->name).' - '.html::escapeHTML(DC_VENDOR_NAME).' - '.DC_VERSION.'</title>'."\n".
357
358	' <meta name="ROBOTS" content="NOARCHIVE,NOINDEX,NOFOLLOW" />'."\n".
359	' <meta name="GOOGLEBOT" content="NOSNIPPET" />'."\n".
360
361	self::jsLoadIE7().
362	self::cssLoad('style/default.css');
363	if (l10n::getTextDirection($GLOBALS['_lang']) == 'rtl') {
364	echo self::cssLoad('style/default-rtl.css');
365	}
366
367	echo
368	self::jsCommon().
369	self::jsToggles().
370	$head;
371
372	# --BEHAVIOR-- adminPageHTMLHead
373	$core->callBehavior('adminPageHTMLHead');
374
375	echo
376	"</head>\n".
377	'<body id="dotclear-admin" class="popup">'."\n".
378
379	'<h1>'.DC_VENDOR_NAME.'</h1>'."\n";
380
381	echo
382	'<div id="wrapper">'."\n".
383	'<div id="main" role="main">'."\n".
384	'<div id="content">'."\n";
385
386	// display breadcrumb if given
387	echo $breadcrumb;
388
389	// Display notices and errors
390	echo self::notices();
391	}
392
393	public static function closePopup()
394	{
395	echo
396	"</div>\n". // End of #content
397	"</div>\n". // End of #main
398	"</div>\n". // End of #wrapper
399	'<div id="footer" role="contentinfo"><p> </p></div>'."\n".
400	'</body></html>';
401	}
402
403	public static function breadcrumb($elements=null,$options=array())
404	{
405	global $core;
406	$with_home_link = isset($options['home_link'])?$options['home_link']:true;
407	$hl = isset($options['hl'])?$options['hl']:true;
408	$hl_pos = isset($options['hl_pos'])?$options['hl_pos']:-1;
409	// First item of array elements should be blog's name, System or Plugins
410	$res = '<h2>'.($with_home_link ?
411	'<a class="go_home" href="'.$core->adminurl->get("admin.home").'"><img src="style/dashboard.png" alt="'.__('Go to dashboard').'" /></a>' :
412	'<img src="style/dashboard-alt.png" alt="" />');
413	$index = 0;
414	if ($hl_pos < 0) {
415	$hl_pos = count($elements)+$hl_pos;
416	}
417	foreach ($elements as $element => $url) {
418	if ($hl && $index == $hl_pos) {
419	$element = sprintf('<span class="page-title">%s</span>',$element);
420	}
421	$res .= ($with_home_link ? ($index == 1 ? ' : ' : ' &rsaquo; ') : ($index == 0 ? ' ' : ' &rsaquo; ')).
422	($url ? '<a href="'.$url.'">' : '').$element.($url ? '</a>' : '');
423	$index++;
424	}
425	$res .= '</h2>';
426	return $res;
427	}
428
429	public static function message($msg,$timestamp=true,$div=false,$echo=true,$class='message')
430	{
431	global $core;
432
433	$res = '';
434	if ($msg != '') {
435	$res = ($div ? '<div class="'.$class.'">' : '').'<p'.($div ? '' : ' class="'.$class.'"').'>'.
436	($timestamp ? dt::str(__('[%H:%M:%S]'),null,$core->auth->getInfo('user_tz')).' ' : '').$msg.
437	'</p>'.($div ? '</div>' : '');
438	if ($echo) {
439	echo $res;
440	}
441	}
442	return $res;
443	}
444
445	public static function success($msg,$timestamp=true,$div=false,$echo=true)
446	{
447	return self::message($msg,$timestamp,$div,$echo,"success");
448	}
449
450	public static function warning($msg,$timestamp=true,$div=false,$echo=true)
451	{
452	return self::message($msg,$timestamp,$div,$echo,"warning-msg");
453	}
454
455	private static function debugInfo()
456	{
457	$global_vars = implode(', ',array_keys($GLOBALS));
458
459	$res =
460	'<div id="debug"><div>'.
