| | |
|---|
| | | |
|---|
| | | //$this->framed = $framed; |
|---|
| | | $this->set_env('task', $task); |
|---|
| | | $this->set_env('request_token', $this->app->get_request_token()); |
|---|
| | | |
|---|
| | | // load the correct skin (in case user-defined) |
|---|
| | | $this->set_skin($this->config['skin']); |
|---|
| | |
|---|
| | | $js = $this->framed ? "if(window.parent) {\n" : ''; |
|---|
| | | $js .= $this->get_js_commands() . ($this->framed ? ' }' : ''); |
|---|
| | | $this->add_script($js, 'head_top'); |
|---|
| | | |
|---|
| | | // make sure all <form> tags have a valid request token |
|---|
| | | $template = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $template); |
|---|
| | | |
|---|
| | | // call super method |
|---|
| | | parent::write($template, $this->config['skin_path']); |
|---|
| | |
|---|
| | | */ |
|---|
| | | private function check_condition($condition) |
|---|
| | | { |
|---|
| | | return eval("return (".$this->parse_expression($condition).");"); |
|---|
| | | return eval("return (".$this->parse_expression($condition).");"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * |
|---|
| | | */ |
|---|
| | | private function alter_form_tag($matches) |
|---|
| | | { |
|---|
| | | $out = $matches[0]; |
|---|
| | | $attrib = parse_attrib_string($matches[1]); |
|---|
| | | |
|---|
| | | if (strtolower($attrib['method']) == 'post') { |
|---|
| | | $hidden = new html_hiddenfield(array('name' => '_token', 'value' => $this->app->get_request_token())); |
|---|
| | | $out .= "\n" . $hidden->show(); |
|---|
| | | } |
|---|
| | | |
|---|
| | | return $out; |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | |
|---|
| | | */ |
|---|
| | | public function form_tag($attrib, $content = null) |
|---|
| | | { |
|---|
| | | if ($this->framed) { |
|---|
| | | if ($this->framed || !empty($_REQUEST['_framed'])) { |
|---|
| | | $hiddenfield = new html_hiddenfield(array('name' => '_framed', 'value' => '1')); |
|---|
| | | $hidden = $hiddenfield->show(); |
|---|
| | | } |
|---|
| | |
|---|
| | | |
|---|
| | | return html::tag('form', |
|---|
| | | $attrib + array('action' => "./", 'method' => "get"), |
|---|
| | | $hidden . $content); |
|---|
| | | $hidden . $content, |
|---|
| | | array('id','class','style','name','method','action','enctype','onsubmit')); |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * Build a form tag with a unique request token |
|---|
| | | * |
|---|
| | | * @param array Named tag parameters including 'action' and 'task' values which will be put into hidden fields |
|---|
| | | * @param string Form content |
|---|
| | | * @return string HTML code for the form |
|---|
| | | */ |
|---|
| | | public function request_form($attrib, $content = '') |
|---|
| | | { |
|---|
| | | $hidden = new html_hiddenfield(); |
|---|
| | | if ($attrib['task']) { |
|---|
| | | $hidden->add(array('name' => '_task', 'value' => $attrib['task'])); |
|---|
| | | } |
|---|
| | | if ($attrib['action']) { |
|---|
| | | $hidden->add(array('name' => '_action', 'value' => $attrib['action'])); |
|---|
| | | } |
|---|
| | | |
|---|
| | | unset($attrib['task'], $attrib['request']); |
|---|
| | | $attrib['action'] = './'; |
|---|
| | | |
|---|
| | | // we already have a <form> tag |
|---|
| | | if ($attrib['form']) |
|---|
| | | return $hidden->show() . $content; |
|---|
| | | else |
|---|
| | | return $this->form_tag($attrib, $hidden->show() . $content); |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
