mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-26 16:48:49 +01:00
$GLOBALS['phpgw*'] and applied a patch from juergen@henge-ernst.de to close a security-hole (faked POST-request for edit-form)
This commit is contained in:
parent
7a151f621c
commit
14bfb1423e
@ -28,8 +28,6 @@
|
|||||||
|
|
||||||
function uiinfolog( )
|
function uiinfolog( )
|
||||||
{
|
{
|
||||||
global $phpgw;
|
|
||||||
|
|
||||||
$this->bo = CreateObject('infolog.boinfolog');
|
$this->bo = CreateObject('infolog.boinfolog');
|
||||||
|
|
||||||
$this->icons = array(
|
$this->icons = array(
|
||||||
@ -69,11 +67,11 @@
|
|||||||
|
|
||||||
$this->html = CreateObject('infolog.html');
|
$this->html = CreateObject('infolog.html');
|
||||||
$this->template = CreateObject('phpgwapi.Template',
|
$this->template = CreateObject('phpgwapi.Template',
|
||||||
$phpgw->common->get_tpl_dir('infolog'));
|
$GLOBALS['phpgw']->common->get_tpl_dir('infolog'));
|
||||||
$this->categories = CreateObject('phpgwapi.categories');
|
$this->categories = CreateObject('phpgwapi.categories');
|
||||||
$this->nextmatchs = CreateObject('phpgwapi.nextmatchs');
|
$this->nextmatchs = CreateObject('phpgwapi.nextmatchs');
|
||||||
}
|
}
|
||||||
|
|
||||||
function menuaction($action = 'get_list',$app='infolog')
|
function menuaction($action = 'get_list',$app='infolog')
|
||||||
{
|
{
|
||||||
return array( 'menuaction' => "$app.ui$app.$action" );
|
return array( 'menuaction' => "$app.ui$app.$action" );
|
||||||
@ -81,23 +79,13 @@
|
|||||||
|
|
||||||
function icon($cat,$id,$status='')
|
function icon($cat,$id,$status='')
|
||||||
{
|
{
|
||||||
global $phpgw,$DOCUMENT_ROOT;
|
if (!$status || !($icon = $this->icons[$cat][$id.'_'.$status]))
|
||||||
|
{
|
||||||
if (!$status || !($icon = $this->icons[$cat][$id.'_'.$status])) {
|
|
||||||
$icon = $this->icons[$cat][$id];
|
$icon = $this->icons[$cat][$id];
|
||||||
}
|
}
|
||||||
if ($icon)
|
if ($icon && !is_readable($GLOBALS['phpgw']->common->get_image_dir() . '/' . $icon))
|
||||||
{
|
{
|
||||||
$fname = $phpgw->common->get_image_dir() . '/' . $icon;
|
$icon = False;
|
||||||
|
|
||||||
if (!is_readable($fname))
|
|
||||||
{
|
|
||||||
$icon = False; // echo "<br>Can't read '$fname' !!!";
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
$icon = $phpgw->common->get_image_path() . '/' . $icon;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
if (!$status || !($alt = $this->icons[$cat][$id.'_'.$status.'_alt']))
|
if (!$status || !($alt = $this->icons[$cat][$id.'_'.$status.'_alt']))
|
||||||
{
|
{
|
||||||
@ -106,40 +94,35 @@
|
|||||||
$alt = $id;
|
$alt = $id;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return ($icon ? "<img src='$icon' alt='" : '') . lang($alt) .
|
return $icon ? $this->html->image('infolog',$icon,lang($alt),'border=0') : lang($alt);
|
||||||
($icon ? '\' border=0>' : '');
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function setStyleSheet( )
|
function setStyleSheet( )
|
||||||
{
|
{
|
||||||
global $phpgw;
|
|
||||||
|
|
||||||
return array (
|
return array (
|
||||||
'info_css' => '<link rel="stylesheet" type="text/css" href="'.
|
'info_css' => '<link rel="stylesheet" type="text/css" href="'.