461	'<p>memory usage: '.memory_get_usage().' ('.files::size(memory_get_usage()).')</p>';
462
463	if (function_exists('xdebug_get_profiler_filename'))
464	{
465	$res .= '<p>Elapsed time: '.xdebug_time_index().' seconds</p>';
466
467	$prof_file = xdebug_get_profiler_filename();
468	if ($prof_file) {
469	$res .= '<p>Profiler file : '.xdebug_get_profiler_filename().'</p>';
470	} else {
471	$prof_url = http::getSelfURI();
472	$prof_url .= (strpos($prof_url,'?') === false) ? '?' : '&';
473	$prof_url .= 'XDEBUG_PROFILE';
474	$res .= '<p><a href="'.html::escapeURL($prof_url).'">Trigger profiler</a></p>';
475	}
476
477	/* xdebug configuration:
478	zend_extension = /.../xdebug.so
479	xdebug.auto_trace = On
480	xdebug.trace_format = 0
481	xdebug.trace_options = 1
482	xdebug.show_mem_delta = On
483	xdebug.profiler_enable = 0
484	xdebug.profiler_enable_trigger = 1
485	xdebug.profiler_output_dir = /tmp
486	xdebug.profiler_append = 0
487	xdebug.profiler_output_name = timestamp
488	*/
489	}
490
491	$res .=
492	'<p>Global vars: '.$global_vars.'</p>'.
493	'</div></div>';
494
495	return $res;
496	}
497
498	public static function help($page,$index='')
499	{
500	# Deprecated but we keep this for plugins.
501	}
502
503	public static function helpBlock()
504	{
505	global $core;
506	$args = func_get_args();
507
508	$args = new ArrayObject($args);
509
510	# --BEHAVIOR-- adminPageHelpBlock
511	$GLOBALS['core']->callBehavior('adminPageHelpBlock',$args);
512
513	if (empty($args)) {
514	return;
515	};
516
517	global $__resources;
518	if (empty($__resources['help'])) {
519	return;
520	}
521
522	$content = '';
523	foreach ($args as $v)
524	{
525	if (is_object($v) && isset($v->content)) {
526	$content .= $v->content;
527	continue;
528	}
529
530	if (!isset($__resources['help'][$v])) {
531	continue;
532	}
533	$f = $__resources['help'][$v];
534	if (!file_exists($f) \|\| !is_readable($f)) {
535	continue;
536	}
537
538	$fc = file_get_contents($f);
539	if (preg_match('\|<body[^>]?>(.?)</body>\|ms',$fc,$matches)) {
540	$content .= $matches[1];
541	} else {
542	$content .= $fc;
543	}
544	}
545
546	if (trim($content) == '') {
547	return;
548	}
549
550	// Set contextual help global flag
551	$GLOBALS['__resources']['ctxhelp'] = true;
552
553	echo
554	'<div id="help"><hr /><div class="help-content clear"><h3>'.__('Help about this page').'</h3>'.
555	$content.
556	'</div>'.
557	'<div id="helplink"><hr />'.
558	'<p>'.
559	sprintf(__('See also %s'),sprintf('<a href="'.$core->adminurl->get("admin.help").'">%s</a>',__('the global help'))).
560	'.</p>'.
561	'</div></div>';
562	}
563
564	public static function cssLoad($src,$media='screen',$v='')
565	{
566	$escaped_src = html::escapeHTML($src);
567	if (!isset(self::$loaded_css[$escaped_src])) {
568	self::$loaded_css[$escaped_src] = true;
569	$escaped_src = self::appendVersion($escaped_src,$v);
570
571	return '<link rel="stylesheet" href="'.$escaped_src.'" type="text/css" media="'.$media.'" />'."\n";
572	}
573	}
574
575	public static function jsLoad($src,$v='')
576	{
577	$escaped_src = html::escapeHTML($src);
578	if (!isset(self::$loaded_js[$escaped_src])) {
579	self::$loaded_js[$escaped_src] = true;
580	$escaped_src = self::appendVersion($escaped_src,$v);
581	return '<script type="text/javascript" src="'.$escaped_src.'"></script>'."\n";
582	}
583	}
584
585	private static function appendVersion($src,$v='')
586	{
587	$src .= (strpos($src,'?') === false ? '?' : '&').'v=';
588	if (defined('DC_DEV') && DC_DEV === true) {
589	$src .= md5(uniqid());
590	} else {
591	$src .= ($v === '' ? DC_VERSION : $v);
592	}
593	return $src;
594	}
595
596	public static function jsVar($n,$v)
597	{
598	return $n." = '".html::escapeJS($v)."';\n";
599	}
600
601	public static function jsToggles()
602	{
603	if($GLOBALS['core']->auth->user_prefs->toggles) {
604	$unfolded_sections = explode(',',$GLOBALS['core']->auth->user_prefs->toggles->unfolded_sections);
605	foreach ($unfolded_sections as $k=>&$v) {
606	if ($v == '') {
607	unset($unfolded_sections[$k]);
608	} else {
609	$v = "'".html::escapeJS($v)."':true";
610	}
611	}
612	} else {
613	$unfolded_sections=array();
614	}
615	return '<script type="text/javascript">'."\n".
