From 4daaa09438bc05f9d5d6cf339cc0b60b511057e9 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Sun, 06 Oct 2013 09:02:25 -0400
Subject: [PATCH] Move PEAR libs from plugins into main Roundcube lib directory, list them as dependencies in INSTALL file (#1489182)
---
program/include/rcmail_output_html.php | 193 +++++++++++++++++++++++++----------------------
1 files changed, 102 insertions(+), 91 deletions(-)
diff --git a/program/include/rcmail_output_html.php b/program/include/rcmail_output_html.php
index 76342c2..7cab372 100644
--- a/program/include/rcmail_output_html.php
+++ b/program/include/rcmail_output_html.php
@@ -67,11 +67,12 @@
//$this->framed = $framed;
$this->set_env('task', $task);
$this->set_env('x_frame_options', $this->config->get('x_frame_options', 'sameorigin'));
+ $this->set_env('standard_windows', (bool) $this->config->get('standard_windows'));
// add cookie info
$this->set_env('cookie_domain', ini_get('session.cookie_domain'));
$this->set_env('cookie_path', ini_get('session.cookie_path'));
- $this->set_env('cookie_secure', ini_get('session.cookie_secure'));
+ $this->set_env('cookie_secure', filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN));
// load the correct skin (in case user-defined)
$skin = $this->config->get('skin');
@@ -80,6 +81,8 @@
if (!empty($_REQUEST['_extwin']))
$this->set_env('extwin', 1);
+ if ($this->framed || !empty($_REQUEST['_framed']))
+ $this->set_env('framed', 1);
// add common javascripts
$this->add_script('var '.self::JS_OBJECT_NAME.' = new rcube_webmail();', 'head_top');
@@ -103,7 +106,6 @@
));
}
-
/**
* Set environment variable
*
@@ -118,7 +120,6 @@
$this->js_env[$name] = $value;
}
}
-
/**
* Getter for the current page title
@@ -143,17 +144,17 @@
return $title;
}
-
/**
* Set skin
*/
public function set_skin($skin)
{
$valid = false;
+ $path = RCUBE_INSTALL_PATH . 'skins/';
- if (!empty($skin) && is_dir('skins/'.$skin) && is_readable('skins/'.$skin)) {
- $skin_path = 'skins/'.$skin;
- $valid = true;
+ if (!empty($skin) && is_dir($path . $skin) && is_readable($path . $skin)) {
+ $skin_path = 'skins/' . $skin;
+ $valid = true;
}
else {
$skin_path = $this->config->get('skin_path');
@@ -164,6 +165,7 @@
}
$this->config->set('skin_path', $skin_path);
+ $this->base_path = $skin_path;
// register skin path(s)
$this->skin_paths = array();
@@ -180,12 +182,15 @@
$this->skin_paths[] = $skin_path;
// read meta file and check for dependecies
- $meta = @json_decode(@file_get_contents($skin_path.'/meta.json'), true);
- if ($meta['extends'] && is_dir('skins/' . $meta['extends'])) {
- $this->load_skin('skins/' . $meta['extends']);
+ $meta = @file_get_contents(RCUBE_INSTALL_PATH . $skin_path . '/meta.json');
+ $meta = @json_decode($meta, true);
+ if ($meta['extends']) {
+ $path = RCUBE_INSTALL_PATH . 'skins/';
+ if (is_dir($path . $meta['extends']) && is_readable($path . $meta['extends'])) {
+ $this->load_skin('skins/' . $meta['extends']);
+ }
}
}
-
/**
* Check if a specific template exists
@@ -195,16 +200,17 @@
*/
public function template_exists($name)
{
- $found = false;
foreach ($this->skin_paths as $skin_path) {
- $filename = $skin_path . '/templates/' . $name . '.html';
- $found = (is_file($filename) && is_readable($filename)) || ($this->deprecated_templates[$name] && $this->template_exists($this->deprecated_templates[$name]));
- if ($found)
- break;
+ $filename = RCUBE_INSTALL_PATH . $skin_path . '/templates/' . $name . '.html';
+ if ((is_file($filename) && is_readable($filename))
+ || ($this->deprecated_templates[$name] && $this->template_exists($this->deprecated_templates[$name]))
+ ) {
+ return true;
+ }
}
- return $found;
- }
+ return false;
+ }
/**
* Find the given file in the current skin path stack
@@ -214,7 +220,7 @@
* @param string Additional path to search in
* @return mixed Relative path to the requested file or False if not found
*/
- public function get_skin_file($file, &$skin_path, $add_path = null)
+ public function get_skin_file($file, &$skin_path = null, $add_path = null)
