From 68ec43740a49be874d629f4d2e9be9787c3ae2ea Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 20 Nov 2012 10:03:51 -0500
Subject: [PATCH] Merged revisions 3670-3683 from 3.0.5 stable branch.
---
interface/lib/classes/listform.inc.php | 292 ++++++++++++++++++++++++++++++++++++++++++---------------
1 files changed, 213 insertions(+), 79 deletions(-)
diff --git a/interface/lib/classes/listform.inc.php b/interface/lib/classes/listform.inc.php
index d555400..e690a1c 100644
--- a/interface/lib/classes/listform.inc.php
+++ b/interface/lib/classes/listform.inc.php
@@ -28,14 +28,6 @@
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/**
-* Listenbehandlung
-*
-* @package listform
-* @author Till Brehm
-* @version 1.1
-*/
-
class listform {
private $debug = 0;
@@ -46,7 +38,7 @@
private $pagingValues;
private $searchChanged = 0;
private $module;
- private $dateformat = 'd.m.Y';
+ public $wordbook;
public function loadListDef($file, $module = '')
{
@@ -59,11 +51,21 @@
$this->module = $module;
//* Fill datasources
- foreach($this->listDef['item'] as $key => $field) {
- if(@is_array($field['datasource'])) {
- $this->listDef['item'][$key]['value'] = $this->getDatasourceData($field);
- }
+ if(@is_array($this->listDef['item'])) {
+ foreach($this->listDef['item'] as $key => $field) {
+ if(@is_array($field['datasource'])) {
+ $this->listDef['item'][$key]['value'] = $this->getDatasourceData($field);
+ }
+ }
}
+
+ //* Set local Language File
+ $lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_'.$this->listDef['name'].'_list.lng';
+ if(!file_exists($lng_file)) $lng_file = 'lib/lang/en_'.$this->listDef['name'].'_list.lng';
+ include($lng_file);
+
+ $this->wordbook = $wb;
+
return true;
}
@@ -91,6 +93,8 @@
//$querystring = str_replace("{RECORDID}",$record[$table_idx],$querystring);
$app->uses('tform');
$querystring = str_replace("{AUTHSQL}",$app->tform->getAuthSQL('r'),$querystring);
+ $querystring = str_replace("{AUTHSQL-A}",$app->tform->getAuthSQL('r','a'),$querystring);
+ $querystring = str_replace("{AUTHSQL-B}",$app->tform->getAuthSQL('r','b'),$querystring);
//* Getting the records
$tmp_records = $app->db->queryAllRecords($querystring);
@@ -114,7 +118,7 @@
$record = array();
$values = $app->$datasource_class->$datasource_function($field, $record);
} else {
- $this->errorMessage .= "Custom datasource class or function is empty<br>\r\n";
+ $this->errorMessage .= "Custom datasource class or function is empty<br />\r\n";
}
}
return $values;
@@ -122,66 +126,82 @@
public function getSearchSQL($sql_where = '')
{
- global $db;
+ global $app, $db;
//* Get config variable
$list_name = $this->listDef['name'];
$search_prefix = $this->listDef['search_prefix'];
+
+ if(isset($_REQUEST['Filter']) && !isset($_SESSION['search'][$list_name])) {
+ //* Jump back to page 1 of the list when a new search gets started.
+ $_SESSION['search'][$list_name]['page'] = 0;
+ }
//* store retrieval query
- foreach($this->listDef['item'] as $i) {
- $field = $i['field'];
+ if(@is_array($this->listDef['item'])) {
+ foreach($this->listDef['item'] as $i) {
+ $field = $i['field'];
- //*TODO: comment = hat sich die suche ge�ndert
- if(isset($_REQUEST[$search_prefix.$field]) && isset($_SESSION['search'][$list_name][$search_prefix.$field]) && $_REQUEST[$search_prefix.$field] != $_SESSION['search'][$list_name][$search_prefix.$field]){
- $this->searchChanged = 1;
- }
+ //* The search string has been changed
+ if(isset($_REQUEST[$search_prefix.$field]) && isset($_SESSION['search'][$list_name][$search_prefix.$field]) && $_REQUEST[$search_prefix.$field] != $_SESSION['search'][$list_name][$search_prefix.$field]){
+ $this->searchChanged = 1;
+
+ //* Jump back to page 1 of the list when search has changed.