616	"//<![CDATA[\n".
617	'dotclear.unfolded_sections = {'.join(",",$unfolded_sections)."};\n".
618	"\n//]]>\n".
619	"</script>\n";
620	}
621
622	public static function jsCommon()
623	{
624	$mute_or_no = '';
625	if (empty($GLOBALS['core']->blog) \|\| $GLOBALS['core']->blog->settings->system->jquery_migrate_mute) {
626	$mute_or_no .=
627	'<script type="text/javascript">'."\n".
628	"//<![CDATA[\n".
629	'jQuery.migrateMute = true;'.
630	"\n//]]>\n".
631	"</script>\n";
632	}
633
634	return
635	self::jsLoad('js/jquery/jquery.js').
636	$mute_or_no.
637	self::jsLoad('js/jquery/jquery-migrate.js').
638	self::jsLoad('js/jquery/jquery.biscuit.js').
639	self::jsLoad('js/jquery/jquery.bgFade.js').
640	self::jsLoad('js/common.js').
641	self::jsLoad('js/prelude.js').
642
643	'<script type="text/javascript">'."\n".
644	"//<![CDATA[\n".
645	'jsToolBar = {}, jsToolBar.prototype = { elements : {} };'."\n".
646	self::jsVar('dotclear.nonce',$GLOBALS['core']->getNonce()).
647	self::jsVar('dotclear.img_plus_src','images/expand.png').
648	self::jsVar('dotclear.img_plus_alt',__('uncover')).
649	self::jsVar('dotclear.img_minus_src','images/hide.png').
650	self::jsVar('dotclear.img_minus_alt',__('hide')).
651	self::jsVar('dotclear.img_menu_on','images/menu_on.png').
652	self::jsVar('dotclear.img_menu_off','images/menu_off.png').
653
654	self::jsVar('dotclear.img_plus_theme_src','images/plus-theme.png').
655	self::jsVar('dotclear.img_plus_theme_alt',__('uncover')).
656	self::jsVar('dotclear.img_minus_theme_src','images/minus-theme.png').
657	self::jsVar('dotclear.img_minus_theme_alt',__('hide')).
658
659	self::jsVar('dotclear.msg.help',
660	__('Need help?')).
661	self::jsVar('dotclear.msg.new_window',
662	__('new window')).
663	self::jsVar('dotclear.msg.help_hide',
664	__('Hide')).
665	self::jsVar('dotclear.msg.to_select',
666	__('Select:')).
667	self::jsVar('dotclear.msg.no_selection',
668	__('no selection')).
669	self::jsVar('dotclear.msg.select_all',
670	__('select all')).
671	self::jsVar('dotclear.msg.invert_sel',
672	__('Invert selection')).
673	self::jsVar('dotclear.msg.website',
674	__('Web site:')).
675	self::jsVar('dotclear.msg.email',
676	__('Email:')).
677	self::jsVar('dotclear.msg.ip_address',
678	__('IP address:')).
679	self::jsVar('dotclear.msg.error',
680	__('Error:')).
681	self::jsVar('dotclear.msg.entry_created',
682	__('Entry has been successfully created.')).
683	self::jsVar('dotclear.msg.edit_entry',
684	__('Edit entry')).
685	self::jsVar('dotclear.msg.view_entry',
686	__('view entry')).
687	self::jsVar('dotclear.msg.confirm_delete_posts',
688	__("Are you sure you want to delete selected entries (%s)?")).
689	self::jsVar('dotclear.msg.confirm_delete_medias',
690	__("Are you sure you want to delete selected medias (%d)?")).
691	self::jsVar('dotclear.msg.confirm_delete_categories',
692	__("Are you sure you want to delete selected categories (%s)?")).
693	self::jsVar('dotclear.msg.confirm_delete_post',
694	__("Are you sure you want to delete this entry?")).