{
$skin_paths = $this->skin_paths;
if ($add_path)
@@ -230,7 +236,6 @@
return false;
}
-
/**
* Register a GUI object to the client script
*
@@ -242,7 +247,6 @@
{
$this->add_script(self::JS_OBJECT_NAME.".gui_object('$obj', '$id');");
}
-
/**
* Call a client method
@@ -259,7 +263,6 @@
$this->js_commands[] = $cmd;
}
-
/**
* Add a localized label to the client environment
*/
@@ -273,7 +276,6 @@
$this->js_labels[$name] = $this->app->gettext($name);
}
}
-
/**
* Invoke display_message command
@@ -301,23 +303,27 @@
}
}
-
/**
* Delete all stored env variables and commands
+ *
+ * @param bool $all Reset all env variables (including internal)
*/
- public function reset()
+ public function reset($all = false)
{
+ $env = $all ? null : array_intersect_key($this->env, array('extwin'=>1, 'framed'=>1));
+
parent::reset();
- $this->js_env = array();
- $this->js_labels = array();
- $this->js_commands = array();
+
+ // let some env variables survive
+ $this->env = $this->js_env = $env;
+ $this->js_labels = array();
+ $this->js_commands = array();
$this->script_files = array();
$this->scripts = array();
$this->header = '';
$this->footer = '';
$this->body = '';
}
-
/**
* Redirect to a certain url
@@ -333,7 +339,6 @@
header('Location: ' . $location);
exit;
}
-
/**
* Send the request output to the client.
@@ -355,7 +360,7 @@
$this->parse($templ, false);
}
else {
- $this->framed = $templ == 'iframe' ? true : $this->framed;
+ $this->framed = true;
$this->write();
}
@@ -368,7 +373,6 @@
}
}
-
/**
* Process template and write to stdOut
*
@@ -379,7 +383,7 @@
// unlock interface after iframe load
$unlock = preg_replace('/[^a-z0-9]/i', '', $_REQUEST['_unlock']);
if ($this->framed) {
- array_unshift($this->js_commands, array('set_busy', false, null, $unlock));
+ array_unshift($this->js_commands, array('iframe_loaded', $unlock));
}
else if ($unlock) {
array_unshift($this->js_commands, array('hide_message', $unlock));
@@ -389,9 +393,11 @@
$this->set_env('request_token', $this->app->get_request_token());
// write all env variables to client
- $js = $this->framed ? "if(window.parent) {\n" : '';
- $js .= $this->get_js_commands() . ($this->framed ? ' }' : '');
- $this->add_script($js, 'head_top');
+ if ($commands = $this->get_js_commands()) {
+ $js = $this->framed ? "if (window.parent) {\n" : '';
+ $js .= $commands . ($this->framed ? ' }' : '');
+ $this->add_script($js, 'head_top');
+ }
// send clickjacking protection headers
$iframe = $this->framed || !empty($_REQUEST['_framed']);
@@ -401,7 +407,6 @@
// call super method
$this->_write($template, $this->config->get('skin_path'));
}
-
/**
* Parse a specific skin template and deliver to stdout (or return)
@@ -462,6 +467,7 @@
if (is_readable($path)) {
$this->config->set('skin_path', $skin_path);
$this->base_path = preg_replace('!plugins/\w+/!', '', $skin_path); // set base_path to core skin directory (not plugin's skin)
+ $skin_dir = preg_replace('!^plugins/!', '', $skin_path);
break;
}
else {
@@ -526,7 +532,6 @@
}
}
-
/**
* Return executable javascript code for all registered commands
*
@@ -558,7 +563,6 @@
return $out;
}
-
/**
* Make URLs starting with a slash point to skin directory
*
@@ -577,7 +581,6 @@
else
return $str;
}
-
/**
* Show error page and terminate script execution
@@ -613,7 +616,6 @@
array($this, 'globals_callback'), $input);
}
-
/**
* Callback funtion for preg_replace_callback() in parse_with_globals()
*/
@@ -621,7 +623,6 @@
{
return $GLOBALS[$matches[1]];
}
-
/**
* Correct absolute paths in images and other tags
@@ -634,7 +635,6 @@
array($this, 'file_callback'), $output);
}
-
/**
* Callback function for preg_replace_callback in write()
*
@@ -643,6 +643,7 @@
protected function file_callback($matches)
{
$file = $matches[3];
+ $file = preg_replace('!^/this/!', '/', $file);
// correct absolute paths
if ($file[0] == '/') {
@@ -659,13 +660,12 @@
return $matches[1] . '=' . $matches[2] . $file . $matches[4];
}
-
/**
* Public wrapper to dipp into template parsing.