|
||||||
str_replace( '/images','',
|
str_replace( '/images','',
|
||||||
$phpgw->common->get_image_path()).'/info.css">'
|
$GLOBALS['phpgw']->common->get_image_path()).'/info.css">'
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* $info: info_id or array with one row form info-db
|
* $info: info_id or array with one row form info-db
|
||||||
* no Proj.Info if proj_id == p_id / no Addr.Info if addr_id == a_id
|
* no Proj.Info if proj_id == p_id / no Addr.Info if addr_id == a_id
|
||||||
*/
|
*/
|
||||||
function formatInfo($info=0,$p_id=0,$a_id=0)
|
function formatInfo($info=0,$p_id=0,$a_id=0)
|
||||||
{
|
{
|
||||||
global $phpgw,$phpgw_info;
|
|
||||||
|
|
||||||
if (!is_array($info) && (!$info ||
|
if (!is_array($info) && (!$info ||
|
||||||
!is_array($info=$this->bo->read($info))))
|
!is_array($info=$this->bo->read($info))))
|
||||||
{
|
{
|
||||||
$info = $this->bo->so->data;
|
$info = $this->bo->so->data;
|
||||||
}
|
}
|
||||||
$done = $info['info_status'] == 'done' ||
|
$done = $info['info_status'] == 'done' ||
|
||||||
$info['info_status'] == 'billed';
|
$info['info_status'] == 'billed';
|
||||||
|
|
||||||
$css_class = $info['info_pri'].($done ? '_done' : '');
|
$css_class = $info['info_pri'].($done ? '_done' : '');
|
||||||
$subject = "<span class=$css_class>";
|
$subject = "<span class=$css_class>";
|
||||||
|
|
||||||
if ($p_id != ($proj_id = $info['info_proj_id']) &&
|
if ($p_id != ($proj_id = $info['info_proj_id']) &&
|
||||||
$proj = $this->bo->readProj($proj_id))
|
$proj = $this->bo->readProj($proj_id))
|
||||||
{
|
{
|
||||||
@ -185,10 +168,10 @@
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
$enddate = $phpgw->common->show_date($info['info_enddate'],
|
$enddate = $GLOBALS['phpgw']->common->show_date($info['info_enddate'],
|
||||||
$phpgw_info['user']['preferences']['common']['dateformat']);
|
$GLOBALS['phpgw_info']['user']['preferences']['common']['dateformat']);
|
||||||
|
|
||||||
if (!$done && $info['info_enddate'] < time()+(60*60)*$phpgw_info['user']['preferences']['common']['tz_offset'])
|
if (!$done && $info['info_enddate'] < time()+(60*60)*$GLOBALS['phpgw_info']['user']['preferences']['common']['tz_offset'])
|
||||||
{
|
{
|
||||||
$enddate = "<span class=overdue>$enddate</span>";
|
$enddate = "<span class=overdue>$enddate</span>";
|
||||||
}
|
}
|
||||||
@ -200,8 +183,8 @@
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
$responsible = $this->bo->accountInfo($responsible);
|
$responsible = $this->bo->accountInfo($responsible);
|
||||||
}
|
}
|
||||||
$owner = $this->bo->accountInfo($info['info_owner']);
|
$owner = $this->bo->accountInfo($info['info_owner']);
|
||||||
if ($info['info_access'] == 'private')
|
if ($info['info_access'] == 'private')
|
||||||
{
|
{
|
||||||
@ -213,22 +196,20 @@
|
|||||||
'pri' => lang($info['info_pri']),
|
'pri' => lang($info['info_pri']),
|
||||||
'subject' => $subject,
|
'subject' => $subject,
|
||||||
'des' => nl2br($info['info_des']),
|
'des' => nl2br($info['info_des']),
|
||||||
