lib.dc.page.php @ 3639:fe9f4d94f86b

Visit:

Revision 3639:fe9f4d94f86b, 36.6 KB checked in by franck <carnet.franck.paul@…>, 8 years ago (diff)
Add required attribute for mandatory fields

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12	if (!defined('DC_RC_PATH')) { return; }
13
14	define('DC_AUTH_PAGE','auth.php');
15
16	class dcPage
17	{
18	private static $loaded_js = array();
19	private static $loaded_css = array();
20	private static $xframe_loaded = false;
21	private static $N_TYPES = array(
22	"success" => "success",
23	"warning" => "warning-msg",
24	"error" => "error",
25	"message" => "message",
26	"static" => "static-msg");
27
28	# Auth check
29	public static function check($permissions)
30	{
31	global $core;
32
33	if ($core->blog && $core->auth->check($permissions,$core->blog->id)) {
34	return;
35	}
36
37	if (session_id()) {
38	$core->session->destroy();
39	}
40	http::redirect(DC_AUTH_PAGE);
41	}
42
43	# Check super admin
44	public static function checkSuper()
45	{
46	global $core;
47
48	if (!$core->auth->isSuperAdmin())
49	{
50	if (session_id()) {
51	$core->session->destroy();
52	}
53	http::redirect(DC_AUTH_PAGE);
54	}
55	}
56
57	# Top of admin page
58	public static function open($title='',$head='',$breadcrumb='',$options=array())
59	{
60	global $core;
61
62	# List of user's blogs
63	if ($core->auth->getBlogCount() == 1 \|\| $core->auth->getBlogCount() > 20)
64	{
65	$blog_box =
66	'<p>'.__('Blog:').' <strong title="'.html::escapeHTML($core->blog->url).'">'.
67	html::escapeHTML($core->blog->name).'</strong>';
68
69	if ($core->auth->getBlogCount() > 20) {
70	$blog_box .= ' - <a href="'.$core->adminurl->get("admin.blogs").'">'.__('Change blog').'</a>';
71	}
72	$blog_box .= '</p>';
73	}
74	else
75	{
76	$rs_blogs = $core->getBlogs(array('order'=>'LOWER(blog_name)','limit'=>20));
77	$blogs = array();
78	while ($rs_blogs->fetch()) {
79	$blogs[html::escapeHTML($rs_blogs->blog_name.' - '.$rs_blogs->blog_url)] = $rs_blogs->blog_id;
80	}
81	$blog_box =
82	'<p><label for="switchblog" class="classic">'.
83	__('Blogs:').'</label> '.
84	$core->formNonce().
85	form::combo('switchblog',$blogs,$core->blog->id).
86	'<input type="submit" value="'.__('ok').'" class="hidden-if-js" /></p>';
87	}
88
89	$safe_mode = isset($_SESSION['sess_safe_mode']) && $_SESSION['sess_safe_mode'];
90
91	# Display
92	$headers = new ArrayObject(array());
93
94	# Content-Type
95	$headers['content-type'] = 'Content-Type: text/html; charset=UTF-8';
96
97	# Referrer Policy for admin pages
98	$headers['referrer'] = 'Referrer-Policy: strict-origin';
99
100	# Prevents Clickjacking as far as possible
101	if (isset($options['x-frame-allow'])) {
102	self::setXFrameOptions($headers,$options['x-frame-allow']);
103	} else {
104	self::setXFrameOptions($headers);
105	}
106
107	# Content-Security-Policy (only if safe mode if not active, it may help)
108	if (!$safe_mode && $core->blog->settings->system->csp_admin_on) {
109	// Get directives from settings if exist, else set defaults
110	$csp = new ArrayObject(array());
111
112	// SQlite Clearbricks driver does not allow using single quote at beginning or end of a field value
113	// so we have to use neutral values (localhost and 127.0.0.1) for some CSP directives
114	$csp_prefix = $core->con->driver() == 'sqlite' ? 'localhost ' : ''; // Hack for SQlite Clearbricks driver
115	$csp_suffix = $core->con->driver() == 'sqlite' ? ' 127.0.0.1' : ''; // Hack for SQlite Clearbricks driver
116
117	$csp['default-src'] = $core->blog->settings->system->csp_admin_default ?:
118	$csp_prefix."'self'".$csp_suffix;
119	$csp['script-src'] = $core->blog->settings->system->csp_admin_script ?:
120	$csp_prefix."'self' 'unsafe-inline' 'unsafe-eval'".$csp_suffix;
121	$csp['style-src'] = $core->blog->settings->system->csp_admin_style ?:
122	$csp_prefix."'self' 'unsafe-inline'".$csp_suffix;
123	$csp['img-src'] = $core->blog->settings->system->csp_admin_img ?:
124	$csp_prefix."'self' data: http://media.dotaddict.org blob:";
125
126	# Cope with blog post preview (via public URL in iframe)
127	if (!is_null($core->blog->host)) {
128	$csp['default-src'] .= ' '.parse_url($core->blog->host,PHP_URL_HOST);
129	$csp['script-src'] .= ' '.parse_url($core->blog->host,PHP_URL_HOST);
130	$csp['style-src'] .= ' '.parse_url($core->blog->host,PHP_URL_HOST);
131	}
132	# Cope with media display in media manager (via public URL)
133	if (!is_null($core->media)) {
134	$csp['img-src'] .= ' '.parse_url($core->media->root_url,PHP_URL_HOST);
135	}
136	# Allow everything in iframe (used by editors to preview public content)
137	$csp['child-src'] = "*";
138
139	# --BEHAVIOR-- adminPageHTTPHeaderCSP
140	$core->callBehavior('adminPageHTTPHeaderCSP',$csp);
141
142	// Construct CSP header
143	$directives = array();
144	foreach ($csp as $key => $value) {
145	if ($value) {
146	$directives[] = $key.' '.$value;
147	}
148	}
149	if (count($directives)) {
150	if (version_compare(phpversion(),'5.4','>=')) {
151	// csp_report.php needs PHP ≥ 5.4
152	$directives[] = "report-uri ".DC_ADMIN_URL."csp_report.php";
153	}
154	$report_only = ($core->blog->settings->system->csp_admin_report_only) ? '-Report-Only' : '';
155	$headers['csp'] = "Content-Security-Policy".$report_only.": ".implode(" ; ",$directives);
156	}
157	}
158
159	# --BEHAVIOR-- adminPageHTTPHeaders
160	$core->callBehavior('adminPageHTTPHeaders',$headers);
161	foreach ($headers as $key => $value) {
162	header($value);
163	}
164
165	echo
166	'<!DOCTYPE html>'.
