Commit Graph

182 Commits

Author SHA1 Message Date
Ralf Becker
43e1bfcc12 switching on Content-Security-Policy: script-src 'self' 'unsafe-eval' for all templates, old non-et2 apps can call egw_framework::csp_script_src_attrs('unsafe-inline') to enable inline scripts in their scope, et2 does it for CK editor which does not support CSP currently and old etemplate does it for all apps using it 2013-10-05 13:33:28 +00:00
Ralf Becker
f8a0db06fc completly remove preferences menu from sidebox and tiled preferences index in favoir of app-sensitive entries in top-menu 2013-10-03 09:23:18 +00:00
Ralf Becker
6f162f144e add context sensitive link to ACL/grant access to top-menu, same is to be happen for cats and preferences itself and preferences in sidebox will be removed 2013-10-02 16:29:08 +00:00
Ralf Becker
1590d02816 new egw_framework::message($msg, $msg_type="success") method and fixing nextmatch filter-change to return app-header 2013-09-05 11:53:25 +00:00
Ralf Becker
aa8a848871 optional parameter for egw_framework::window_close() to specify an alert message, which get shown/alerted, before closing the window 2013-08-26 10:24:11 +00:00
Ralf Becker
b2ba685edd remove inline javascript from idots and jerryr templates 2013-08-21 20:22:53 +00:00
Ralf Becker
73aa652c41 missing egw.js from last commit and egw_framework::window_focus() method 2013-08-20 13:25:36 +00:00
Ralf Becker
1c4f65120c new egw_framework methods refresh_opener and window_close to call egw_refresh on opener or close popup window in a content security save way 2013-08-20 12:06:41 +00:00
Ralf Becker
8ce9969ece we need to double encode (html::htmlspecialchars( , TRUE)), as otherwise we get invalid json, eg. for quotes, fixes not working display in filemanager for some directories containing directories with quotes in their name 2013-08-01 06:36:18 +00:00
Ralf Becker
8ec5425c5a disable minify-ing of javascript, until I find time to fix it, as it stalls testers (css still get minifyed, if debug minify is off in site config) 2013-07-24 07:42:27 +00:00
Ralf Becker
16191d4db4 rendering quick-add menu on clientside and content-security safe, thought not yet in idots template, also removed not used inline javascript from idots 2013-07-22 19:20:13 +00:00
Ralf Becker
4ed52a2b16 get notifications-popup ready for content-security, install as object in app.notifications and use data-poll-intervall of script tag to pass poll frequency 2013-07-22 13:29:20 +00:00
Nathan Gray
67d6775f54 Use htmlspecialchars to escape data-attributes 2013-07-19 18:03:47 +00:00
Ralf Becker
5e3c0192d3 $extra parameter for framework->header() 2013-07-19 17:07:05 +00:00
Ralf Becker
f55a668bdf include user-data and common prefs like we already do it with eg. server config 2013-07-19 15:22:00 +00:00
Ralf Becker
d16c426fb6 first step towards content-security by passing parameters to egw.js script via data-attributes of script tag instead of using inline scripts in page 2013-07-19 08:45:26 +00:00
Ralf Becker
792f1b26cc replacing egw.LAB with egw_LAB, as egw object is shared by all iframes and popups, while LAB has to work on document 2013-07-17 12:47:21 +00:00
Ralf Becker
a23205060b use new eTemplate preferences 2013-05-10 16:39:42 +00:00
Ralf Becker
ad4776c78e allways using filemtime for timestamps appended to urls to force loading of current version, as mixed use of file{c,m}time causes wired errors due to double loading eg. on OS X where they are different 2013-04-13 07:17:36 +00:00
Ralf Becker
a1d90ea237 get regexp to play nice with opening script tag without attributes 2013-04-09 12:47:44 +00:00
Ralf Becker
6e28933f18 missing onLoad attibute in body tag, causing all sorts of things to fail 2013-04-02 08:13:37 +00:00
Nathan Gray
a20f7651a0 Wrap some more js 2013-04-01 22:19:10 +00:00
Nathan Gray
ef2a5d377d Use LABjs throughout framework to load javascript - prevents a lot of undefined / timing errors 2013-04-01 19:14:52 +00:00
Nathan Gray
68529ce692 Load et2 CSS in at the top level so it's available for sidebox 2013-03-12 22:45:58 +00:00
Ralf Becker
52ea94cbee using LABjs to load javascript files in order via egw.includeJS 2013-02-15 15:30:35 +00:00
Ralf Becker
5f1c76ae91 refactored js loading a bit, to be able to get files to load for et2 2013-02-13 16:28:39 +00:00
Nathan Gray
f72a582532 Use chosen plugin for to get fancy selectboxes. Selectboxes with more than 12 options get it turned on automatically 2012-11-12 19:29:23 +00:00
Ralf Becker
f7cc51ad18 do NOT minify ckeditor, as it breaks it (it is already minifyed anyway) 2012-10-26 10:00:05 +00:00
Ralf Becker
18fe5c1d4b fixed minify issues: installation in docroot is now handeled, as well as problems with jscalendar and email 2012-10-26 09:24:39 +00:00
Ralf Becker
b6a2d9591f koping with EGroupware installed direct in docroot (webserver_url "", "/" or "http(s)://domain.com/") 2012-10-24 06:27:56 +00:00
Ralf Becker
6996efe50b use minify on javascript files: for now minify does NOT support query parameters, nor php files generating javascript, therefore these are excluded 2012-10-15 17:22:44 +00:00
Ralf Becker
4e8f54268c fix for typo: path_url --> parse_url 2012-10-15 06:51:54 +00:00
Ralf Becker
71ec92a777 cache, concat and minify all css resources to speed up requests, javascript files planned too 2012-10-14 19:38:32 +00:00
Ralf Becker
5100dfcc71 * Password: fixed not working check, if user has right to change password, causing password link in topmenu to be displayed when not in preferences app 2012-06-29 07:14:46 +00:00
Ralf Becker
3e4ef81080 load wz_tooltips only if required: $GLOBALS[egw_info][flags][include_wz_tooltip] set or html::tooltip() called before calling common::egw_header(), calling header again as end of home page to allow apps to load stuff into the header (not only wz_tooltip) 2012-04-04 13:05:58 +00:00
Andreas Stöckel
c525cadcdb Reverted accidently made commit for class.egw_framework.inc.php 2012-03-23 13:43:20 +00:00
Andreas Stöckel
eadeb57f28 Fixed problem with registered data callbacks, when the window the callback belongs to is closed 2012-03-23 13:39:27 +00:00
Klaus Leithoff
3abeb7c464 add onbeforeunload as action 2012-03-21 08:25:17 +00:00
Andreas Stöckel
dc017ed889 Now again using a local etemplate2 instance on the client 2012-03-12 12:05:14 +00:00
Andreas Stöckel
d486e50a57 phpgwapi:
* Changed way of how "webserverUrl" gets set - any type of data can now be
	  injected into the egw object by creating an object with the data and an
	  entry "prefsOnly" set to true. This allows to ensure, that "webserverUrl"
	  is the first thing that is being set in the egw object (as needed when
	  including new JS/CSS files at runtime)

