| | |
| | | |
| | | //$this->framed = $framed; |
| | | $this->set_env('task', $task); |
| | | $this->set_env('request_token', $this->app->get_request_token()); |
| | | |
| | | // load the correct skin (in case user-defined) |
| | | $this->set_skin($this->config['skin']); |
| | |
| | | */ |
| | | public function command() |
| | | { |
| | | $this->js_commands[] = func_get_args(); |
| | | $cmd = func_get_args(); |
| | | if (strpos($cmd[0], 'plugin.') === false) |
| | | $this->js_commands[] = $cmd; |
| | | } |
| | | |
| | | |
| | |
| | | public function send($templ = null, $exit = true) |
| | | { |
| | | if ($templ != 'iframe') { |
| | | // prevent from endless loops |
| | | if ($exit != 'recur' && $this->app->plugins->is_processing('render_page')) { |
| | | raise_error(array('code' => 505, 'type' => 'php', 'message' => 'Recursion alert: ignoring output->send()'), true, false); |
| | | return; |
| | | } |
| | | $this->parse($templ, false); |
| | | } |
| | | else { |
| | |
| | | $this->write(); |
| | | } |
| | | |
| | | // set output asap |
| | | ob_flush(); |
| | | flush(); |
| | | |
| | | if ($exit) { |
| | | exit; |
| | | } |
| | |
| | | $js = $this->framed ? "if(window.parent) {\n" : ''; |
| | | $js .= $this->get_js_commands() . ($this->framed ? ' }' : ''); |
| | | $this->add_script($js, 'head_top'); |
| | | |
| | | // make sure all <form> tags have a valid request token |
| | | $template = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $template); |
| | | $this->footer = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $this->footer); |
| | | |
| | | // call super method |
| | | parent::write($template, $this->config['skin_path']); |
| | |
| | | // parse for specialtags |
| | | $output = $this->parse_conditions($templ); |
| | | $output = $this->parse_xml($output); |
| | | |
| | | // trigger generic hook where plugins can put additional content to the page |
| | | $hook = $this->app->plugins->exec_hook("render_page", array('template' => $name, 'content' => $output)); |
| | | |
| | | // add debug console |
| | | if ($this->config['debug_level'] & 8) { |
| | | $this->add_footer('<div style="position:absolute;top:5px;left:5px;width:405px;padding:2px;background:white;opacity:0.8;filter:alpha(opacity=80);z-index:9000"> |
| | | $this->add_footer('<div id="console" style="position:absolute;top:5px;left:5px;width:405px;padding:2px;background:white;z-index:9000;"> |
| | | <a href="#toggle" onclick="con=document.getElementById(\'dbgconsole\');con.style.display=(con.style.display==\'none\'?\'block\':\'none\');return false">console</a> |
| | | <form action="/" name="debugform" style="display:inline"><textarea name="console" id="dbgconsole" rows="20" cols="40" wrap="off" style="display:none;width:400px;border:none;font-size:x-small" spellcheck="false"></textarea></form></div>' |
| | | ); |
| | | } |
| | | $output = $this->parse_with_globals($output); |
| | | |
| | | $output = $this->parse_with_globals($hook['content']); |
| | | $this->write(trim($output)); |
| | | if ($exit) { |
| | | exit; |
| | |
| | | */ |
| | | private function parse_with_globals($input) |
| | | { |
| | | $GLOBALS['__version'] = Q(RCMAIL_VERSION); |
| | | $GLOBALS['__comm_path'] = Q($this->app->comm_path); |
| | | return preg_replace('/\$(__[a-z0-9_\-]+)/e', '$GLOBALS["\\1"]', $input); |
| | | return preg_replace_callback('/\$(__[a-z0-9_\-]+)/', |
| | | array($this, 'globals_callback'), $input); |
| | | } |
| | | |
| | | /** |
| | | * Callback funtion for preg_replace_callback() in parse_with_globals() |
| | | */ |
| | | private function globals_callback($matches) |
| | | { |
| | | return $GLOBALS[$matches[1]]; |
| | | } |
| | | |
| | | /** |
| | |
| | | */ |
| | | private function check_condition($condition) |
| | | { |