'startdate' => $phpgw->common->show_date($info['info_startdate'],
|
'startdate' => $GLOBALS['phpgw']->common->show_date($info['info_startdate'],
|
||||||
$phpgw_info['user']['preferences']['common']['dateformat']),
|
$GLOBALS['phpgw_info']['user']['preferences']['common']['dateformat']),
|
||||||
'enddate' => $enddate,
|
'enddate' => $enddate,
|
||||||
'owner' => $owner,
|
'owner' => $owner,
|
||||||
'datecreated' => $phpgw->common->show_date($info['info_datecreated'],
|
'datecreated' => $GLOBALS['phpgw']->common->show_date($info['info_datecreated'],
|
||||||
$phpgw_info['user']['preferences']['common']['dateformat']),
|
$GLOBALS['phpgw_info']['user']['preferences']['common']['dateformat']),
|
||||||
'responsible' => $responsible
|
'responsible' => $responsible
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
function infoHeaders( $do_sort_header=0,$sort=0,$order=0,$cat_id=0)
|
function infoHeaders( $do_sort_header=0,$sort=0,$order=0,$cat_id=0)
|
||||||
{
|
{
|
||||||
global $phpgw,$phpgw_info;
|
$headers['th_bg'] = $GLOBALS['phpgw_info']['theme']['th_bg'];
|
||||||
|
|
||||||
$headers['th_bg'] = $phpgw_info['theme']['th_bg'];
|
|
||||||
|
|
||||||
$fields = array(
|
$fields = array(
|
||||||
'type' => 'Type',
|
'type' => 'Type',
|
||||||
'status' => 'Status',
|
'status' => 'Status',
|
||||||
@ -245,17 +226,17 @@
|
|||||||
$lang = lang($lang);
|
$lang = lang($lang);
|
||||||
$headers['lang_'.$f] = $do_sort_header ? $this->nextmatchs->show_sort_order($sort,'info_'.$f,$order,'/index.php',$lang,"&cat_id=$cat_id") : $lang;
|
$headers['lang_'.$f] = $do_sort_header ? $this->nextmatchs->show_sort_order($sort,'info_'.$f,$order,'/index.php',$lang,"&cat_id=$cat_id") : $lang;
|
||||||
}
|
}
|
||||||
return $headers;
|
return $headers;
|
||||||
}
|
}
|
||||||
|
|
||||||
function get_referer( )
|
function get_referer( )
|
||||||
{
|
{
|
||||||
global $phpgw_info,$HTTP_REFERER,$referer;
|
global $HTTP_REFERER,$referer;
|
||||||
|
|
||||||
if (!$referer)
|
if (!$referer)
|
||||||
$referer = $HTTP_REFERER;
|
$referer = $HTTP_REFERER;
|
||||||
|
|
||||||
$url = parse_url(str_replace($phpgw_info['server']['webserver_url'],'',
|
$url = parse_url(str_replace($GLOBALS['phpgw_info']['server']['webserver_url'],'',
|
||||||
$referer));
|
$referer));
|
||||||
$referer = $url['path'];
|
$referer = $url['path'];
|
||||||
|
|
||||||
@ -268,12 +249,11 @@
|
|||||||
|
|
||||||
function get_list($for_include=0)
|
function get_list($for_include=0)
|
||||||
{
|
{
|
||||||
global $phpgw,$phpgw_info;
|
|
||||||
global $cat_filter,$cat_id,$sort,$order,$query,$start,$filter;
|
global $cat_filter,$cat_id,$sort,$order,$query,$start,$filter;
|
||||||
global $action,$addr_id,$proj_id,$info_id;
|
global $action,$addr_id,$proj_id,$info_id;
|
||||||
|
|
||||||
if (!$for_include) {
|
if (!$for_include) {
|
||||||
$phpgw->common->phpgw_header();
|
$GLOBALS['phpgw']->common->phpgw_header();
|
||||||
echo parse_navbar();
|
echo parse_navbar();
|
||||||
}
|
}
|
||||||
$t = $this->template; $html = $this->html;