167	'<html lang="'.$core->auth->getInfo('user_lang').'">'."\n".
168	"<head>\n".
169	' <meta charset="UTF-8" />'."\n".
170	' <meta name="ROBOTS" content="NOARCHIVE,NOINDEX,NOFOLLOW" />'."\n".
171	' <meta name="GOOGLEBOT" content="NOSNIPPET" />'."\n".
172	' <meta name="viewport" content="width=device-width, initial-scale=1.0" />'."\n".
173	' <title>'.$title.' - '.html::escapeHTML($core->blog->name).' - '.html::escapeHTML(DC_VENDOR_NAME).' - '.DC_VERSION.'</title>'."\n".
174
175
176	self::cssLoad('style/default.css');
177	if (l10n::getTextDirection($GLOBALS['_lang']) == 'rtl') {
178	echo self::cssLoad('style/default-rtl.css');
179	}
180
181	$core->auth->user_prefs->addWorkspace('interface');
182	if (!$core->auth->user_prefs->interface->hide_std_favicon) {
183	echo
184	'<link rel="icon" type="image/png" href="images/favicon96-login.png" />'."\n".
185	'<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon" />'."\n";
186	}
187
188	if ($core->auth->user_prefs->interface->htmlfontsize) {
189	echo
190	'<script type="text/javascript">'."\n".
191	self::jsVar('dotclear_htmlFontSize',$core->auth->user_prefs->interface->htmlfontsize)."\n".
192	"</script>\n";
193	}
194
195	echo
196	self::jsCommon().
197	self::jsToggles().
198	$head;
199
200	if ($core->auth->user_prefs->interface->hidemoreinfo) {
201	echo
202	'<script type="text/javascript">'."\n".
203	'dotclear.hideMoreInfo = true;'."\n".
204	"</script>\n";
205	}
206	if ($core->auth->user_prefs->interface->showajaxloader) {
207	echo
208	'<script type="text/javascript">'."\n".
209	'dotclear.showAjaxLoader = true;'."\n".
210	"</script>\n";
211	}
212
213	# --BEHAVIOR-- adminPageHTMLHead
214	$core->callBehavior('adminPageHTMLHead');
215
216	echo
217	"</head>\n".
218	'<body id="dotclear-admin'.
219	($safe_mode ? ' safe-mode' : '').'" class="no-js'.
220	($core->auth->user_prefs->interface->dynfontsize ? ' responsive-font' : '').'">'."\n".
221
222	'<ul id="prelude">'.
223	'<li><a href="#content">'.__('Go to the content').'</a></li>'.
224	'<li><a href="#main-menu">'.__('Go to the menu').'</a></li>'.
225	'<li><a href="#qx">'.__('Go to search').'</a></li>'.
226	'<li><a href="#help">'.__('Go to help').'</a></li>'.
227	'</ul>'."\n".
228	'<div id="header" role="banner">'.
229	'<h1><a href="'.$core->adminurl->get("admin.home").'"><span class="hidden">'.DC_VENDOR_NAME.'</span></a></h1>'."\n";
230
231	echo
232	'<form action="'.$core->adminurl->get("admin.home").'" method="post" id="top-info-blog">'.
233	$blog_box.
234	'<p><a href="'.$core->blog->url.'" class="outgoing" title="'.__('Go to site').
235	'">'.__('Go to site').'<img src="images/outgoing.png" alt="" /></a>'.
236	'</p></form>'.
237	'<ul id="top-info-user">'.
238	'<li><a class="'.(preg_match('/'.preg_quote($core->adminurl->get('admin.home')).'$/',$_SERVER['REQUEST_URI']) ? ' active' : '').'" href="'.$core->adminurl->get("admin.home").'">'.__('My dashboard').'</a></li>'.
239	'<li><a class="smallscreen'.(preg_match('/'.preg_quote($core->adminurl->get('admin.user.preferences')).'(\?.*)?$/',$_SERVER['REQUEST_URI']) ? ' active' : '').
240	'" href="'.$core->adminurl->get("admin.user.preferences").'">'.__('My preferences').'</a></li>'.
241	'<li><a href="'.$core->adminurl->get("admin.home",array('logout' => 1)).'" class="logout"><span class="nomobile">'.sprintf(__('Logout %s'),$core->auth->userID()).
242	'</span><img src="images/logout.png" alt="" /></a></li>'.
243	'</ul>'.
244	'</div>'; // end header
245
246	echo
247	'<div id="wrapper" class="clearfix">'."\n".
248	'<div class="hidden-if-no-js collapser-box"><button type="button" id="collapser" class="void-btn">'.
249	'<img class="collapse-mm visually-hidden" src="images/collapser-hide.png" alt="'.__('Hide main menu').'" />'.
250	'<img class="expand-mm visually-hidden" src="images/collapser-show.png" alt="'.__('Show main menu').'" />'.
251	'</button></div>'.
252	'<div id="main" role="main">'."\n".
253	'<div id="content" class="clearfix">'."\n";
254
255	# Safe mode
256	if ($safe_mode)
257	{
258	echo
259	'<div class="warning" role="alert"><h3>'.__('Safe mode').'</h3>'.
260	'<p>'.__('You are in safe mode. All plugins have been temporarily disabled. Remind to log out then log in again normally to get back all functionalities').'</p>'.
