From 5740c0670047da260cb91107068d7f7635faaca1 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Mon, 18 Jan 2010 13:21:45 -0500
Subject: [PATCH] - Use callback function instead of /e modifier in preg_replace()
---
program/include/rcube_template.php | 202 ++++++++++++++++++++++++++++++++++---------------
1 files changed, 139 insertions(+), 63 deletions(-)
diff --git a/program/include/rcube_template.php b/program/include/rcube_template.php
index b18f27c..fe0d747 100755
--- a/program/include/rcube_template.php
+++ b/program/include/rcube_template.php
@@ -34,6 +34,7 @@
var $config;
var $framed = false;
var $pagetitle = '';
+ var $message = null;
var $env = array();
var $js_env = array();
var $js_commands = array();
@@ -58,6 +59,7 @@
//$this->framed = $framed;
$this->set_env('task', $task);
+ $this->set_env('request_token', $this->app->get_request_token());
// load the correct skin (in case user-defined)
$this->set_skin($this->config['skin']);
@@ -71,7 +73,7 @@
$this->add_script($javascript, 'head_top');
$this->add_script($javascript_foot, 'foot');
$this->scripts_path = 'program/js/';
- $this->include_script('jquery.js');
+ $this->include_script('jquery-1.3.min.js');
$this->include_script('common.js');
$this->include_script('app.js');
@@ -200,7 +202,9 @@
*/
public function command()
{
- $this->js_commands[] = func_get_args();
+ $cmd = func_get_args();
+ if (strpos($cmd[0], 'plugin.') === false)
+ $this->js_commands[] = $cmd;
}
@@ -225,14 +229,18 @@
* @param string Message to display
* @param string Message type [notice|confirm|error]
* @param array Key-value pairs to be replaced in localized text
+ * @param boolean Override last set message
* @uses self::command()
*/
- public function show_message($message, $type='notice', $vars=NULL)
+ public function show_message($message, $type='notice', $vars=null, $override=true)
{
- $this->command(
- 'display_message',
- rcube_label(array('name' => $message, 'vars' => $vars)),
- $type);
+ if ($override || !$this->message) {
+ $this->message = $message;
+ $this->command(
+ 'display_message',
+ rcube_label(array('name' => $message, 'vars' => $vars)),
+ $type);
+ }
}
@@ -280,6 +288,11 @@
public function send($templ = null, $exit = true)
{
if ($templ != 'iframe') {
+ // prevent from endless loops
+ if ($exit != 'recur' && $this->app->plugins->is_processing('render_page')) {
+ raise_error(array('code' => 505, 'type' => 'php', 'message' => 'Recursion alert: ignoring output->send()'), true, false);
+ return;
+ }
$this->parse($templ, false);
}
else {
@@ -287,6 +300,10 @@
$this->write();
}
+ // set output asap
+ ob_flush();
+ flush();
+
if ($exit) {
exit;
}
@@ -309,6 +326,10 @@
$js = $this->framed ? "if(window.parent) {\n" : '';
$js .= $this->get_js_commands() . ($this->framed ? ' }' : '');
$this->add_script($js, 'head_top');
+
+ // make sure all <form> tags have a valid request token
+ $template = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $template);
+ $this->footer = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $this->footer);
// call super method
parent::write($template, $this->config['skin_path']);
@@ -327,6 +348,20 @@
private function parse($name = 'main', $exit = true)
{
$skin_path = $this->config['skin_path'];
+ $plugin = false;
+
+ $temp = explode(".", $name, 2);
+ if (count($temp) > 1) {
+ $plugin = $temp[0];
+ $name = $temp[1];
+ $skin_dir = $plugin . '/skins/' . $this->config['skin'];
+ $skin_path = $this->app->plugins->dir . $skin_dir;
+ if (!is_dir($skin_path)) { // fallback to default skin
+ $skin_dir = $plugin . '/skins/default';
+ $skin_path = $this->app->plugins->dir . $skin_dir;
+ }
+ }
+
$path = "$skin_path/templates/$name.html";
// read template file
@@ -340,20 +375,30 @@
), true, true);
return false;
}
+
+ // replace all path references to plugins/... with the configured plugins dir
+ // and /this/ to the current plugin skin directory
+ if ($plugin) {
+ $templ = preg_replace(array('/\bplugins\//', '/(["\']?)\/this\//'), array($this->app->plugins->url, '\\1'.$this->app->plugins->url.$skin_dir.'/'), $templ);
+ }
// parse for specialtags
$output = $this->parse_conditions($templ);
$output = $this->parse_xml($output);
+
+ // trigger generic hook where plugins can put additional content to the page