|
$t = $this->template; $html = $this->html;
|
||||||
@ -285,7 +265,7 @@
|
|||||||
|
|
||||||
if (!$filter)
|
if (!$filter)
|
||||||
{
|
{
|
||||||
$filter = $phpgw_info['user']['preferences']['infolog']['defaultFilter'];
|
$filter = $GLOBALS['phpgw_info']['user']['preferences']['infolog']['defaultFilter'];
|
||||||
}
|
}
|
||||||
|
|
||||||
$hidden_vars = array(
|
$hidden_vars = array(
|
||||||
@ -359,7 +339,7 @@
|
|||||||
$action,$addr_id,$proj_id,$info_id,
|
$action,$addr_id,$proj_id,$info_id,
|
||||||
$ordermethod,$start,$total);
|
$ordermethod,$start,$total);
|
||||||
|
|
||||||
$maxmatchs = $phpgw_info['user']['preferences']['common']['maxmatchs'];
|
$maxmatchs = $GLOBALS['phpgw_info']['user']['preferences']['common']['maxmatchs'];
|
||||||
if ($total > $maxmatchs)
|
if ($total > $maxmatchs)
|
||||||
{
|
{
|
||||||
$to = $start + $maxmatchs;
|
$to = $start + $maxmatchs;
|
||||||
@ -412,7 +392,7 @@
|
|||||||
$filters[] = array( $f,$lang );
|
$filters[] = array( $f,$lang );
|
||||||
}
|
}
|
||||||
$next_matchs = $this->nextmatchs->show_tpl('/index.php',$start,
|
$next_matchs = $this->nextmatchs->show_tpl('/index.php',$start,
|
||||||
$total,'&'.$q_string,'95%',$phpgw_info['theme']['th_bg'],
|
$total,'&'.$q_string,'95%',$GLOBALS['phpgw_info']['theme']['th_bg'],
|
||||||
0,$filters,1,0,$cat_id,'cat_id');
|
0,$filters,1,0,$cat_id,'cat_id');
|
||||||
|
|
||||||
$t->set_var('next_matchs',$next_matchs);
|
$t->set_var('next_matchs',$next_matchs);
|
||||||
@ -476,7 +456,7 @@
|
|||||||
$this->menuaction('edit')+
|
$this->menuaction('edit')+
|
||||||
array('info_id' => $id,'filter' => $filter,
|
array('info_id' => $id,'filter' => $filter,
|
||||||
'action' => 'sp')));
|
'action' => 'sp')));
|
||||||
}
|
}
|
||||||
} // if parent --> display VIEW SUBS of Parent
|
} // if parent --> display VIEW SUBS of Parent
|
||||||
if ($parent && $action != 'sp')
|
if ($parent && $action != 'sp')
|
||||||
{
|
{
|
||||||
@ -486,7 +466,7 @@
|
|||||||
array('info_id' => $parent,
|
array('info_id' => $parent,
|
||||||
'filter' => $filter,'action' => 'sp')));
|
'filter' => $filter,'action' => 'sp')));
|
||||||
}
|
}
|
||||||
|
|
||||||
$t->parse('list','info_list',True);
|
$t->parse('list','info_list',True);
|
||||||
// -------------- end record declaration ------------------------
|
// -------------- end record declaration ------------------------
|
||||||
}
|
}
|
||||||
@ -507,7 +487,6 @@
|
|||||||
|
|
||||||
function edit( )
|
function edit( )
|
||||||
{
|
{
|
||||||
global $phpgw,$phpgw_info;
|
|
||||||
global $cat_id,$sort,$order,$query,$start,$filter;
|
global $cat_id,$sort,$order,$query,$start,$filter;
|
||||||
global $action,$info_id,$save,$add,$query_addr,$query_project;
|
global $action,$info_id,$save,$add,$query_addr,$query_project;
|
||||||
// formular fields
|
// formular fields
|
||||||
@ -526,7 +505,7 @@
|
|||||||
|
|
||||||
if ((!isset($info_id) || !$info_id) && !$action)
|
if ((!isset($info_id) || !$info_id) && !$action)
|
||||||
{
|
{
|
||||||
Header('Location: ' .