695	self::jsVar('dotclear.msg.click_to_unlock',
696	__("Click here to unlock the field")).
697	self::jsVar('dotclear.msg.confirm_spam_delete',
698	__('Are you sure you want to delete all spams?')).
699	self::jsVar('dotclear.msg.confirm_delete_comments',
700	__('Are you sure you want to delete selected comments (%s)?')).
701	self::jsVar('dotclear.msg.confirm_delete_comment',
702	__('Are you sure you want to delete this comment?')).
703	self::jsVar('dotclear.msg.cannot_delete_users',
704	__('Users with posts cannot be deleted.')).
705	self::jsVar('dotclear.msg.confirm_delete_user',
706	__('Are you sure you want to delete selected users (%s)?')).
707	self::jsVar('dotclear.msg.confirm_delete_category',
708	__('Are you sure you want to delete category "%s"?')).
709	self::jsVar('dotclear.msg.confirm_reorder_categories',
710	__('Are you sure you want to reorder all categories?')).
711	self::jsVar('dotclear.msg.confirm_delete_media',
712	__('Are you sure you want to remove media "%s"?')).
713	self::jsVar('dotclear.msg.confirm_delete_directory',
714	__('Are you sure you want to remove directory "%s"?')).
715	self::jsVar('dotclear.msg.confirm_extract_current',
716	__('Are you sure you want to extract archive in current directory?')).
717	self::jsVar('dotclear.msg.confirm_remove_attachment',
718	__('Are you sure you want to remove attachment "%s"?')).
719	self::jsVar('dotclear.msg.confirm_delete_lang',
720	__('Are you sure you want to delete "%s" language?')).
721	self::jsVar('dotclear.msg.confirm_delete_plugin',
722	__('Are you sure you want to delete "%s" plugin?')).
723	self::jsVar('dotclear.msg.confirm_delete_plugins',
724	__('Are you sure you want to delete selected plugins?')).
725	self::jsVar('dotclear.msg.use_this_theme',
726	__('Use this theme')).
727	self::jsVar('dotclear.msg.remove_this_theme',
728	__('Remove this theme')).
729	self::jsVar('dotclear.msg.confirm_delete_theme',
730	__('Are you sure you want to delete "%s" theme?')).
731	self::jsVar('dotclear.msg.confirm_delete_themes',
732	__('Are you sure you want to delete selected themes?')).
733	self::jsVar('dotclear.msg.confirm_delete_backup',
734	__('Are you sure you want to delete this backup?')).
735	self::jsVar('dotclear.msg.confirm_revert_backup',
736	__('Are you sure you want to revert to this backup?')).
737	self::jsVar('dotclear.msg.zip_file_content',
738	__('Zip file content')).
739	self::jsVar('dotclear.msg.xhtml_validator',
740	__('XHTML markup validator')).
741	self::jsVar('dotclear.msg.xhtml_valid',
742	__('XHTML content is valid.')).
743	self::jsVar('dotclear.msg.xhtml_not_valid',
744	__('There are XHTML markup errors.')).
745	self::jsVar('dotclear.msg.warning_validate_no_save_content',
746	__('Attention: an audit of a content not yet registered.')).
747	self::jsVar('dotclear.msg.confirm_change_post_format',
748	__('You have unsaved changes. Switch post format will loose these changes. Proceed anyway?')).
749	self::jsVar('dotclear.msg.confirm_change_post_format_noconvert',
750	__("Warning: post format change will not convert existing content. You will need to apply new format by yourself. Proceed anyway?")).
751	self::jsVar('dotclear.msg.load_enhanced_uploader',
752	__('Loading enhanced uploader, please wait.')).
753
754	self::jsVar('dotclear.msg.module_author',
755	__('Author:')).
756	self::jsVar('dotclear.msg.module_details',
757	__('Details')).
758	self::jsVar('dotclear.msg.module_support',
759	__('Support')).
760	self::jsVar('dotclear.msg.module_help',
761	__('Help:')).
762	self::jsVar('dotclear.msg.module_section',
763	__('Section:')).
764	self::jsVar('dotclear.msg.module_tags',
765	__('Tags:')).
766	"\n//]]>\n".
767	"</script>\n";
768	}
769
770	public static function jsLoadIE7()
771	{
772	return
773	'<!--[if lt IE 9]>'."\n".
774	self::jsLoad('js/ie7/IE9.js').
775	self::cssLoad('style/iesucks.css').