+ $hook = $this->app->plugins->exec_hook("render_page", array('template' => $name, 'content' => $output));
// add debug console
if ($this->config['debug_level'] & 8) {
- $this->add_footer('<div style="position:absolute;top:5px;left:5px;width:405px;padding:2px;background:white;opacity:0.8;filter:alpha(opacity=80);z-index:9000">
+ $this->add_footer('<div id="console" style="position:absolute;top:5px;left:5px;width:405px;padding:2px;background:white;z-index:9000;">
<a href="#toggle" onclick="con=document.getElementById(\'dbgconsole\');con.style.display=(con.style.display==\'none\'?\'block\':\'none\');return false">console</a>
<form action="/" name="debugform" style="display:inline"><textarea name="console" id="dbgconsole" rows="20" cols="40" wrap="off" style="display:none;width:400px;border:none;font-size:x-small" spellcheck="false"></textarea></form></div>'
);
}
- $output = $this->parse_with_globals($output);
- $this->write(trim($output), $skin_path);
+
+ $output = $this->parse_with_globals($hook['content']);
+ $this->write(trim($output));
if ($exit) {
exit;
}
@@ -408,8 +453,18 @@
*/
private function parse_with_globals($input)
{
+ $GLOBALS['__version'] = Q(RCMAIL_VERSION);
$GLOBALS['__comm_path'] = Q($this->app->comm_path);
- return preg_replace('/\$(__[a-z0-9_\-]+)/e', '$GLOBALS["\\1"]', $input);
+ return preg_replace_callback('/\$(__[a-z0-9_\-]+)/',
+ array($this, 'globals_callback'), $input);
+ }
+
+ /**
+ * Callback funtion for preg_replace_callback() in parse_with_globals()
+ */
+ private function globals_callback($matches)
+ {
+ return $GLOBALS[$matches[1]];
}
/**
@@ -473,7 +528,24 @@
*/
private function check_condition($condition)
{
- return eval("return (".$this->parse_expression($condition).");");
+ return eval("return (".$this->parse_expression($condition).");");
+ }
+
+
+ /**
+ *
+ */
+ private function alter_form_tag($matches)
+ {
+ $out = $matches[0];
+ $attrib = parse_attrib_string($matches[1]);
+
+ if (strtolower($attrib['method']) == 'post') {
+ $hidden = new html_hiddenfield(array('name' => '_token', 'value' => $this->app->get_request_token()));
+ $out .= "\n" . $hidden->show();
+ }
+
+ return $out;
}
@@ -491,14 +563,16 @@
'/config:([a-z0-9_]+)(:([a-z0-9_]+))?/i',
'/env:([a-z0-9_]+)/i',
'/request:([a-z0-9_]+)/i',
- '/cookie:([a-z0-9_]+)/i'
+ '/cookie:([a-z0-9_]+)/i',
+ '/browser:([a-z0-9_]+)/i'
),
array(
"\$_SESSION['\\1']",
"\$this->app->config->get('\\1',get_boolean('\\3'))",
"\$this->env['\\1']",
"get_input_value('\\1', RCUBE_INPUT_GPC)",
- "\$_COOKIE['\\1']"
+ "\$_COOKIE['\\1']",
+ "\$this->browser->{'\\1'}"
),
$expression);
}
@@ -562,6 +636,7 @@
else {
$incl = file_get_contents($path);
}
+ $incl = $this->parse_conditions($incl);
return $this->parse_xml($incl);
}
break;
@@ -651,6 +726,9 @@
case 'cookie':
$value = htmlspecialchars($_COOKIE[$name]);
break;
+ case 'browser':
+ $value = $this->browser->{$name};
+ break;
}
if (is_array($value)) {
@@ -732,18 +810,18 @@
}
// get localized text for labels and titles
if ($attrib['title']) {
- $attrib['title'] = Q(rcube_label($attrib['title']));
+ $attrib['title'] = Q(rcube_label($attrib['title'], $attrib['domain']));
}
if ($attrib['label']) {
- $attrib['label'] = Q(rcube_label($attrib['label']));
+ $attrib['label'] = Q(rcube_label($attrib['label'], $attrib['domain']));
}
if ($attrib['alt']) {
- $attrib['alt'] = Q(rcube_label($attrib['alt']));
+ $attrib['alt'] = Q(rcube_label($attrib['alt'], $attrib['domain']));
}
+
// set title to alt attribute for IE browsers
- if ($this->browser->ie && $attrib['title'] && !$attrib['alt']) {
- $attrib['alt'] = $attrib['title'];
- unset($attrib['title']);
+ if ($this->browser->ie && !$attrib['title'] && $attrib['alt']) {
+ $attrib['title'] = $attrib['alt'];
}
// add empty alt attribute for XHTML compatibility
@@ -772,7 +850,7 @@
$attrib['href'] = rcmail_url($attrib['command']);
}
else if ($attrib['command'] == 'permaurl' && !empty($this->env['permaurl'])) {
- $attrib['href'] = $this->env['permaurl'];
+ $attrib['href'] = $this->env['permaurl'];
}
}
@@ -788,35 +866,6 @@
$attrib['prop']
);
}
- if ($command && $attrib['imageover']) {
- $attrib['onmouseover'] = sprintf(
- "return %s.button_over('%s','%s')",
- JS_OBJECT_NAME,
- $command,
- $attrib['id']
- );
- $attrib['onmouseout'] = sprintf(
- "return %s.button_out('%s','%s')",
- JS_OBJECT_NAME,
- $command,
- $attrib['id']