261	'</div>';
262	}
263
264	// Display breadcrumb (if given) before any error messages
265	echo $breadcrumb;
266
267	// Display notices and errors
268	echo self::notices();
269	}
270
271	public static function notices()
272	{
273	global $core;
274	static $error_displayed = false;
275
276	$res = '';
277
278	// return error messages if any
279	if ($core->error->flag() && !$error_displayed) {
280
281	# --BEHAVIOR-- adminPageNotificationError
282	$notice_error = $core->callBehavior('adminPageNotificationError',$core,$core->error);
283
284	if (isset($notice_error) && !empty($notice_error)) {
285	$res .= $notice_error;
286	} else {
287	$res .= '<div class="error"><p>'.
288	'<strong>'.(count($core->error->getErrors()) > 1 ? __('Errors:') : __('Error:')).'</strong>'.
289	'</p>'.$core->error->toHTML().'</div>';
290	}
291	$error_displayed = true;
292	}
293
294	// return notices if any
295	if (isset($_SESSION['notifications'])) {
296	foreach ($_SESSION['notifications'] as $notification) {
297
298	# --BEHAVIOR-- adminPageNotification
299	$notice = $core->callBehavior('adminPageNotification',$core,$notification);
300
301	$res .= (isset($notice) && !empty($notice) ? $notice : self::getNotification($notification));
302	}
303	unset($_SESSION['notifications']);
304	}
305	return $res;
306	}
307
308	public static function addNotice($type,$message,$options=array())
309	{
310	if (isset(self::$N_TYPES[$type])){
311	$class = self::$N_TYPES[$type];
312	} else {
313	$class=$type;
314	}
315	if (isset($_SESSION['notifications']) && is_array($_SESSION['notifications'])) {
316	$notifications = $_SESSION['notifications'];
317	} else {
318	$notifications = array();
319	}
320
321	$n = array_merge($options,array('class' => $class,'ts' => time(), 'text' => $message));
322	if ($type != "static") {
323	$notifications[] = $n;
324	} else {
325	array_unshift($notifications, $n);
326	}
327	$_SESSION['notifications'] = $notifications;
328	}
329
330	public static function addSuccessNotice($message,$options=array())
331	{
332	self::addNotice("success",$message,$options);
333	}
334
335	public static function addWarningNotice($message,$options=array())
336	{
337	self::addNotice("warning",$message,$options);
338	}
339
340	public static function addErrorNotice($message,$options=array())
341	{
342	self::addNotice("error",$message,$options);
343	}
344
345	protected static function getNotification($n)
346	{
347	global $core;
348	$tag = (isset($n['divtag']) && $n['divtag']) ? 'div' : 'p';
349	$ts = '';
350	if (!isset($n['with_ts']) \|\| ($n['with_ts'] == true)) {
351	$ts = dt::str(__('[%H:%M:%S]'),$n['ts'],$core->auth->getInfo('user_tz')).' ';
352	}
353	$res = '<'.$tag.' class="'.$n['class'].'" role="alert">'.$ts.$n['text'].'</'.$tag.'>';
354	return $res;
355	}
356
357	public static function close()
358	{
359	global $core;
360
361	if (!$GLOBALS['__resources']['ctxhelp']) {
362	if (!$core->auth->user_prefs->interface->hidehelpbutton) {
363	echo
364	'<p id="help-button"><a href="'.$core->adminurl->get("admin.help").'" class="outgoing" title="'.
365	__('Global help').'">'.__('Global help').'</a></p>';
366	}
367	}
368
369	$menu =& $GLOBALS['_menu'];
370
371	echo
372	"</div>\n". // End of #content
373	"</div>\n". // End of #main
374
375	'<div id="main-menu" role="navigation">'."\n".
376
377	'<form id="search-menu" action="'.$core->adminurl->get("admin.search").'" method="get" role="search">'.
378	'<p><label for="qx" class="hidden">'.__('Search:').' </label>'.form::field('qx',30,255,'').
379	'<input type="submit" value="'.__('OK').'" /></p>'.
380	'</form>';
381
382	foreach ($menu as $k => $v) {
383	echo $menu[$k]->draw();
384	}
385
386	$text = sprintf(__('Thank you for using %s.'),'Dotclear '.DC_VERSION);
387
388	# --BEHAVIOR-- adminPageFooter
389	$textAlt = $core->callBehavior('adminPageFooter',$core,$text);
390	if ($textAlt != '') {
391	$text = $textAlt;
392	}
393	$text = html::escapeHTML($text);
394
395	echo
396	'</div>'."\n". // End of #main-menu
397	"</div>\n"; // End of #wrapper
398
399	echo '<p id="gototop"><a href="#wrapper">'.__('Page top').'</a></p>'."\n";
400
401	$figure = "
402	/\_/\
403	(='.'=)
404	(\")-(\")";
405
406	echo
407	'<div id="footer" role="contentinfo">'.
408	'<a href="http://dotclear.org/" title="'.$text.'">'.
409	'<img src="style/dc_logos/w-dotclear90.png" alt="'.$text.'" /></a></div>'."\n".
410	"<!-- "."\n".
411	$figure.
412	" -->"."\n";
413
414	if (defined('DC_DEV') && DC_DEV === true) {
415	echo self::debugInfo();
416	}
417
418	echo
419	'</body></html>';
420	}
421
422	public static function openPopup($title='',$head='',$breadcrumb='')
423	{
424	global $core;
425
426	# Display
427	header('Content-Type: text/html; charset=UTF-8');
428
429	# Referrer Policy for admin pages
430	header('Referrer-Policy: strict-origin');
431
432	# Prevents Clickjacking as far as possible
433	header('X-Frame-Options: SAMEORIGIN'); // FF 3.6.9+ Chrome 4.1+ IE 8+ Safari 4+ Opera 10.5+
434
435	echo
436	'<!DOCTYPE html>'.
437	'<html lang="'.$core->auth->getInfo('user_lang').'">'."\n".
438	"<head>\n".
439	' <meta charset="UTF-8" />'."\n".
440	' <meta name="viewport" content="width=device-width, initial-scale=1.0" />'."\n".
441	' <title>'.$title.' - '.html::escapeHTML($core->blog->name).' - '.html::escapeHTML(DC_VENDOR_NAME).' - '.DC_VERSION.'</title>'."\n".