776	'<![endif]-->'."\n";
777	}
778
779	public static function jsConfirmClose()
780	{
781	$args = func_get_args();
782	if (count($args) > 0) {
783	foreach ($args as $k => $v) {
784	$args[$k] = "'".html::escapeJS($v)."'";
785	}
786	$args = implode(',',$args);
787	} else {
788	$args = '';
789	}
790
791	return
792	self::jsLoad('js/confirm-close.js').
793	'<script type="text/javascript">'."\n".
794	"//<![CDATA[\n".
795	"confirmClosePage = new confirmClose(".$args."); ".
796	"confirmClose.prototype.prompt = '".html::escapeJS(__('You have unsaved changes.'))."'; ".
797	"\n//]]>\n".
798	"</script>\n";
799	}
800
801	public static function jsPageTabs($default=null)
802	{
803	if ($default) {
804	$default = "'".html::escapeJS($default)."'";
805	}
806
807	return
808	self::jsLoad('js/jquery/jquery.pageTabs.js').
809	'<script type="text/javascript">'."\n".
810	"//<![CDATA[\n".
811	'$(function() {'."\n".
812	'$.pageTabs('.$default.');'."\n".
813	'});'.
814	"\n//]]>\n".
815	"</script>\n".
816	'<!--[if lt IE 8]>'."\n".
817	self::jsLoad('js/ie7/ie7-hashchange.js').
818	'<script type="text/javascript">'."\n".
819	"//<![CDATA[\n".
820	'$(window).hashchange();'.
821	"\n//]]>\n".
822	"</script>\n".
823	'<![endif]-->'."\n";
824	}
825
826	public static function jsModal()
827	{
828	return
829	self::cssLoad('style/modal/modal.css').
830	self::jsLoad('js/jquery/jquery.modal.js').
831	'<script type="text/javascript">'."\n".
832	"//<![CDATA[\n".
833	self::jsVar('$.modal.prototype.params.loader_img','style/modal/loader.gif').
834	self::jsVar('$.modal.prototype.params.close_img','style/modal/close.png').
835	"\n//]]>\n".
836	"</script>\n";
837	}
838
839	public static function jsColorPicker()
840	{
841	return
842	self::cssLoad('style/farbtastic/farbtastic.css').
843	self::jsLoad('js/jquery/jquery.farbtastic.js').
844	self::jsLoad('js/color-picker.js');
845	}
846
847	public static function jsDatePicker()
848	{
849	return
850	self::cssLoad('style/date-picker.css').
851	self::jsLoad('js/date-picker.js').
852	'<script type="text/javascript">'."\n".
853	"//<![CDATA[\n".
854
855	"datePicker.prototype.months[0] = '".html::escapeJS(__('January'))."'; ".
856	"datePicker.prototype.months[1] = '".html::escapeJS(__('February'))."'; ".
857	"datePicker.prototype.months[2] = '".html::escapeJS(__('March'))."'; ".
858	"datePicker.prototype.months[3] = '".html::escapeJS(__('April'))."'; ".
859	"datePicker.prototype.months[4] = '".html::escapeJS(__('May'))."'; ".
860	"datePicker.prototype.months[5] = '".html::escapeJS(__('June'))."'; ".
861	"datePicker.prototype.months[6] = '".html::escapeJS(__('July'))."'; ".
862	"datePicker.prototype.months[7] = '".html::escapeJS(__('August'))."'; ".
863	"datePicker.prototype.months[8] = '".html::escapeJS(__('September'))."'; ".
864	"datePicker.prototype.months[9] = '".html::escapeJS(__('October'))."'; ".
865	"datePicker.prototype.months[10] = '".html::escapeJS(__('November'))."'; ".
866	"datePicker.prototype.months[11] = '".html::escapeJS(__('December'))."'; ".
867
868	"datePicker.prototype.days[0] = '".html::escapeJS(__('Monday'))."'; ".
869	"datePicker.prototype.days[1] = '".html::escapeJS(__('Tuesday'))."'; ".
870	"datePicker.prototype.days[2] = '".html::escapeJS(__('Wednesday'))."'; ".
871	"datePicker.prototype.days[3] = '".html::escapeJS(__('Thursday'))."'; ".
872	"datePicker.prototype.days[4] = '".html::escapeJS(__('Friday'))."'; ".