|
Header('Location: ' .
|
||||||
$html->link('/index.php',$hidden_vars+$this->menuaction()));
|
$html->link('/index.php',$hidden_vars+$this->menuaction()));
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -554,7 +533,7 @@
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
if (isset($sday)) $startdate = 0;
|
if (isset($sday)) $startdate = 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check ending date
|
// Check ending date
|
||||||
@ -604,26 +583,38 @@
|
|||||||
|
|
||||||
if (! is_array($error))
|
if (! is_array($error))
|
||||||
{
|
{
|
||||||
$this->bo->write(array(
|
/*
|
||||||
'type' => $type,
|
** if an info_id exists, check if this user hast the rights to edit
|
||||||
'from' => $from,
|
** this entry (should prevent faking the info_id in a post request)
|
||||||
'addr' => $addr,
|
** or if is a new sub check if he has rights to add a sub
|
||||||
'addr_id' => $id_addr,
|
*/
|
||||||
'proj_id' => $id_project,
|
if ($info_id && !$this->bo->check_access($info_id,PHPGW_ACL_EDIT) ||
|
||||||
'subject' => $subject,
|
!$info_id && $id_parent && !$this->bo->check_access($id_parent,PHPGW_ACL_ADD))
|
||||||
'des' => $des,
|
{
|
||||||
'pri' => $pri,
|
$error[]=lang('Access denied');
|
||||||
'status' => $status,
|
}
|
||||||
'confirm' => $confirm,
|
else
|
||||||
'access' => $access,
|
{
|
||||||
'cat' => $info_cat,
|
$this->bo->write(array(
|
||||||
'startdate' => $startdate,
|
'type' => $type,
|
||||||
'enddate' => $enddate,
|
'from' => $from,
|
||||||
'info_id' => $info_id,
|
'addr' => $addr,
|
||||||
'id_parent' => $id_parent,
|
'addr_id' => $id_addr,
|
||||||
'responsible' => $responsible
|
'proj_id' => $id_project,
|
||||||
));
|
'subject' => $subject,
|
||||||
|
'des' => $des,
|
||||||
|
'pri' => $pri,
|
||||||
|
'status' => $status,
|
||||||
|
'confirm' => $confirm,
|
||||||
|
'access' => $access,
|
||||||
|
'cat' => $info_cat,
|
||||||
|
'startdate' => $startdate,
|
||||||
|
'enddate' => $enddate,
|
||||||
|
'info_id' => $info_id,
|
||||||
|
'id_parent' => $id_parent,
|
||||||
|
'responsible' => $responsible
|
||||||
|
));
|
||||||
|
}
|
||||||
if (!$query_addr && !$query_project)
|
if (!$query_addr && !$query_project)
|
||||||
{
|
{
|
||||||
Header('Location: ' . $html->link($referer, array('cd'=>15)));
|
Header('Location: ' . $html->link($referer, array('cd'=>15)));
|
||||||
@ -637,11 +628,11 @@
|
|||||||
if (!$this->bo->check_access($info_id,PHPGW_ACL_ADD))
|
if (!$this->bo->check_access($info_id,PHPGW_ACL_ADD))
|
||||||
{
|
{
|
||||||
Header('Location: ' . $html->link($referer));
|
Header('Location: ' . $html->link($referer));
|
||||||
$phpgw->common->phpgw_exit();
|
$GLOBALS['phpgw']->common->phpgw_exit();
|
||||||
}
|
}
|
||||||
$parent = $this->bo->so->data;
|
$parent = $this->bo->so->data;
|
||||||
$this->bo->so->data['info_id'] = $info_id = 0;
|
$this->bo->so->data['info_id'] = $info_id = 0;
|
||||||
$this->bo->so->data['info_owner'] = $phpgw_info['user']['account_id'];
|
$this->bo->so->data['info_owner'] = $GLOBALS['phpgw_info']['user']['account_id'];