| | | return eval("return (".$this->parse_expression($condition).");"); |
| | | return eval("return (".$this->parse_expression($condition).");"); |
| | | } |
| | | |
| | | |
| | | /** |
| | | * |
| | | */ |
| | | private function alter_form_tag($matches) |
| | | { |
| | | $out = $matches[0]; |
| | | $attrib = parse_attrib_string($matches[1]); |
| | | |
| | | if (strtolower($attrib['method']) == 'post') { |
| | | $hidden = new html_hiddenfield(array('name' => '_token', 'value' => $this->app->get_request_token())); |
| | | $out .= "\n" . $hidden->show(); |
| | | } |
| | | |
| | | return $out; |
| | | } |
| | | |
| | | |
| | |
| | | '/config:([a-z0-9_]+)(:([a-z0-9_]+))?/i', |
| | | '/env:([a-z0-9_]+)/i', |
| | | '/request:([a-z0-9_]+)/i', |
| | | '/cookie:([a-z0-9_]+)/i' |
| | | '/cookie:([a-z0-9_]+)/i', |
| | | '/browser:([a-z0-9_]+)/i' |
| | | ), |
| | | array( |
| | | "\$_SESSION['\\1']", |
| | | "\$this->app->config->get('\\1',get_boolean('\\3'))", |
| | | "\$this->env['\\1']", |
| | | "get_input_value('\\1', RCUBE_INPUT_GPC)", |
| | | "\$_COOKIE['\\1']" |
| | | "\$_COOKIE['\\1']", |
| | | "\$this->browser->{'\\1'}" |
| | | ), |
| | | $expression); |
| | | } |
| | |
| | | case 'cookie': |
| | | $value = htmlspecialchars($_COOKIE[$name]); |
| | | break; |
| | | case 'browser': |
| | | $value = $this->browser->{$name}; |
| | | break; |
| | | } |
| | | |
| | | if (is_array($value)) { |
| | |
| | | if ($attrib['alt']) { |
| | | $attrib['alt'] = Q(rcube_label($attrib['alt'], $attrib['domain'])); |
| | | } |
| | | |
| | | // set title to alt attribute for IE browsers |
| | | if ($this->browser->ie && $attrib['title'] && !$attrib['alt']) { |
| | | $attrib['alt'] = $attrib['title']; |
| | | unset($attrib['title']); |
| | | if ($this->browser->ie && !$attrib['title'] && $attrib['alt']) { |
| | | $attrib['title'] = $attrib['alt']; |
| | | } |
| | | |
| | | // add empty alt attribute for XHTML compatibility |
| | |
| | | $attrib['href'] = rcmail_url($attrib['command']); |
| | | } |
| | | else if ($attrib['command'] == 'permaurl' && !empty($this->env['permaurl'])) { |
| | | $attrib['href'] = $this->env['permaurl']; |
| | | $attrib['href'] = $this->env['permaurl']; |
| | | } |
| | | } |
| | | |
| | |
| | | $attrib['prop'] |
| | | ); |
| | | } |
| | | if ($command && $attrib['imageover']) { |
| | | $attrib['onmouseover'] = sprintf( |
| | | "return %s.button_over('%s','%s')", |
| | | JS_OBJECT_NAME, |
| | | $command, |
| | | $attrib['id'] |
| | | ); |
| | | $attrib['onmouseout'] = sprintf( |
| | | "return %s.button_out('%s','%s')", |
| | | JS_OBJECT_NAME, |
| | | $command, |
| | | $attrib['id'] |
| | | ); |
| | | } |
| | | |
| | | if ($command && $attrib['imagesel']) { |
| | | $attrib['onmousedown'] = sprintf( |
| | | "return %s.button_sel('%s','%s')", |
| | | JS_OBJECT_NAME, |
| | | $command, |
| | | $attrib['id'] |
| | | ); |
| | | $attrib['onmouseup'] = sprintf( |
| | | "return %s.button_out('%s','%s')", |
| | | JS_OBJECT_NAME, |
| | | $command, |
| | | $attrib['id'] |
| | | ); |
| | | } |
| | | |
| | | $out = ''; |
| | | |
| | |
| | | $attrib_str = html::attrib_string( |
| | | $attrib, |
| | | array( |
| | | 'style', 'class', 'id', 'width', |
| | | 'height', 'border', 'hspace', |
| | | 'vspace', 'align', 'alt', 'tabindex' |
| | | 'style', 'class', 'id', 'width', 'height', 'border', 'hspace', |
| | | 'vspace', 'align', 'alt', 'tabindex', 'title' |
| | | ) |
| | | ); |
| | | $btn_content = sprintf('<img src="%s"%s />', $this->abs_url($attrib['image']), $attrib_str); |
| | | if ($attrib['label']) { |
| | | $btn_content .= ' '.$attrib['label']; |
| | | } |
| | | $link_attrib = array('href', 'onclick', 'onmouseover', 'onmouseout', 'onmousedown', 'onmouseup', 'title', 'target'); |
| | | $link_attrib = array('href', 'onclick', 'onmouseover', 'onmouseout', 'onmousedown', 'onmouseup', 'target'); |