873	"datePicker.prototype.days[5] = '".html::escapeJS(__('Saturday'))."'; ".
874	"datePicker.prototype.days[6] = '".html::escapeJS(__('Sunday'))."'; ".
875
876	"datePicker.prototype.img_src = 'images/date-picker.png'; ".
877	"datePicker.prototype.img_alt = '".html::escapeJS(__('Choose date'))."'; ".
878
879	"datePicker.prototype.close_msg = '".html::escapeJS(__('close'))."'; ".
880	"datePicker.prototype.now_msg = '".html::escapeJS(__('now'))."'; ".
881
882	"\n//]]>\n".
883	"</script>\n";
884	}
885
886
887	public static function jsToolBar()
888	{
889	# Deprecated but we keep this for plugins.
890	}
891
892	public static function jsUpload($params=array(),$base_url=null)
893	{
894	if (!$base_url) {
895	$base_url = path::clean(dirname(preg_replace('/(\?.*$)?/','',$_SERVER['REQUEST_URI']))).'/';
896	}
897
898	$params = array_merge($params,array(
899	'sess_id='.session_id(),
900	'sess_uid='.$_SESSION['sess_browser_uid'],
901	'xd_check='.$GLOBALS['core']->getNonce()
902	));
903
904	return
905	'<script type="text/javascript">'."\n".
906	"//<![CDATA[\n".
907	"dotclear.jsUpload = {};\n".
908	"dotclear.jsUpload.msg = {};\n".
909	self::jsVar('dotclear.msg.enhanced_uploader_activate',__('Temporarily activate enhanced uploader')).
910	self::jsVar('dotclear.msg.enhanced_uploader_disable',__('Temporarily disable enhanced uploader')).
911	self::jsVar('dotclear.jsUpload.msg.limit_exceeded',__('Limit exceeded.')).
912	self::jsVar('dotclear.jsUpload.msg.size_limit_exceeded',__('File size exceeds allowed limit.')).
913	self::jsVar('dotclear.jsUpload.msg.canceled',__('Canceled.')).
914	self::jsVar('dotclear.jsUpload.msg.http_error',__('HTTP Error:')).
915	self::jsVar('dotclear.jsUpload.msg.error',__('Error:')).
916	self::jsVar('dotclear.jsUpload.msg.choose_file',__('Choose file')).
917	self::jsVar('dotclear.jsUpload.msg.choose_files',__('Choose files')).
918	self::jsVar('dotclear.jsUpload.msg.cancel',__('Cancel')).
919	self::jsVar('dotclear.jsUpload.msg.clean',__('Clean')).
920	self::jsVar('dotclear.jsUpload.msg.upload',__('Upload')).
921	self::jsVar('dotclear.jsUpload.msg.send',__('Send')).
922	self::jsVar('dotclear.jsUpload.msg.file_successfully_uploaded',__('File successfully uploaded.')).
923	self::jsVar('dotclear.jsUpload.msg.no_file_in_queue',__('No file in queue.')).
924	self::jsVar('dotclear.jsUpload.msg.file_in_queue',__('1 file in queue.')).
925	self::jsVar('dotclear.jsUpload.msg.files_in_queue',__('%d files in queue.')).
926	self::jsVar('dotclear.jsUpload.msg.queue_error',__('Queue error:')).
927	self::jsVar('dotclear.jsUpload.base_url',$base_url).
928	"\n//]]>\n".
929	"</script>\n".
930
931	self::jsLoad('js/jquery/jquery-ui.custom.js').
932	self::jsLoad('js/jsUpload/tmpl.js').
933	self::jsLoad('js/jsUpload/template-upload.js').
934	self::jsLoad('js/jsUpload/template-download.js').
935	self::jsLoad('js/jsUpload/load-image.js').
936	self::jsLoad('js/jsUpload/jquery.iframe-transport.js').
937	self::jsLoad('js/jsUpload/jquery.fileupload.js').
938	self::jsLoad('js/jsUpload/jquery.fileupload-process.js').
939	self::jsLoad('js/jsUpload/jquery.fileupload-resize.js').
940	self::jsLoad('js/jsUpload/jquery.fileupload-ui.js');
941	}
942
943	public static function jsToolMan()
944	{
945	return
946	self::jsLoad('js/tool-man/core.js').
947	self::jsLoad('js/tool-man/events.js').
948	self::jsLoad('js/tool-man/css.js').