|
||||||
$this->bo->so->data['info_id_parent'] = $parent['info_id'];
|
$this->bo->so->data['info_id_parent'] = $parent['info_id'];
|
||||||
if ($parent['info_type']=='task' && $parent['info_status']=='offer')
|
if ($parent['info_type']=='task' && $parent['info_status']=='offer')
|
||||||
{
|
{
|
||||||
@ -658,9 +649,9 @@
|
|||||||
if ($info_id && !$this->bo->check_access($info_id,PHPGW_ACL_EDIT))
|
if ($info_id && !$this->bo->check_access($info_id,PHPGW_ACL_EDIT))
|
||||||
{
|
{
|
||||||
Header('Location: ' . $html->link($referer));
|
Header('Location: ' . $html->link($referer));
|
||||||
$phpgw->common->phpgw_exit();
|
$GLOBALS['phpgw']->common->phpgw_exit();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!$id_parent)
|
if (!$id_parent)
|
||||||
$id_parent = $this->bo->so->data['info_id_parent'];
|
$id_parent = $this->bo->so->data['info_id_parent'];
|
||||||
|
|
||||||
@ -671,11 +662,11 @@
|
|||||||
'referer' => $referer
|
'referer' => $referer
|
||||||
));
|
));
|
||||||
|
|
||||||
$phpgw->common->phpgw_header();
|
$GLOBALS['phpgw']->common->phpgw_header();
|
||||||
echo parse_navbar();
|
echo parse_navbar();
|
||||||
|
|
||||||
$t->set_file(array('info_edit' => 'form.tpl'));
|
$t->set_file(array('info_edit' => 'form.tpl'));
|
||||||
|
|
||||||
// ====================================================================
|
// ====================================================================
|
||||||
// create two seperate blocks, addblock will be cut off from template
|
// create two seperate blocks, addblock will be cut off from template
|
||||||
// editblock contains the buttons and forms for edit
|
// editblock contains the buttons and forms for edit
|
||||||
@ -683,10 +674,10 @@
|
|||||||
$t->set_block('info_edit', 'add', 'addhandle');
|
$t->set_block('info_edit', 'add', 'addhandle');
|
||||||
$t->set_block('info_edit', 'edit', 'edithandle');
|
$t->set_block('info_edit', 'edit', 'edithandle');
|
||||||
$t->set_block('info_edit', 'subpro', 'subprohandle');
|
$t->set_block('info_edit', 'subpro', 'subprohandle');
|
||||||
|
|
||||||
if (is_array($error))
|
if (is_array($error))
|
||||||
{
|
{
|
||||||
$t->set_var('error_list',$phpgw->common->error_list($error));
|
$t->set_var('error_list',$GLOBALS['phpgw']->common->error_list($error));
|
||||||
}
|
}
|
||||||
|
|
||||||
switch ($action)
|
switch ($action)
|
||||||
@ -728,11 +719,11 @@
|
|||||||
'type',$type,$this->bo->enums['type']),True));
|
'type',$type,$this->bo->enums['type']),True));
|
||||||
|
|
||||||
$t->set_var('lang_prfrom', lang('From'));
|
$t->set_var('lang_prfrom', lang('From'));
|
||||||
if (!isset($from)) $from =$phpgw->strip_html($this->bo->so->data['info_from']);
|
if (!isset($from)) $from =$GLOBALS['phpgw']->strip_html($this->bo->so->data['info_from']);
|
||||||
$t->set_var('fromval', $from);
|
$t->set_var('fromval', $from);
|
||||||
|
|
||||||
$t->set_var('lang_praddr', lang('Phone/Email'));
|
$t->set_var('lang_praddr', lang('Phone/Email'));
|
||||||
if (!isset($addr)) $addr =$phpgw->strip_html($this->bo->so->data['info_addr']);