442
443	' <meta name="ROBOTS" content="NOARCHIVE,NOINDEX,NOFOLLOW" />'."\n".
444	' <meta name="GOOGLEBOT" content="NOSNIPPET" />'."\n".
445
446	self::cssLoad('style/default.css');
447	if (l10n::getTextDirection($GLOBALS['_lang']) == 'rtl') {
448	echo self::cssLoad('style/default-rtl.css');
449	}
450
451	$core->auth->user_prefs->addWorkspace('interface');
452	if ($core->auth->user_prefs->interface->htmlfontsize) {
453	echo
454	'<script type="text/javascript">'."\n".
455	self::jsVar('dotclear_htmlFontSize',$core->auth->user_prefs->interface->htmlfontsize)."\n".
456	"</script>\n";
457	}
458
459	echo
460	self::jsCommon().
461	self::jsToggles().
462	$head;
463
464	if ($core->auth->user_prefs->interface->hidemoreinfo) {
465	echo
466	'<script type="text/javascript">'."\n".
467	'dotclear.hideMoreInfo = true;'."\n".
468	"</script>\n";
469	}
470	if ($core->auth->user_prefs->interface->showajaxloader) {
471	echo
472	'<script type="text/javascript">'."\n".
473	'dotclear.showAjaxLoader = true;'."\n".
474	"</script>\n";
475	}
476
477	# --BEHAVIOR-- adminPageHTMLHead
478	$core->callBehavior('adminPageHTMLHead');
479
480	echo
481	"</head>\n".
482	'<body id="dotclear-admin" class="popup'.
483	($core->auth->user_prefs->interface->dynfontsize ? ' responsive-font' : '').'">'."\n".
484
485	'<h1>'.DC_VENDOR_NAME.'</h1>'."\n";
486
487	echo
488	'<div id="wrapper">'."\n".
489	'<div id="main" role="main">'."\n".
490	'<div id="content">'."\n";
491
492	// display breadcrumb if given
493	echo $breadcrumb;
494
495	// Display notices and errors
496	echo self::notices();
497	}
498
499	public static function closePopup()
500	{
501	echo
502	"</div>\n". // End of #content
503	"</div>\n". // End of #main
504	"</div>\n". // End of #wrapper
505
506	'<p id="gototop"><a href="#wrapper">'.__('Page top').'</a></p>'."\n".
507
508	'<div id="footer" role="contentinfo"><p> </p></div>'."\n".
509	'</body></html>';
510	}
511
512	public static function breadcrumb($elements=null,$options=array())
513	{
514	global $core;
515	$with_home_link = isset($options['home_link']) ? $options['home_link'] : true;
516	$hl = isset($options['hl']) ? $options['hl'] : true;
517	$hl_pos = isset($options['hl_pos']) ? $options['hl_pos'] : -1;
518	// First item of array elements should be blog's name, System or Plugins
519	$res = '<h2>'.($with_home_link ?
520	'<a class="go_home" href="'.$core->adminurl->get("admin.home").'"><img src="style/dashboard.png" alt="'.__('Go to dashboard').'" /></a>' :
521	'<img src="style/dashboard-alt.png" alt="" />');
522	$index = 0;
523	if ($hl_pos < 0) {
524	$hl_pos = count($elements)+$hl_pos;
525	}
526	foreach ($elements as $element => $url) {
527	if ($hl && $index == $hl_pos) {
528	$element = sprintf('<span class="page-title">%s</span>',$element);
529	}
530	$res .= ($with_home_link ? ($index == 1 ? ' : ' : ' &rsaquo; ') : ($index == 0 ? ' ' : ' &rsaquo; ')).
531	($url ? '<a href="'.$url.'">' : '').$element.($url ? '</a>' : '');
532	$index++;
533	}
534	$res .= '</h2>';
535	return $res;
536	}
537
538	public static function message($msg,$timestamp=true,$div=false,$echo=true,$class='message')
539	{
540	global $core;
541
542	$res = '';
543	if ($msg != '') {
544	$res = ($div ? '<div class="'.$class.'">' : '').'<p'.($div ? '' : ' class="'.$class.'"').'>'.
545	($timestamp ? dt::str(__('[%H:%M:%S]'),null,$core->auth->getInfo('user_tz')).' ' : '').$msg.
546	'</p>'.($div ? '</div>' : '');
547	if ($echo) {
548	echo $res;
549	}
550	}
551	return $res;
552	}
553
554	public static function success($msg,$timestamp=true,$div=false,$echo=true)
555	{
556	return self::message($msg,$timestamp,$div,$echo,"success");
557	}
558
559	public static function warning($msg,$timestamp=true,$div=false,$echo=true)
560	{
561	return self::message($msg,$timestamp,$div,$echo,"warning-msg");
562	}
563
564	private static function debugInfo()
565	{
566	$global_vars = implode(', ',array_keys($GLOBALS));
567
568	$res =
569	'<div id="debug"><div>'.
570	'<p>memory usage: '.memory_get_usage().' ('.files::size(memory_get_usage()).')</p>';
571
572	if (function_exists('xdebug_get_profiler_filename'))
573	{
574	$res .= '<p>Elapsed time: '.xdebug_time_index().' seconds</p>';
575
576	$prof_file = xdebug_get_profiler_filename();
577	if ($prof_file) {
578	$res .= '<p>Profiler file : '.xdebug_get_profiler_filename().'</p>';
579	} else {
580	$prof_url = http::getSelfURI();
581	$prof_url .= (strpos($prof_url,'?') === false) ? '?' : '&';
582	$prof_url .= 'XDEBUG_PROFILE';
583	$res .= '<p><a href="'.html::escapeURL($prof_url).'">Trigger profiler</a></p>';
584	}
585
586	/* xdebug configuration:
587	zend_extension = /.../xdebug.so
588	xdebug.auto_trace = On
589	xdebug.trace_format = 0
590	xdebug.trace_options = 1
591	xdebug.show_mem_delta = On
592	xdebug.profiler_enable = 0
593	xdebug.profiler_enable_trigger = 1
594	xdebug.profiler_output_dir = /tmp
595	xdebug.profiler_append = 0
596	xdebug.profiler_output_name = timestamp
597	*/
598	}
599
600	$res .=
601	'<p>Global vars: '.$global_vars.'</p>'.