+ $_SESSION['search'][$list_name]['page'] = 0;
+ }
- //* Store field in session
- if(isset($_REQUEST[$search_prefix.$field])){
- $_SESSION['search'][$list_name][$search_prefix.$field] = $_REQUEST[$search_prefix.$field];
- }
+ //* Store field in session
+ if(isset($_REQUEST[$search_prefix.$field]) && !stristr($_REQUEST[$search_prefix.$field],"'")){
+ $_SESSION['search'][$list_name][$search_prefix.$field] = $_REQUEST[$search_prefix.$field];
+ if(preg_match("/['\\\\]/", $_SESSION['search'][$list_name][$search_prefix.$field])) $_SESSION['search'][$list_name][$search_prefix.$field] = '';
+ }
- if(isset($i['formtype']) && $i['formtype'] == 'SELECT'){
- if(is_array($i['value'])) {
- $out = '<option value=""></option>';
- foreach($i['value'] as $k => $v) {
- // TODO: this could be more elegant
- $selected = (isset($_SESSION['search'][$list_name][$search_prefix.$field])
- && $k == $_SESSION['search'][$list_name][$search_prefix.$field]
- && $_SESSION['search'][$list_name][$search_prefix.$field] != '')
- ? ' SELECTED' : '';
- $out .= "<option value='$k'$selected>$v</option>\r\n";
+ if(isset($i['formtype']) && $i['formtype'] == 'SELECT'){
+ if(is_array($i['value'])) {
+ $out = '<option value=""></option>';
+ foreach($i['value'] as $k => $v) {
+ // TODO: this could be more elegant
+ $selected = (isset($_SESSION['search'][$list_name][$search_prefix.$field])
+ && $k == $_SESSION['search'][$list_name][$search_prefix.$field]
+ && $_SESSION['search'][$list_name][$search_prefix.$field] != '')
+ ? ' SELECTED' : '';
+ $out .= "<option value='$k'$selected>$v</option>\r\n";
+ }
+ }
+ $this->searchValues[$search_prefix.$field] = $out;
+ } else {
+ if(isset($_SESSION['search'][$list_name][$search_prefix.$field])){
+ $this->searchValues[$search_prefix.$field] = htmlspecialchars($_SESSION['search'][$list_name][$search_prefix.$field]);
}
}
- $this->searchValues[$search_prefix.$field] = $out;
- } else {
- if(isset($_SESSION['search'][$list_name][$search_prefix.$field])){
- $this->searchValues[$search_prefix.$field] = $_SESSION['search'][$list_name][$search_prefix.$field];
+ }
+ }
+ //* Store variables in object | $this->searchValues = $_SESSION["search"][$list_name];
+ if(@is_array($this->listDef['item'])) {
+ foreach($this->listDef['item'] as $i) {
+ $field = $i['field'];
+ // if($_REQUEST[$search_prefix.$field] != '') $sql_where .= " $field ".$i["op"]." '".$i["prefix"].$_REQUEST[$search_prefix.$field].$i["suffix"]."' and";
+ if(isset($_SESSION['search'][$list_name][$search_prefix.$field]) && $_SESSION['search'][$list_name][$search_prefix.$field] != ''){
+ $sql_where .= " $field ".$i['op']." '".$app->db->quote($i['prefix'].$_SESSION['search'][$list_name][$search_prefix.$field].$i['suffix'])."' and";
}
}
}
-
- //* Store variables in object | $this->searchValues = $_SESSION["search"][$list_name];
- foreach($this->listDef['item'] as $i) {
- $field = $i['field'];
- // if($_REQUEST[$search_prefix.$field] != '') $sql_where .= " $field ".$i["op"]." '".$i["prefix"].$_REQUEST[$search_prefix.$field].$i["suffix"]."' and";
- if(isset($_SESSION['search'][$list_name][$search_prefix.$field]) && $_SESSION['search'][$list_name][$search_prefix.$field] != ''){
- $sql_where .= " $field ".$i['op']." '".$i['prefix'].$_SESSION['search'][$list_name][$search_prefix.$field].$i['suffix']."' and";
- }
- }
-
return ( $sql_where != '' ) ? $sql_where = substr($sql_where,0,-3) : '1';
}
public function getPagingSQL($sql_where = '1')
{
global $app, $conf;
+
+ //* Add Global Limit from selectbox
+ if(!empty($_POST['search_limit']) AND $app->functions->intval($_POST['search_limit'])){
+ $_SESSION['search']['limit'] = $app->functions->intval($_POST['search_limit']);
+ }
//* Get Config variables
$list_name = $this->listDef['name'];
$search_prefix = $this->listDef['search_prefix'];
- $records_per_page = $this->listDef['records_per_page'];
+ $records_per_page = (empty($_SESSION['search']['limit']) ? $app->functions->intval($this->listDef['records_per_page']) : $app->functions->intval($_SESSION['search']['limit'])) ;
$table = $this->listDef['table'];
//* set PAGE to zero, if in session not set
@@ -190,14 +210,14 @@
}
//* set PAGE to worth request variable "PAGE" - ? setze page auf wert der request variablen "page"
- if(isset($_REQUEST["page"])) $_SESSION["search"][$list_name]["page"] = $_REQUEST["page"];
+ if(isset($_REQUEST["page"])) $_SESSION["search"][$list_name]["page"] = $app->functions->intval($_REQUEST["page"]);
//* PAGE to 0 set, if look for themselves ? page auf 0 setzen, wenn suche sich ge�ndert hat.