- );
- }
-
- if ($command && $attrib['imagesel']) {
- $attrib['onmousedown'] = sprintf(
- "return %s.button_sel('%s','%s')",
- JS_OBJECT_NAME,
- $command,
- $attrib['id']
- );
- $attrib['onmouseup'] = sprintf(
- "return %s.button_out('%s','%s')",
- JS_OBJECT_NAME,
- $command,
- $attrib['id']
- );
- }
$out = '';
@@ -825,19 +874,18 @@
$attrib_str = html::attrib_string(
$attrib,
array(
- 'style', 'class', 'id', 'width',
- 'height', 'border', 'hspace',
- 'vspace', 'align', 'alt', 'tabindex'
+ 'style', 'class', 'id', 'width', 'height', 'border', 'hspace',
+ 'vspace', 'align', 'alt', 'tabindex', 'title'
)
);
$btn_content = sprintf('<img src="%s"%s />', $this->abs_url($attrib['image']), $attrib_str);
if ($attrib['label']) {
$btn_content .= ' '.$attrib['label'];
}
- $link_attrib = array('href', 'onclick', 'onmouseover', 'onmouseout', 'onmousedown', 'onmouseup', 'title', 'target');
+ $link_attrib = array('href', 'onclick', 'onmouseover', 'onmouseout', 'onmousedown', 'onmouseup', 'target');
}
else if ($attrib['type']=='link') {
- $btn_content = $attrib['label'] ? $attrib['label'] : $attrib['command'];
+ $btn_content = isset($attrib['content']) ? $attrib['content'] : ($attrib['label'] ? $attrib['label'] : $attrib['command']);
$link_attrib = array('href', 'onclick', 'title', 'id', 'class', 'style', 'tabindex', 'target');
}
else if ($attrib['type']=='input') {
@@ -850,8 +898,7 @@
$attrib_str = html::attrib_string(
$attrib,
array(
- 'type', 'value', 'onclick',
- 'id', 'class', 'style', 'tabindex'
+ 'type', 'value', 'onclick', 'id', 'class', 'style', 'tabindex'
)
);
$out = sprintf('<input%s disabled="disabled" />', $attrib_str);
@@ -878,7 +925,7 @@
*/
public function form_tag($attrib, $content = null)
{
- if ($this->framed) {
+ if ($this->framed || !empty($_REQUEST['_framed'])) {
$hiddenfield = new html_hiddenfield(array('name' => '_framed', 'value' => '1'));
$hidden = $hiddenfield->show();
}
@@ -888,7 +935,36 @@
return html::tag('form',
$attrib + array('action' => "./", 'method' => "get"),
- $hidden . $content);
+ $hidden . $content,
+ array('id','class','style','name','method','action','enctype','onsubmit'));
+ }
+
+
+ /**
+ * Build a form tag with a unique request token
+ *
+ * @param array Named tag parameters including 'action' and 'task' values which will be put into hidden fields
+ * @param string Form content
+ * @return string HTML code for the form
+ */
+ public function request_form($attrib, $content = '')
+ {
+ $hidden = new html_hiddenfield();
+ if ($attrib['task']) {
+ $hidden->add(array('name' => '_task', 'value' => $attrib['task']));
+ }
+ if ($attrib['action']) {
+ $hidden->add(array('name' => '_action', 'value' => $attrib['action']));
+ }
+
+ unset($attrib['task'], $attrib['request']);
+ $attrib['action'] = './';
+
+ // we already have a <form> tag
+ if ($attrib['form'])
+ return $hidden->show() . $content;
+ else
+ return $this->form_tag($attrib, $hidden->show() . $content);
}
@@ -935,11 +1011,11 @@
// save original url
$url = get_input_value('_url', RCUBE_INPUT_POST);
- if (empty($url) && !preg_match('/_action=logout/', $_SERVER['QUERY_STRING']))
+ if (empty($url) && !preg_match('/_(task|action)=logout/', $_SERVER['QUERY_STRING']))
$url = $_SERVER['QUERY_STRING'];
- $input_user = new html_inputfield(array('name' => '_user', 'id' => 'rcmloginuser', 'size' => 30) + $attrib);
- $input_pass = new html_passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd', 'size' => 30) + $attrib);
+ $input_user = new html_inputfield(array('name' => '_user', 'id' => 'rcmloginuser') + $attrib);
+ $input_pass = new html_passwordfield(array('name' => '_pass', 'id' => 'rcmloginpwd') + $attrib);
$input_action = new html_hiddenfield(array('name' => '_action', 'value' => 'login'));
$input_tzone = new html_hiddenfield(array('name' => '_timezone', 'id' => 'rcmlogintz', 'value' => '_default_'));
$input_url = new html_hiddenfield(array('name' => '_url', 'id' => 'rcmloginurl', 'value' => $url));
@@ -959,7 +1035,7 @@
}
}
else if (empty($default_host)) {
- $input_host = new html_inputfield(array('name' => '_host', 'id' => 'rcmloginhost', 'size' => 30));
+ $input_host = new html_inputfield(array('name' => '_host', 'id' => 'rcmloginhost') + $attrib);
}
$form_name = !empty($attrib['form']) ? $attrib['form'] : 'form';
--
Gitblit v1.9.1