602	'</div></div>';
603
604	return $res;
605	}
606
607	public static function help($page,$index='')
608	{
609	# Deprecated but we keep this for plugins.
610	}
611
612	public static function helpBlock()
613	{
614	global $core;
615
616	if ($core->auth->user_prefs->interface->hidehelpbutton) {
617	return;
618	}
619
620	$args = func_get_args();
621	$args = new ArrayObject($args);
622
623	# --BEHAVIOR-- adminPageHelpBlock
624	$GLOBALS['core']->callBehavior('adminPageHelpBlock',$args);
625
626	if (empty($args)) {
627	return;
628	};
629
630	global $__resources;
631	if (empty($__resources['help'])) {
632	return;
633	}
634
635	$content = '';
636	foreach ($args as $v)
637	{
638	if (is_object($v) && isset($v->content)) {
639	$content .= $v->content;
640	continue;
641	}
642
643	if (!isset($__resources['help'][$v])) {
644	continue;
645	}
646	$f = $__resources['help'][$v];
647	if (!file_exists($f) \|\| !is_readable($f)) {
648	continue;
649	}
650
651	$fc = file_get_contents($f);
652	if (preg_match('\|<body[^>]?>(.?)</body>\|ms',$fc,$matches)) {
653	$content .= $matches[1];
654	} else {
655	$content .= $fc;
656	}
657	}
658
659	if (trim($content) == '') {
660	return;
661	}
662
663	// Set contextual help global flag
664	$GLOBALS['__resources']['ctxhelp'] = true;
665
666	echo
667	'<div id="help"><hr /><div class="help-content clear"><h3>'.__('Help about this page').'</h3>'.
668	$content.
669	'</div>'.
670	'<div id="helplink"><hr />'.
671	'<p>'.
672	sprintf(__('See also %s'),sprintf('<a href="'.$core->adminurl->get("admin.help").'">%s</a>',__('the global help'))).
673	'.</p>'.
674	'</div></div>';
675	}
676
677	public static function cssLoad($src,$media='screen',$v='')
678	{
679	$escaped_src = html::escapeHTML($src);
680	if (!isset(self::$loaded_css[$escaped_src])) {
681	self::$loaded_css[$escaped_src] = true;
682	$escaped_src = self::appendVersion($escaped_src,$v);
683
684	return '<link rel="stylesheet" href="'.$escaped_src.'" type="text/css" media="'.$media.'" />'."\n";
685	}
686	}
687
688	public static function jsLoad($src,$v='')
689	{
690	$escaped_src = html::escapeHTML($src);
691	if (!isset(self::$loaded_js[$escaped_src])) {
692	self::$loaded_js[$escaped_src] = true;
693	$escaped_src = self::appendVersion($escaped_src,$v);
694	return '<script type="text/javascript" src="'.$escaped_src.'"></script>'."\n";
695	}
696	}
697
698	private static function appendVersion($src,$v='')
699	{
700	$src .= (strpos($src,'?') === false ? '?' : '&').'v=';
701	if (defined('DC_DEV') && DC_DEV === true) {
702	$src .= md5(uniqid());
703	} else {
704	$src .= ($v === '' ? DC_VERSION : $v);
705	}
706	return $src;
707	}
708
709	public static function jsVar($n,$v)
710	{
711	return $n." = '".html::escapeJS($v)."';\n";
712	}
713
714	public static function jsToggles()
715	{
716	if($GLOBALS['core']->auth->user_prefs->toggles) {
717	$unfolded_sections = explode(',',$GLOBALS['core']->auth->user_prefs->toggles->unfolded_sections);
718	foreach ($unfolded_sections as $k=>&$v) {
719	if ($v == '') {
720	unset($unfolded_sections[$k]);
721	} else {
722	$v = "'".html::escapeJS($v)."':true";
723	}
724	}
725	} else {
726	$unfolded_sections=array();
727	}
728	return '<script type="text/javascript">'."\n".
729	'dotclear.unfolded_sections = {'.join(",",$unfolded_sections)."};\n".
730	"</script>\n";
731	}
732
733	public static function jsCommon()
734	{
735	$mute_or_no = '';
736	if (empty($GLOBALS['core']->blog) \|\| $GLOBALS['core']->blog->settings->system->jquery_migrate_mute) {
737	$mute_or_no .=
738	'<script type="text/javascript">'."\n".
739	'jQuery.migrateMute = true;'."\n".
740	"</script>\n";
741	}
742
743	return
744	self::jsLoad('js/jquery/jquery.js').
745	$mute_or_no.
746	self::jsLoad('js/jquery/jquery-migrate.js').
747	self::jsLoad('js/jquery/jquery.biscuit.js').
748	self::jsLoad('js/jquery/jquery.bgFade.js').
749	self::jsLoad('js/common.js').
750	self::jsLoad('js/prelude.js').
751
752	'<script type="text/javascript">'."\n".
753	'jsToolBar = {}, jsToolBar.prototype = { elements : {} };'."\n".
754
755	self::jsVar('dotclear.nonce',$GLOBALS['core']->getNonce()).
756
757	self::jsVar('dotclear.img_plus_src','images/expand.png').
758	self::jsVar('dotclear.img_plus_alt',__('uncover')).
759	self::jsVar('dotclear.img_minus_src','images/hide.png').
760	self::jsVar('dotclear.img_minus_alt',__('hide')).
761	self::jsVar('dotclear.img_menu_on','images/menu_on.png').
762	self::jsVar('dotclear.img_menu_off','images/menu_off.png').
763
764	self::jsVar('dotclear.img_plus_theme_src','images/plus-theme.png').
765	self::jsVar('dotclear.img_plus_theme_alt',__('uncover')).
766	self::jsVar('dotclear.img_minus_theme_src','images/minus-theme.png').
767	self::jsVar('dotclear.img_minus_theme_alt',__('hide')).
768
769	self::jsVar('dotclear.msg.help',
770	__('Need help?')).