if($this->searchChanged == 1) $_SESSION['search'][$list_name]['page'] = 0;
- $sql_von = $_SESSION['search'][$list_name]['page'] * $records_per_page;
+ $sql_von = $app->functions->intval($_SESSION['search'][$list_name]['page'] * $records_per_page);
$record_count = $app->db->queryOneRecord("SELECT count(*) AS anzahl FROM $table WHERE $sql_where");
- $pages = intval(($record_count['anzahl'] - 1) / $records_per_page);
+ $pages = $app->functions->intval(($record_count['anzahl'] - 1) / $records_per_page);
$vars['list_file'] = $_SESSION['s']['module']['name'].'/'.$this->listDef['file'];
@@ -223,21 +243,65 @@
public function getPagingHTML($vars)
{
global $app;
- $content = '<a href="'."javascript:loadContent('".$vars['list_file'].'?page=0'.$vars['page_params']."');".'">'
- .'<img src="themes/grey/images/btn_left.png" border="0"></a> ';
+
+ // we want to show at max 17 page numbers (8 left, current, 8 right)
+ $show_pages_count = 17;
+
+ $show_pages = array(0); // first page
+ if($vars['pages'] > 0) $show_pages[] = $vars['pages']; // last page
+ for($p = $vars['page'] - 2; $p <= $vars['page'] + 2; $p++) { // surrounding pages
+ if($p > 0 && $p < $vars['pages']) $show_pages[] = $p;
+ }
+
+ $l_start = $vars['page'] - 13;
+ $l_start -= ($l_start % 10) + 1;
+ $h_end = $vars['page'] + 23;
+ $h_end -= ($h_end % 10) + 1;
+ for($p = $l_start; $p <= $h_end; $p += 10) { // surrounding pages
+ if($p > 0 && $p < $vars['pages'] && !in_array($p, $show_pages, true) && count($show_pages) < $show_pages_count) $show_pages[] = $p;
+ }
+
+ $l_start = $vars['page'] - 503;
+ $l_start -= ($l_start % 100) + 1;
+ $h_end = $vars['page'] + 603;
+ $h_end -= ($h_end % 100) + 1;
+ for($p = $l_start; $p <= $h_end; $p += 100) { // surrounding pages
+ if($p > 0 && $p < $vars['pages'] && !in_array($p, $show_pages, true) && count($show_pages) < $show_pages_count) $show_pages[] = $p;
+ }
+
+ $l_start = $vars['page'] - 203;
+ $l_start -= ($l_start % 25) + 1;
+ $h_end = $vars['page'] + 228;
+ $h_end -= ($h_end % 25) + 1;
+ for($p = $l_start; $p <= $h_end; $p += 25) { // surrounding pages
+ if($p > 0 && $p < $vars['pages'] && abs($p - $vars['page']) > 30 && !in_array($p, $show_pages, true) && count($show_pages) < $show_pages_count) $show_pages[] = $p;
+ }
+
+ sort($show_pages);
+ $show_pages = array_unique($show_pages);
+
//* Show Back
if(isset($vars['show_page_back']) && $vars['show_page_back'] == 1){
- $content .= '<a href="'."javascript:loadContent('".$vars['list_file'].'?page='.$vars['last_page'].$vars['page_params']."');".'">'
- .'<img src="themes/grey/images/btn_back.png" border="0"></a> ';
+ $content = '<a class="btn-page first-page" href="'."javascript:loadContent('".$vars['list_file'].'?page=0'.$vars['page_params']."');".'">'
+ .'<img src="themes/'.$_SESSION['s']['theme'].'/icons/x16/arrow_stop_180.png"></a> ';
+ $content .= '<a class="btn-page previous-page" href="'."javascript:loadContent('".$vars['list_file'].'?page='.$vars['last_page'].$vars['page_params']."');".'">'
+ .'<img src="themes/'.$_SESSION['s']['theme'].'/icons/x16/arrow_180.png"></a> ';
}
- $content .= ' '.$app->lng('Page').' '.$vars['next_page'].' '.$app->lng('of').' '.$vars['max_pages'].' ';
+ $content .= ' '.$this->lng('page_txt').' ';
+ $prev = -1;
+ foreach($show_pages as $p) {