949	self::jsLoad('js/tool-man/coordinates.js').
950	self::jsLoad('js/tool-man/drag.js').
951	self::jsLoad('js/tool-man/dragsort.js').
952	self::jsLoad('js/dragsort-tablerows.js');
953	}
954
955	public static function jsMetaEditor()
956	{
957	return self::jsLoad('js/meta-editor.js');
958	}
959
960	public static function jsLoadCodeMirror($theme = '',$multi = true,$modes = array('css','htmlmixed','javascript','php','xml'))
961	{
962	$ret =
963	self::cssLoad('js/codemirror/lib/codemirror.css').
964	self::jsLoad('js/codemirror/lib/codemirror.js');
965	if ($multi) {
966	$ret .= self::jsLoad('js/codemirror/addon/mode/multiplex.js');
967	}
968	foreach ($modes as $mode) {
969	$ret .= self::jsLoad('js/codemirror/mode/'.$mode.'/'.$mode.'.js');
970	}
971	$ret .=
972	self::jsLoad('js/codemirror/addon/edit/closebrackets.js').
973	self::jsLoad('js/codemirror/addon/edit/matchbrackets.js').
974	self::cssLoad('js/codemirror/addon/display/fullscreen.css').
975	self::jsLoad('js/codemirror/addon/display/fullscreen.js');
976	if ($theme != '') {
977	$ret .= self::cssLoad('js/codemirror/theme/'.$theme.'.css');
978	}
979	return $ret;
980	}
981
982	public static function jsRunCodeMirror($name,$id,$mode,$theme = '')
983	{
984	$ret =
985	'<script type="text/javascript">'.
986	'//<![CDATA['."\n".
987	'var '.$name.' = CodeMirror.fromTextArea('.$id.',{'."\n".
988	' mode: "'.$mode.'",'."\n".
989	' tabMode: "indent",'."\n".
990	' lineWrapping: "true",'."\n".
991	' lineNumbers: "true",'."\n".
992	' matchBrackets: "true",'."\n".
993	' autoCloseBrackets: "true",'."\n".
994	' extraKeys: {"F11": function(cm) {cm.setOption("fullScreen",!cm.getOption("fullScreen"));}}';
995	if ($theme) {
996	$ret .=
997	','."\n".
998	' theme: "'.$theme.'"';
999	}
1000	$ret .=
1001	"\n".'});'."\n".
1002	'//]]>'.
1003	'</script>';
1004	return $ret;
1005	}
1006
1007	public static function getCodeMirrorThemes()
1008	{
1009	$themes = array();
1010	$themes_root = dirname(__FILE__).'/../../admin'.'/js/codemirror/theme/';
1011	if (is_dir($themes_root) && is_readable($themes_root)) {
1012	if (($d = @dir($themes_root)) !== false) {
1013	while (($entry = $d->read()) !== false) {
1014	if ($entry != '.' && $entry != '..' && substr($entry, 0, 1) != '.' && is_readable($themes_root.'/'.$entry)) {
1015	$themes[] = substr($entry,0,-4); // remove .css extension
1016	}
1017	}
1018	}
1019	}
1020	return $themes;
1021	}
1022
1023	public static function getPF($file)
1024	{
1025	return $GLOBALS['core']->adminurl->get('load.plugin.file',array('pf' => $file));
1026	}
1027
1028	public static function getVF($file)
1029	{
1030	return $GLOBALS['core']->adminurl->get('load.var.file',array('vf' => $file));
1031	}
1032
1033	public static function setXFrameOptions($headers,$origin = null)
1034	{
1035	if (self::$xframe_loaded) {
1036	return;
1037	}
1038	if ($origin !== null) {
1039	$url = parse_url($origin);
1040	$headers['x-frame-options'] = sprintf('X-Frame-Options: %s',is_array($url) ?
1041	("ALLOW-FROM ".(isset($url['scheme']) ? $url['scheme'].':' : '' ).'//'.$url['host']) :
1042	'SAMEORIGIN');
1043	} else {
1044	$headers['x-frame-options'] = 'X-Frame-Options: SAMEORIGIN'; // FF 3.6.9+ Chrome 4.1+ IE 8+ Safari 4+ Opera 10.5+
1045	}
1046	self::$xframe_loaded = true;
1047	}
1048	}

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/admin/lib.dc.page.php @ 3279:0fc10be22e4c

Download in other formats:

Sites map