771	self::jsVar('dotclear.msg.new_window',
772	__('new window')).
773	self::jsVar('dotclear.msg.help_hide',
774	__('Hide')).
775	self::jsVar('dotclear.msg.to_select',
776	__('Select:')).
777	self::jsVar('dotclear.msg.no_selection',
778	__('no selection')).
779	self::jsVar('dotclear.msg.select_all',
780	__('select all')).
781	self::jsVar('dotclear.msg.invert_sel',
782	__('Invert selection')).
783	self::jsVar('dotclear.msg.website',
784	__('Web site:')).
785	self::jsVar('dotclear.msg.email',
786	__('Email:')).
787	self::jsVar('dotclear.msg.ip_address',
788	__('IP address:')).
789	self::jsVar('dotclear.msg.error',
790	__('Error:')).
791	self::jsVar('dotclear.msg.entry_created',
792	__('Entry has been successfully created.')).
793	self::jsVar('dotclear.msg.edit_entry',
794	__('Edit entry')).
795	self::jsVar('dotclear.msg.view_entry',
796	__('view entry')).
797	self::jsVar('dotclear.msg.confirm_delete_posts',
798	__("Are you sure you want to delete selected entries (%s)?")).
799	self::jsVar('dotclear.msg.confirm_delete_medias',
800	__("Are you sure you want to delete selected medias (%d)?")).
801	self::jsVar('dotclear.msg.confirm_delete_categories',
802	__("Are you sure you want to delete selected categories (%s)?")).
803	self::jsVar('dotclear.msg.confirm_delete_post',
804	__("Are you sure you want to delete this entry?")).
805	self::jsVar('dotclear.msg.click_to_unlock',
806	__("Click here to unlock the field")).
807	self::jsVar('dotclear.msg.confirm_spam_delete',
808	__('Are you sure you want to delete all spams?')).
809	self::jsVar('dotclear.msg.confirm_delete_comments',
810	__('Are you sure you want to delete selected comments (%s)?')).
811	self::jsVar('dotclear.msg.confirm_delete_comment',
812	__('Are you sure you want to delete this comment?')).
813	self::jsVar('dotclear.msg.cannot_delete_users',
814	__('Users with posts cannot be deleted.')).
815	self::jsVar('dotclear.msg.confirm_delete_user',
816	__('Are you sure you want to delete selected users (%s)?')).
817	self::jsVar('dotclear.msg.confirm_delete_blog',
818	__('Are you sure you want to delete selected blogs (%s)?')).
819	self::jsVar('dotclear.msg.confirm_delete_category',
820	__('Are you sure you want to delete category "%s"?')).
821	self::jsVar('dotclear.msg.confirm_reorder_categories',
822	__('Are you sure you want to reorder all categories?')).
823	self::jsVar('dotclear.msg.confirm_delete_media',
824	__('Are you sure you want to remove media "%s"?')).
825	self::jsVar('dotclear.msg.confirm_delete_directory',
826	__('Are you sure you want to remove directory "%s"?')).
827	self::jsVar('dotclear.msg.confirm_extract_current',
828	__('Are you sure you want to extract archive in current directory?')).
829	self::jsVar('dotclear.msg.confirm_remove_attachment',
830	__('Are you sure you want to remove attachment "%s"?')).
831	self::jsVar('dotclear.msg.confirm_delete_lang',
832	__('Are you sure you want to delete "%s" language?')).
833	self::jsVar('dotclear.msg.confirm_delete_plugin',
834	__('Are you sure you want to delete "%s" plugin?')).
835	self::jsVar('dotclear.msg.confirm_delete_plugins',
836	__('Are you sure you want to delete selected plugins?')).
837	self::jsVar('dotclear.msg.use_this_theme',
838	__('Use this theme')).
839	self::jsVar('dotclear.msg.remove_this_theme',
840	__('Remove this theme')).
841	self::jsVar('dotclear.msg.confirm_delete_theme',
842	__('Are you sure you want to delete "%s" theme?')).
843	self::jsVar('dotclear.msg.confirm_delete_themes',
844	__('Are you sure you want to delete selected themes?')).
845	self::jsVar('dotclear.msg.confirm_delete_backup',
846	__('Are you sure you want to delete this backup?')).
847	self::jsVar('dotclear.msg.confirm_revert_backup',
848	__('Are you sure you want to revert to this backup?')).
849	self::jsVar('dotclear.msg.zip_file_content',
850	__('Zip file content')).
851	self::jsVar('dotclear.msg.xhtml_validator',
852	__('XHTML markup validator')).
853	self::jsVar('dotclear.msg.xhtml_valid',
854	__('XHTML content is valid.')).
855	self::jsVar('dotclear.msg.xhtml_not_valid',
856	__('There are XHTML markup errors.')).
857	self::jsVar('dotclear.msg.warning_validate_no_save_content',
858	__('Attention: an audit of a content not yet registered.')).
859	self::jsVar('dotclear.msg.confirm_change_post_format',
860	__('You have unsaved changes. Switch post format will loose these changes. Proceed anyway?')).
861	self::jsVar('dotclear.msg.confirm_change_post_format_noconvert',
862	__("Warning: post format change will not convert existing content. You will need to apply new format by yourself. Proceed anyway?")).
863	self::jsVar('dotclear.msg.load_enhanced_uploader',
864	__('Loading enhanced uploader, please wait.')).
865
866	self::jsVar('dotclear.msg.module_author',
867	__('Author:')).
868	self::jsVar('dotclear.msg.module_details',
869	__('Details')).
870	self::jsVar('dotclear.msg.module_support',
871	__('Support')).
872	self::jsVar('dotclear.msg.module_help',
873	__('Help:')).
874	self::jsVar('dotclear.msg.module_section',
875	__('Section:')).
876	self::jsVar('dotclear.msg.module_tags',
877	__('Tags:')).
878
879	self::jsVar('dotclear.msg.close_notice',
880	__('Hide this notice')).
881
882	"\n".