| | | } |
| | | else if ($attrib['type']=='link') { |
| | | $btn_content = $attrib['label'] ? $attrib['label'] : $attrib['command']; |
| | | $btn_content = isset($attrib['content']) ? $attrib['content'] : ($attrib['label'] ? $attrib['label'] : $attrib['command']); |
| | | $link_attrib = array('href', 'onclick', 'title', 'id', 'class', 'style', 'tabindex', 'target'); |
| | | } |
| | | else if ($attrib['type']=='input') { |
| | |
| | | $attrib_str = html::attrib_string( |
| | | $attrib, |
| | | array( |
| | | 'type', 'value', 'onclick', |
| | | 'id', 'class', 'style', 'tabindex' |
| | | 'type', 'value', 'onclick', 'id', 'class', 'style', 'tabindex' |
| | | ) |
| | | ); |
| | | $out = sprintf('<input%s disabled="disabled" />', $attrib_str); |
| | |
| | | */ |
| | | public function form_tag($attrib, $content = null) |
| | | { |
| | | if ($this->framed) { |
| | | if ($this->framed || !empty($_REQUEST['_framed'])) { |
| | | $hiddenfield = new html_hiddenfield(array('name' => '_framed', 'value' => '1')); |
| | | $hidden = $hiddenfield->show(); |
| | | } |
| | |
| | | |
| | | return html::tag('form', |
| | | $attrib + array('action' => "./", 'method' => "get"), |
| | | $hidden . $content); |
| | | $hidden . $content, |
| | | array('id','class','style','name','method','action','enctype','onsubmit')); |
| | | } |
| | | |
| | | |
| | | /** |
| | | * Build a form tag with a unique request token |
| | | * |
| | | * @param array Named tag parameters including 'action' and 'task' values which will be put into hidden fields |
| | | * @param string Form content |
| | | * @return string HTML code for the form |
| | | */ |
| | | public function request_form($attrib, $content = '') |
| | | { |
| | | $hidden = new html_hiddenfield(); |
| | | if ($attrib['task']) { |
| | | $hidden->add(array('name' => '_task', 'value' => $attrib['task'])); |
| | | } |
| | | if ($attrib['action']) { |
| | | $hidden->add(array('name' => '_action', 'value' => $attrib['action'])); |
| | | } |
| | | |
| | | unset($attrib['task'], $attrib['request']); |
| | | $attrib['action'] = './'; |
| | | |
| | | // we already have a <form> tag |
| | | if ($attrib['form']) |
| | | return $hidden->show() . $content; |
| | | else |
| | | return $this->form_tag($attrib, $hidden->show() . $content); |
| | | } |
| | | |
| | | |
| | |
| | | |
| | | // save original url |
| | | $url = get_input_value('_url', RCUBE_INPUT_POST); |
| | | if (empty($url) && !preg_match('/_action=logout/', $_SERVER['QUERY_STRING'])) |
| | | if (empty($url) && !preg_match('/_(task|action)=logout/', $_SERVER['QUERY_STRING'])) |
| | | $url = $_SERVER['QUERY_STRING']; |
| | | |
| | | $input_user = new html_inputfield(array('name' => '_user', 'id' => 'rcmloginuser', 'size' => 30) + $attrib); |
| | | $input_pass = new html_passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd', 'size' => 30) + $attrib); |
| | | $input_user = new html_inputfield(array('name' => '_user', 'id' => 'rcmloginuser') + $attrib); |
| | | $input_pass = new html_passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd') + $attrib); |
| | | $input_action = new html_hiddenfield(array('name' => '_action', 'value' => 'login')); |
| | | $input_tzone = new html_hiddenfield(array('name' => '_timezone', 'id' => 'rcmlogintz', 'value' => '_default_')); |
| | | $input_url = new html_hiddenfield(array('name' => '_url', 'id' => 'rcmloginurl', 'value' => $url)); |
| | |
| | | } |
| | | } |
| | | else if (empty($default_host)) { |
| | | $input_host = new html_inputfield(array('name' => '_host', 'id' => 'rcmloginhost', 'size' => 30)); |
| | | $input_host = new html_inputfield(array('name' => '_host', 'id' => 'rcmloginhost') + $attrib); |
| | | } |
| | | |
| | | $form_name = !empty($attrib['form']) ? $attrib['form'] : 'form'; |