*
* @param string $input
* @return string
- * @uses rcube_output_html::parse_xml()
+ * @uses rcmail_output_html::parse_xml()
* @since 0.1-rc1
*/
public function just_parse($input)
@@ -675,7 +675,6 @@
return $input;
}
-
/**
* Parse for conditional tags
@@ -714,20 +713,17 @@
return $input;
}
-
/**
* Determines if a given condition is met
*
- * @todo Get rid off eval() once I understand what this does.
* @todo Extend this to allow real conditions, not just "set"
* @param string Condition statement
* @return boolean True if condition is met, False if not
*/
protected function check_condition($condition)
{
- return eval("return (".$this->parse_expression($condition).");");
+ return $this->eval_expression($condition);
}
-
/**
* Inserts hidden field with CSRF-prevention-token into POST forms
@@ -745,16 +741,16 @@
return $out;
}
-
/**
- * Parses expression and replaces variables
+ * Parse & evaluate a given expression and return its result.
*
- * @param string Expression statement
- * @return string Expression value
+ * @param string Expression statement
+ *
+ * @return mixed Expression result
*/
- protected function parse_expression($expression)
+ protected function eval_expression ($expression)
{
- return preg_replace(
+ $expression = preg_replace(
array(
'/session:([a-z0-9_]+)/i',
'/config:([a-z0-9_]+)(:([a-z0-9_]+))?/i',
@@ -766,16 +762,30 @@
),
array(
"\$_SESSION['\\1']",
- "\$this->app->config->get('\\1',rcube_utils::get_boolean('\\3'))",
- "\$this->env['\\1']",
+ "\$app->config->get('\\1',rcube_utils::get_boolean('\\3'))",
+ "\$env['\\1']",
"rcube_utils::get_input_value('\\1', rcube_utils::INPUT_GPC)",
"\$_COOKIE['\\1']",
- "\$this->browser->{'\\1'}",
+ "\$browser->{'\\1'}",
$this->template_name,
),
- $expression);
- }
+ $expression
+ );
+ $fn = create_function('$app,$browser,$env', "return ($expression);");
+ if (!$fn) {
+ rcube::raise_error(array(
+ 'code' => 505,
+ 'type' => 'php',
+ 'file' => __FILE__,
+ 'line' => __LINE__,
+ 'message' => "Expression parse error on: ($expression)"), true, false);
+
+ return null;
+ }
+
+ return $fn($this->app, $this->browser, $this->env);
+ }
/**
* Search for special tags in input and replace them
@@ -790,7 +800,6 @@
{
return preg_replace_callback('/<roundcube:([-_a-z]+)\s+((?:[^>]|\\\\>)+)(?<!\\\\)>/Ui', array($this, 'xml_command'), $input);
}
-
/**
* Callback function for parsing an xml command tag
@@ -826,7 +835,7 @@
// show a label
case 'label':
if ($attrib['expression'])
- $attrib['name'] = eval("return " . $this->parse_expression($attrib['expression']) .";");
+ $attrib['name'] = $this->eval_expression($attrib['expression']);
if ($attrib['name'] || $attrib['command']) {
// @FIXME: 'noshow' is useless, remove?
@@ -860,6 +869,7 @@
// include a file
case 'include':
$old_base_path = $this->base_path;
+ if (!empty($attrib['skin_path'])) $attrib['skinpath'] = $attrib['skin_path'];
if ($path = $this->get_skin_file($attrib['file'], $skin_path, $attrib['skinpath'])) {
$this->base_path = preg_replace('!plugins/\w+/!', '', $skin_path); // set base_path to core skin directory (not plugin's skin)
$path = realpath($path);
@@ -914,8 +924,21 @@
}
else if ($object == 'logo') {
$attrib += array('alt' => $this->xml_command(array('', 'object', 'name="productname"')));
- if ($logo = $this->config->get('skin_logo'))
- $attrib['src'] = $logo;
+
+ if ($logo = $this->config->get('skin_logo')) {
+ if (is_array($logo)) {
+ if ($template_logo = $logo[$this->template_name]) {
+ $attrib['src'] = $template_logo;
+ }
+ elseif ($template_logo = $logo['*']) {
+ $attrib['src'] = $template_logo;
+ }
+ }
+ else {
+ $attrib['src'] = $logo;
+ }
+ }
+
$content = html::img($attrib);
}
else if ($object == 'productname') {
@@ -957,8 +980,7 @@
// return code for a specified eval expression
case 'exp':
- $value = $this->parse_expression($attrib['expression']);
- return eval("return html::quote($value);");
+ return html::quote($this->eval_expression($attrib['expression']));