+ if($prev != -1 && $p > $prev + 1) $content .= '<span class="page-spacer">...</span>';
+ $content .= '<a class="link-page' . ($p == $vars['page'] ? ' current-page' : '') . '" href="'."javascript:loadContent('".$vars['list_file'].'?page='.$p.$vars['page_params']."');".'">'. ($p+1) .'</a>';
+ $prev = $p;
+ }
+ //.$vars['next_page'].' '.$this->lng('page_of_txt').' '.$vars['max_pages'].' ';
//* Show Next
if(isset($vars['show_page_next']) && $vars['show_page_next'] == 1){
- $content .= '<a href="'."javascript:loadContent('".$vars['list_file'].'?page='.$vars['next_page'].$vars['page_params']."');".'">'
- .'<img src="themes/grey/images/btn_next.png" border="0"></a> ';
+ $content .= '<a class="btn-page next-page" href="'."javascript:loadContent('".$vars['list_file'].'?page='.$vars['next_page'].$vars['page_params']."');".'">'
+ .'<img src="themes/'.$_SESSION['s']['theme'].'/icons/x16/arrow.png"></a> ';
+ $content .= '<a class="btn-page last-page" href="'."javascript:loadContent('".$vars['list_file'].'?page='.$vars['pages'].$vars['page_params']."');".'">'
+ .'<img src="themes/'.$_SESSION['s']['theme'].'/icons/x16/arrow_stop.png"></a>';
}
- $content .= '<a href="'."javascript:loadContent('".$vars['list_file'].'?page='.$vars['pages'].$vars['page_params']."');".'">'
- .'<img src="themes/grey/images/btn_right.png" border="0"></a>';
return $content;
}
@@ -246,11 +310,11 @@
global $app;
$content = '[<a href="'.$vars['list_file'].'?page=0'.$vars['page_params'].'">|<< </a>]';
if($vars['show_page_back'] == 1){
- $content .= '[<< <a href="'.$vars['list_file'].'?page='.$vars['last_page'].$vars['page_params'].'">'.$app->lng('Back').'</a>] ';
+ $content .= '[<< <a href="'.$vars['list_file'].'?page='.$vars['last_page'].$vars['page_params'].'">'.$app->lng('page_back_txt').'</a>] ';
}
- $content .= ' '.$app->lng('Page').' '.$vars['next_page'].' '.$app->lng('of').' '.$vars['max_pages'].' ';
+ $content .= ' '.$this->lng('page_txt').' '.$vars['next_page'].' '.$this->lng('page_of_txt').' '.$vars['max_pages'].' ';
if($vars['show_page_next'] == 1){
- $content .= '[<a href="'.$vars['list_file'].'?page='.$vars['next_page'].$vars['page_params'].'">'.$app->lng('Next').' >></a>] ';
+ $content .= '[<a href="'.$vars['list_file'].'?page='.$vars['next_page'].$vars['page_params'].'">'.$app->lng('page_next_txt').' >></a>] ';
}
$content .= '[<a href="'.$vars['list_file'].'?page='.$vars['pages'].$vars['page_params'].'"> >>|</a>]';
return $content;
@@ -267,34 +331,68 @@
public function decode($record)
{
- if(is_array($record)) {
+ global $conf, $app;
+ if(is_array($record) && count($record) > 0 && is_array($this->listDef['item'])) {
foreach($this->listDef['item'] as $field){
$key = $field['field'];
+ //* Apply filter to record value.
+ if(isset($field['filters']) && is_array($field['filters'])) {
+ $app->uses('tform');
+ $record[$key] = $app->tform->filterField($key, (isset($record[$key]))?$record[$key]:'', $field['filters'], 'SHOW');
+ }
if(isset($record[$key])) {
switch ($field['datatype']){
case 'VARCHAR':
case 'TEXT':
- $record[$key] = stripslashes($record[$key]);
+ $record[$key] = htmlentities(stripslashes($record[$key]),ENT_QUOTES,$conf["html_content_encoding"]);
break;
- case 'DATE':
- $record[$key] = ($record[$key] > 0) ? date($this->dateformat,$record[$key]) : '';
+ case 'DATETSTAMP':
+ if ($record[$key] > 0) {
+ // is value int?