|
if (!isset($addr)) $addr =$GLOBALS['phpgw']->strip_html($this->bo->so->data['info_addr']);
|
||||||
$t->set_var('addrval', $addr);
|
$t->set_var('addrval', $addr);
|
||||||
|
|
||||||
if (!isset($id_project)) $id_project = $this->bo->so->data['info_proj_id'];
|
if (!isset($id_project)) $id_project = $this->bo->so->data['info_proj_id'];
|
||||||
@ -740,15 +731,15 @@
|
|||||||
|
|
||||||
if (!isset($id_addr)) $id_addr = $this->bo->so->data['info_addr_id'];
|
if (!isset($id_addr)) $id_addr = $this->bo->so->data['info_addr_id'];
|
||||||
$t->set_var($sb->getAddress('addr',$id_addr,$query_addr));
|
$t->set_var($sb->getAddress('addr',$id_addr,$query_addr));
|
||||||
|
|
||||||
$t->set_var('lang_prsubject', lang('Subject'));
|
$t->set_var('lang_prsubject', lang('Subject'));
|
||||||
if (!isset($subject)) {
|
if (!isset($subject)) {
|
||||||
$subject = $phpgw->strip_html($this->bo->so->data['info_subject']);
|
$subject = $GLOBALS['phpgw']->strip_html($this->bo->so->data['info_subject']);
|
||||||
}
|
}
|
||||||
$t->set_var('subjectval', $subject);
|
$t->set_var('subjectval', $subject);
|
||||||
|
|
||||||
$t->set_var('lang_prdesc', lang('Description'));
|
$t->set_var('lang_prdesc', lang('Description'));
|
||||||
if (!isset($des)) $des = $phpgw->strip_html($this->bo->so->data['info_des']);
|
if (!isset($des)) $des = $GLOBALS['phpgw']->strip_html($this->bo->so->data['info_des']);
|
||||||
$t->set_var('descval', $des);
|
$t->set_var('descval', $des);
|
||||||
|
|
||||||
$t->set_var('lang_start_date',lang('Startdate'));
|
$t->set_var('lang_start_date',lang('Startdate'));
|
||||||
@ -790,9 +781,9 @@
|
|||||||
$t->set_var('lang_access_type',lang('Private'));
|
$t->set_var('lang_access_type',lang('Private'));
|
||||||
if (!isset($access)) $access = $this->bo->so->data['info_access'] == 'private';
|
if (!isset($access)) $access = $this->bo->so->data['info_access'] == 'private';
|
||||||
$t->set_var('access_list',$html->checkbox('access',$access));
|
$t->set_var('access_list',$html->checkbox('access',$access));
|
||||||
|
|
||||||
$t->set_var('edit_button',$html->submit_button('save','Save'));
|
$t->set_var('edit_button',$html->submit_button('save','Save'));
|
||||||
|
|
||||||
if (!$action && $this->bo->check_access($info_id,PHPGW_ACL_DELETE))
|
if (!$action && $this->bo->check_access($info_id,PHPGW_ACL_DELETE))
|
||||||
{
|
{
|
||||||
$t->set_var('delete_button',$html->form_1button('delete','Delete',
|
$t->set_var('delete_button',$html->form_1button('delete','Delete',
|
||||||
@ -808,7 +799,6 @@
|
|||||||
|
|
||||||
function delete( )
|
function delete( )
|
||||||
{
|
{
|
||||||
global $phpgw,$phpgw_info;
|
|
||||||
global $cat_filter,$cat_id,$sort,$order,$query,$start,$filter;
|
global $cat_filter,$cat_id,$sort,$order,$query,$start,$filter;
|
||||||
global $info_id,$confirm;
|
global $info_id,$confirm;
|
||||||
|
|
||||||
@ -833,7 +823,7 @@
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
$phpgw->common->phpgw_header();
|
$GLOBALS['phpgw']->common->phpgw_header();
|