// return variable
case 'var':
@@ -995,11 +1017,12 @@
}
return html::quote($value);
- break;
+
+ case 'form':
+ return $this->form_tag($attrib);
}
return '';
}
-
/**
* Include a specific file and return it's contents
@@ -1017,7 +1040,6 @@
return $out;
}
-
/**
* Create and register a button
*
@@ -1033,7 +1055,7 @@
// these commands can be called directly via url
$a_static_commands = array('compose', 'list', 'preferences', 'folders', 'identities');
- if (!($attrib['command'] || $attrib['name'])) {
+ if (!($attrib['command'] || $attrib['name'] || $attrib['href'])) {
return '';
}
@@ -1166,9 +1188,12 @@
$out = sprintf('<a%s>%s</a>', $attrib_str, $btn_content);
}
+ if ($attrib['wrapper']) {
+ $out = html::tag($attrib['wrapper'], null, $out);
+ }
+
return $out;
}
-
/**
* Link an external script file
@@ -1200,7 +1225,6 @@
$this->script_files[$position][] = $file;
}
-
/**
* Add inline javascript code
*
@@ -1217,7 +1241,6 @@
}
}
-
/**
* Link an external css file
*
@@ -1227,7 +1250,6 @@
{
$this->css_files[] = $file;
}
-
/**
* Add HTML code to the page header
@@ -1239,7 +1261,6 @@
$this->header .= "\n" . $str;
}
-
/**
* Add HTML code to the page footer
* To be added right befor </body>
@@ -1250,7 +1271,6 @@
{
$this->footer .= "\n" . $str;
}
-
/**
* Process template and write to stdOut
@@ -1376,7 +1396,6 @@
}
}
-
/**
* Returns iframe object, registers some related env variables
*
@@ -1407,7 +1426,6 @@
/* ************* common functions delivering gui objects ************** */
-
/**
* Create a form tag with the necessary hidden fields
*
@@ -1429,11 +1447,10 @@
$attrib['noclose'] = true;
return html::tag('form',
- $attrib + array('action' => "./", 'method' => "get"),
+ $attrib + array('action' => $this->app->comm_path, 'method' => "get"),
$hidden . $content,
array('id','class','style','name','method','action','enctype','onsubmit'));
}
-
/**
* Build a form tag with a unique request token
@@ -1464,7 +1481,6 @@
else
return $this->form_tag($attrib, $hidden->show() . $content);
}
-
/**
* GUI object 'username'
@@ -1497,7 +1513,6 @@
return rcube_utils::idn_to_utf8($username);
}
-
/**
* GUI object 'loginform'
* Returns code for the webmail login form
@@ -1529,9 +1544,9 @@
$input_action = new html_hiddenfield(array('name' => '_action', 'value' => 'login'));
$input_tzone = new html_hiddenfield(array('name' => '_timezone', 'id' => 'rcmlogintz', 'value' => '_default_'));
$input_url = new html_hiddenfield(array('name' => '_url', 'id' => 'rcmloginurl', 'value' => $url));
- $input_user = new html_inputfield(array('name' => '_user', 'id' => 'rcmloginuser')
+ $input_user = new html_inputfield(array('name' => '_user', 'id' => 'rcmloginuser', 'required' => 'required')
+ $attrib + $user_attrib);
- $input_pass = new html_passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd')
+ $input_pass = new html_passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd', 'required' => 'required')
+ $attrib + $pass_attrib);
$input_host = null;
@@ -1548,10 +1563,10 @@
}
}
}
- else if (is_array($default_host) && ($host = array_pop($default_host))) {
+ else if (is_array($default_host) && ($host = key($default_host)) !== null) {
$hide_host = true;
$input_host = new html_hiddenfield(array(
- 'name' => '_host', 'id' => 'rcmloginhost', 'value' => $host) + $attrib);
+ 'name' => '_host', 'id' => 'rcmloginhost', 'value' => is_numeric($host) ? $default_host[$host] : $host) + $attrib);
}
else if (empty($default_host)) {
$input_host = new html_inputfield(array('name' => '_host', 'id' => 'rcmloginhost')
@@ -1597,7 +1612,6 @@
return $out;
}
-
/**
* GUI object 'preloader'
* Loads javascript code for images preloading
@@ -1619,7 +1633,6 @@
img.src = images[i];
}', 'docready');
}
-
/**
* GUI object 'searchform'
@@ -1659,7 +1672,6 @@
return $out;
}
-
/**
* Builder for GUI object 'message'
*
@@ -1676,7 +1688,6 @@
return html::div($attrib, '');
}
-
/**
* GUI object 'charsetselector'
--
Gitblit v1.9.1