+ if (preg_match("/^[0-9]+[\.]?[0-9]*$/", $record[$key], $p)) {
+ $record[$key] = date($this->lng('conf_format_dateshort'), $record[$key]);
+ } else {
+ $record[$key] = date($this->lng('conf_format_dateshort'), strtotime($record[$key]));
+ }
+ }
+ break;
+ case 'DATE':
+ if ($record[$key] > 0) {
+ // is value int?
+ if (preg_match("/^[0-9]+[\.]?[0-9]*$/", $record[$key], $p)) {
+ $record[$key] = date($this->lng('conf_format_dateshort'), $record[$key]);
+ } else {
+ $record[$key] = date($this->lng('conf_format_dateshort'), strtotime($record[$key]));
+ }
+ }
+ break;
+
+ case 'DATETIME':
+ if ($record[$key] > 0) {
+ // is value int?
+ if (preg_match("/^[0-9]+[\.]?[0-9]*$/", $record[$key], $p)) {
+ $record[$key] = date($this->lng('conf_format_datetime'), $record[$key]);
+ } else {
+ $record[$key] = date($this->lng('conf_format_datetime'), strtotime($record[$key]));
+ }
+ }
break;
case 'INTEGER':
- $record[$key] = intval($record[$key]);
+ $record[$key] = $app->functions->intval($record[$key]);
break;
case 'DOUBLE':
- $record[$key] = $record[$key];
+ $record[$key] = htmlentities($record[$key],ENT_QUOTES,$conf["html_content_encoding"]);
break;
case 'CURRENCY':
- $record[$key] = number_format($record[$key], 2, ',', '');
+ $record[$key] = $app->functions->currency_format($record[$key]);
break;
default:
- $record[$key] = stripslashes($record[$key]);
+ $record[$key] = htmlentities(stripslashes($record[$key]),ENT_QUOTES,$conf["html_content_encoding"]);
}
}
}
@@ -304,6 +402,7 @@
public function encode($record)
{
+ global $app;
if(is_array($record)) {
foreach($this->listDef['item'] as $field){
$key = $field['field'];
@@ -312,25 +411,36 @@
case 'VARCHAR':
case 'TEXT':
if(!is_array($record[$key])) {
- $record[$key] = addslashes($record[$key]);
+ $record[$key] = $app->db->quote($record[$key]);
} else {
$record[$key] = implode($this->tableDef[$key]['separator'],$record[$key]);
}
break;
- case 'DATE':
+ case 'DATETSTAMP':
if($record[$key] > 0) {
- list($tag,$monat,$jahr) = explode('.',$record[$key]);
- $record[$key] = mktime(0,0,0,$monat,$tag,$jahr);
+ $record[$key] = date('Y-m-d',strtotime($record[$key]));
+ }
+ break;
+
+ case 'DATE':
+ if($record[$key] != '' && $record[$key] != '0000-00-00') {
+ $record[$key] = $record[$key];
+ }
+ break;
+
+ case 'DATETIME':
+ if($record[$key] > 0) {
+ $record[$key] = date('Y-m-d H:i:s',strtotime($record[$key]));
}
break;
case 'INTEGER':
- $record[$key] = intval($record[$key]);
+ $record[$key] = $app->functions->intval($record[$key]);
break;
case 'DOUBLE':
- $record[$key] = addslashes($record[$key]);
+ $record[$key] = $app->db->quote($record[$key]);
break;
case 'CURRENCY':
@@ -341,6 +451,30 @@
}
return $record;
}
+
+ function lng($msg) {
+ global $app;
+
+ if(isset($this->wordbook[$msg])) {
+ return $this->wordbook[$msg];
+ } else {
+ return $app->lng($msg);
+ }
+ }
+
+ function escapeArrayValues($search_values) {
+ global $conf;
+
+ $out = array();
+ if(is_array($search_values)) {
+ foreach($search_values as $key => $val) {
+ $out[$key] = htmlentities($val,ENT_QUOTES,$conf["html_content_encoding"]);
+ }
+ }
+
+ return $out;
+
+ }
}
--
Gitblit v1.9.1