883	"</script>\n";
884	}
885
886	/**
887	@deprecated since version 2.11
888	*/
889	public static function jsLoadIE7()
890	{
891	return '';
892	}
893
894	public static function jsConfirmClose()
895	{
896	$args = func_get_args();
897	if (count($args) > 0) {
898	foreach ($args as $k => $v) {
899	$args[$k] = "'".html::escapeJS($v)."'";
900	}
901	$args = implode(',',$args);
902	} else {
903	$args = '';
904	}
905
906	return
907	self::jsLoad('js/confirm-close.js').
908	'<script type="text/javascript">'."\n".
909	"confirmClosePage = new confirmClose(".$args."); ".
910	"confirmClose.prototype.prompt = '".html::escapeJS(__('You have unsaved changes.'))."'; ".
911	"</script>\n";
912	}
913
914	public static function jsPageTabs($default=null)
915	{
916	if ($default) {
917	$default = "'".html::escapeJS($default)."'";
918	}
919
920	return
921	self::jsLoad('js/jquery/jquery.pageTabs.js').
922	'<script type="text/javascript">'."\n".
923	'$(function() {'."\n".
924	' $.pageTabs('.$default.');'."\n".
925	'});'.
926	"</script>\n";
927	}
928
929	public static function jsModal()
930	{
931	return
932	self::jsLoad('js/jquery/jquery.magnific-popup.js');
933	}
934
935	public static function jsColorPicker()
936	{
937	return
938	self::cssLoad('style/farbtastic/farbtastic.css').
939	self::jsLoad('js/jquery/jquery.farbtastic.js').
940	self::jsLoad('js/color-picker.js');
941	}
942
943	public static function jsDatePicker()
944	{
945	return
946	self::cssLoad('style/date-picker.css').
947	self::jsLoad('js/date-picker.js').
948	'<script type="text/javascript">'."\n".
949
950	"datePicker.prototype.months[0] = '".html::escapeJS(__('January'))."'; ".
951	"datePicker.prototype.months[1] = '".html::escapeJS(__('February'))."'; ".
952	"datePicker.prototype.months[2] = '".html::escapeJS(__('March'))."'; ".
953	"datePicker.prototype.months[3] = '".html::escapeJS(__('April'))."'; ".
954	"datePicker.prototype.months[4] = '".html::escapeJS(__('May'))."'; ".
955	"datePicker.prototype.months[5] = '".html::escapeJS(__('June'))."'; ".
956	"datePicker.prototype.months[6] = '".html::escapeJS(__('July'))."'; ".
957	"datePicker.prototype.months[7] = '".html::escapeJS(__('August'))."'; ".
958	"datePicker.prototype.months[8] = '".html::escapeJS(__('September'))."'; ".
959	"datePicker.prototype.months[9] = '".html::escapeJS(__('October'))."'; ".
960	"datePicker.prototype.months[10] = '".html::escapeJS(__('November'))."'; ".
961	"datePicker.prototype.months[11] = '".html::escapeJS(__('December'))."'; ".
962
963	"datePicker.prototype.days[0] = '".html::escapeJS(__('Monday'))."'; ".
964	"datePicker.prototype.days[1] = '".html::escapeJS(__('Tuesday'))."'; ".
965	"datePicker.prototype.days[2] = '".html::escapeJS(__('Wednesday'))."'; ".
966	"datePicker.prototype.days[3] = '".html::escapeJS(__('Thursday'))."'; ".
967	"datePicker.prototype.days[4] = '".html::escapeJS(__('Friday'))."'; ".
968	"datePicker.prototype.days[5] = '".html::escapeJS(__('Saturday'))."'; ".
969	"datePicker.prototype.days[6] = '".html::escapeJS(__('Sunday'))."'; ".
970
971	"datePicker.prototype.img_src = 'images/date-picker.png'; ".
972	"datePicker.prototype.img_alt = '".html::escapeJS(__('Choose date'))."'; ".
973
974	"datePicker.prototype.close_msg = '".html::escapeJS(__('close'))."'; ".
975	"datePicker.prototype.now_msg = '".html::escapeJS(__('now'))."'; ".
976
977	"</script>\n";
978	}
979
980
981	public static function jsToolBar()
982	{
983	# Deprecated but we keep this for plugins.
984	}
985
986	public static function jsUpload($params=array(),$base_url=null)
987	{
988	if (!$base_url) {
989	$base_url = path::clean(dirname(preg_replace('/(\?.*$)?/','',$_SERVER['REQUEST_URI']))).'/';
990	}
991
992	$params = array_merge($params,array(
993	'sess_id='.session_id(),
994	'sess_uid='.$_SESSION['sess_browser_uid'],
995	'xd_check='.$GLOBALS['core']->getNonce()
996	));
997
998	return
999	'<script type="text/javascript">'."\n".
1000	"dotclear.jsUpload = {};\n".
1001	"dotclear.jsUpload.msg = {};\n".
1002	self::jsVar('dotclear.msg.enhanced_uploader_activate',__('Temporarily activate enhanced uploader')).
1003	self::jsVar('dotclear.msg.enhanced_uploader_disable',__('Temporarily disable enhanced uploader')).
1004	self::jsVar('dotclear.jsUpload.msg.limit_exceeded',__('Limit exceeded.')).
1005	self::jsVar('dotclear.jsUpload.msg.size_limit_exceeded',__('File size exceeds allowed limit.')).
1006	self::jsVar('dotclear.jsUpload.msg.canceled',__('Canceled.')).
1007	self::jsVar('dotclear.jsUpload.msg.http_error',__('HTTP Error:')).
1008	self::jsVar('dotclear.jsUpload.msg.error',__('Error:')).
1009	self::jsVar('dotclear.jsUpload.msg.choose_file',__('Choose file')).
1010	self::jsVar('dotclear.jsUpload.msg.choose_files',__('Choose files')).
1011	self::jsVar('dotclear.jsUpload.msg.cancel',__('Cancel')).
1012	self::jsVar('dotclear.jsUpload.msg.clean',__('Clean')).
1013	self::jsVar('dotclear.jsUpload.msg.upload',__('Upload')).
1014	self::jsVar('dotclear.jsUpload.msg.send',__('Send')).
1015	self::jsVar('dotclear.jsUpload.msg.file_successfully_uploaded',__('File successfully uploaded.')).