||||||
echo parse_navbar();
|
echo parse_navbar();
|
||||||
|
|
||||||
$t->set_file(array( 'info_delete' => 'delete.tpl' ));
|
$t->set_file(array( 'info_delete' => 'delete.tpl' ));
|
||||||
@ -856,7 +846,6 @@
|
|||||||
|
|
||||||
function preferences( )
|
function preferences( )
|
||||||
{
|
{
|
||||||
global $phpgw,$phpgw_info;
|
|
||||||
global $save;
|
global $save;
|
||||||
|
|
||||||
$prefs = array(
|
$prefs = array(
|
||||||
@ -869,20 +858,20 @@
|
|||||||
'defaultFilter' => $this->filters
|
'defaultFilter' => $this->filters
|
||||||
);
|
);
|
||||||
|
|
||||||
$phpgw->preferences->read_repository();
|
$GLOBALS['phpgw']->preferences->read_repository();
|
||||||
|
|
||||||
if ($save)
|
if ($save)
|
||||||
{
|
{
|
||||||
while (list($pref,$lang) = each($prefs))
|
while (list($pref,$lang) = each($prefs))
|
||||||
{
|
{
|
||||||
$phpgw->preferences->add('infolog',$pref);
|
$GLOBALS['phpgw']->preferences->add('infolog',$pref);
|
||||||
}
|
}
|
||||||
$phpgw->preferences->save_repository(True);
|
$GLOBALS['phpgw']->preferences->save_repository(True);
|
||||||
|
|
||||||
Header('Location: '.$phpgw->link('/preferences/index.php'));
|
Header('Location: '.$GLOBALS['phpgw']->link('/preferences/index.php'));
|
||||||
$phpgw->common->phpgw_exit();
|
$GLOBALS['phpgw']->common->phpgw_exit();
|
||||||
}
|
}
|
||||||
$phpgw->common->phpgw_header();
|
$GLOBALS['phpgw']->common->phpgw_header();
|
||||||
echo parse_navbar();
|
echo parse_navbar();
|
||||||
|
|
||||||
$t = $this->template; $html = $this->html;
|
$t = $this->template; $html = $this->html;
|
||||||
@ -894,7 +883,7 @@
|
|||||||
'text' => ' ',
|
'text' => ' ',
|
||||||
'action_url' => $html->link('/index.php',
|
'action_url' => $html->link('/index.php',
|
||||||
$this->menuaction('preferences')),
|
$this->menuaction('preferences')),
|
||||||
'bg_h_color' => $phpgw_info['theme']['th_bg'],
|
'bg_h_color' => $GLOBALS['phpgw_info']['theme']['th_bg'],
|
||||||
'save_button' => $html->submit_button('save','Save')
|
'save_button' => $html->submit_button('save','Save')
|
||||||
);
|
);
|
||||||
$t->set_var($vars);
|
$t->set_var($vars);
|
||||||
@ -911,13 +900,13 @@
|
|||||||
if (!is_object($sbox)) $sbox = CreateObject('phpgwapi.sbox2');
|
if (!is_object($sbox)) $sbox = CreateObject('phpgwapi.sbox2');
|
||||||
|
|
||||||
$t->set_var('data',$sbox->getArrayItem($pref,
|
$t->set_var('data',$sbox->getArrayItem($pref,
|
||||||
$phpgw_info['user']['preferences']['infolog'][$pref],
|
$GLOBALS['phpgw_info']['user']['preferences']['infolog'][$pref],
|
||||||
$allowed_values[$pref],1));
|
$allowed_values[$pref],1));
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
$t->set_var('data',$html->checkbox($pref,
|
$t->set_var('data',$html->checkbox($pref,
|
||||||
$phpgw_info['user']['preferences']['infolog'][$pref]));
|
$GLOBALS['phpgw_info']['user']['preferences']['infolog'][$pref]));
|
||||||
}
|
}
|
||||||
$t->parse('pref_linehandle','pref_line',True);
|
$t->parse('pref_linehandle','pref_line',True);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user