1016	self::jsVar('dotclear.jsUpload.msg.no_file_in_queue',__('No file in queue.')).
1017	self::jsVar('dotclear.jsUpload.msg.file_in_queue',__('1 file in queue.')).
1018	self::jsVar('dotclear.jsUpload.msg.files_in_queue',__('%d files in queue.')).
1019	self::jsVar('dotclear.jsUpload.msg.queue_error',__('Queue error:')).
1020	self::jsVar('dotclear.jsUpload.base_url',$base_url).
1021	"</script>\n".
1022
1023	self::jsLoad('js/jquery/jquery-ui.custom.js').
1024	self::jsLoad('js/jsUpload/tmpl.js').
1025	self::jsLoad('js/jsUpload/template-upload.js').
1026	self::jsLoad('js/jsUpload/template-download.js').
1027	self::jsLoad('js/jsUpload/load-image.js').
1028	self::jsLoad('js/jsUpload/jquery.iframe-transport.js').
1029	self::jsLoad('js/jsUpload/jquery.fileupload.js').
1030	self::jsLoad('js/jsUpload/jquery.fileupload-process.js').
1031	self::jsLoad('js/jsUpload/jquery.fileupload-resize.js').
1032	self::jsLoad('js/jsUpload/jquery.fileupload-ui.js');
1033	}
1034
1035	public static function jsMetaEditor()
1036	{
1037	return self::jsLoad('js/meta-editor.js');
1038	}
1039
1040	public static function jsFilterControl($show=true)
1041	{
1042	return
1043	self::jsLoad('js/filter-controls.js').
1044	'<script type="text/javascript">'."\n".
1045	self::jsVar('dotclear.msg.show_filters', $show ? 'true':'false')."\n".
1046	self::jsVar('dotclear.msg.filter_posts_list',__('Show filters and display options'))."\n".
1047	self::jsVar('dotclear.msg.cancel_the_filter',__('Cancel filters and display options'))."\n".
1048	"</script>";
1049	}
1050
1051	public static function jsLoadCodeMirror($theme = '',$multi = true,$modes = array('css','htmlmixed','javascript','php','xml'))
1052	{
1053	$ret =
1054	self::cssLoad('js/codemirror/lib/codemirror.css').
1055	self::jsLoad('js/codemirror/lib/codemirror.js');
1056	if ($multi) {
1057	$ret .= self::jsLoad('js/codemirror/addon/mode/multiplex.js');
1058	}
1059	foreach ($modes as $mode) {
1060	$ret .= self::jsLoad('js/codemirror/mode/'.$mode.'/'.$mode.'.js');
1061	}
1062	$ret .=
1063	self::jsLoad('js/codemirror/addon/edit/closebrackets.js').
1064	self::jsLoad('js/codemirror/addon/edit/matchbrackets.js').
1065	self::cssLoad('js/codemirror/addon/display/fullscreen.css').
1066	self::jsLoad('js/codemirror/addon/display/fullscreen.js');
1067	if ($theme != '') {
1068	$ret .= self::cssLoad('js/codemirror/theme/'.$theme.'.css');
1069	}
1070	return $ret;
1071	}
1072
1073	public static function jsRunCodeMirror($name,$id,$mode,$theme = '')
1074	{
1075	$ret =
1076	'<script type="text/javascript">'."\n".
1077	'var '.$name.' = CodeMirror.fromTextArea('.$id.',{'."\n".
1078	' mode: "'.$mode.'",'."\n".
1079	' tabMode: "indent",'."\n".
1080	' lineWrapping: "true",'."\n".
1081	' lineNumbers: "true",'."\n".
1082	' matchBrackets: "true",'."\n".
1083	' autoCloseBrackets: "true",'."\n".
1084	' extraKeys: {"F11": function(cm) {cm.setOption("fullScreen",!cm.getOption("fullScreen"));}}';
1085	if ($theme) {
1086	$ret .=
1087	','."\n".
1088	' theme: "'.$theme.'"';
1089	}
1090	$ret .= "\n".
1091	'});'."\n".
1092	'</script>';
1093	return $ret;
1094	}
1095
1096	public static function getCodeMirrorThemes()
1097	{
1098	$themes = array();
1099	$themes_root = dirname(__FILE__).'/../../admin'.'/js/codemirror/theme/';
1100	if (is_dir($themes_root) && is_readable($themes_root)) {
1101	if (($d = @dir($themes_root)) !== false) {
1102	while (($entry = $d->read()) !== false) {
1103	if ($entry != '.' && $entry != '..' && substr($entry, 0, 1) != '.' && is_readable($themes_root.'/'.$entry)) {
1104	$themes[] = substr($entry,0,-4); // remove .css extension
1105	}
1106	}
1107	sort($themes);
1108	}
1109	}
1110	return $themes;
1111	}
1112
1113	public static function getPF($file)
1114	{
1115	return $GLOBALS['core']->adminurl->get('load.plugin.file',array('pf' => $file));
1116	}
1117
1118	public static function getVF($file)
1119	{
1120	return $GLOBALS['core']->adminurl->get('load.var.file',array('vf' => $file));
1121	}
1122
1123	public static function setXFrameOptions($headers,$origin = null)
1124	{
1125	if (self::$xframe_loaded) {
1126	return;
1127	}
1128
1129	if ($origin !== null) {
1130	$url = parse_url($origin);
1131	$headers['x-frame-options'] = sprintf('X-Frame-Options: %s',is_array($url) && isset($url['host']) ?
1132	("ALLOW-FROM ".(isset($url['scheme']) ? $url['scheme'].':' : '' ).'//'.$url['host']) :
1133	'SAMEORIGIN');
1134	} else {
1135	$headers['x-frame-options'] = 'X-Frame-Options: SAMEORIGIN'; // FF 3.6.9+ Chrome 4.1+ IE 8+ Safari 4+ Opera 10.5+
1136	}
1137	self::$xframe_loaded = true;
1138	}
1139	}

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/admin/lib.dc.page.php @ 3639:fe9f4d94f86b

Download in other formats:

Sites map