jsapi:
	* Fixed including JS/CSS files at runtime in other windows than the root
	  window
	* Added "ready" function/module, which provides an alternative to the
	  $j("ready") function. The ready module provides the functionality to
	  postpone calling the "ready" until certain events happened.
	* using jQuery calendar object instead of jscalendar in the calendar
	  function.
	* added "jquery" module which takes care of including all jQuery modules
	  in all windows
	* added possibility for modules to update constants using the "constant"
	  function.
	* added possibility for modules to access certain other modules using
	  the "module" function

etemplate:
	* Using new egw(window).ready function to build the template first if
	  loading has finished.
2012-03-09 15:32:29 +00:00
Andreas Stöckel
df06f6657c Now always including egw and etemplate2 javascript code if we are in the top window 2012-03-08 14:05:00 +00:00
Ralf Becker
000b74bded framework->isTop($consider_navbar_not_yet_called_as_true=true): true if we are rendering the top-level EGroupware window 2012-03-07 08:45:57 +00:00
Ralf Becker
f676a23821 fixes for PHP 5.4 warnings and strict warnings, thought disabled E_STRICT for now, because of various strict warnings in working code, which could not be easy fixed in all areas (see comment in phpgwapi/inc/functions.inc.php) 2012-03-04 13:33:10 +00:00
Klaus Leithoff
d37ee80161 mending Warnings: Cannot use a scalar value as an array 2011-12-20 15:57:03 +00:00
Ralf Becker
e9ba37173a remove old ISS specific redirect code and default of $_SERVER[PHP_SELF] for $url parameter of egw::redirect (not used in current EGroupware) 2011-11-30 20:32:45 +00:00
Nathan Gray
c3abca67db Return an array, not null, if there are no preferences for the app 2011-11-09 16:32:42 +00:00
Ralf Becker
046c0919cc make basic data of current user available via egw.user(_field) 2011-08-31 12:17:34 +00:00
Ralf Becker
7868b684cd using php5 constructors 2011-08-31 07:50:28 +00:00
Ralf Becker
ea7ad6318d new clientside image-name to url map: egw.image(_name, _app="phpgwapi")
eg. egw.image('favicon') returns '/egroupware/phpgwapi/templates/default/favicon.ico'
--> pondon to serverside common::image($app,$name) method
2011-08-30 22:19:38 +00:00
Ralf Becker
be6fd87783 - sending EGroupware configuration (non-sensible stuff) to browser and make it available via egw.config(_name, _app="phpgwapi")
- sending link-registry in the same file
- used javascript file uses etag to ensure there's no need to load it on each request
2011-08-26 16:27:57 +00:00
Ralf Becker
a925764fc4 - dynamical (synchronious) loading preferences (other then "common") from server via egw.preference(_name, _app)
- setting preferences on server via egw.set_preference(_app, _name, _value)
- enable calling of active framework / template class via using egw_framework instead of not known used framework class of user, eg. "home.egw_framework.ajax_func.template" instead of "home.idots_framework.ajax_func.template"
2011-08-26 09:34:18 +00:00
Ralf Becker
16c6a8d4f9 got clientside translations working for etemplate2 apps: egw.lang("%1 timesheet(s) %2", 5, egw.lang("deleted")) 2011-08-23 16:15:54 +00:00
Ralf Becker
24e34f7927 new clientside API object currently supporting the following methods:
- egw.preferences(_name, _app='common') return preference _name of _app (only common prefs loaded currently)
- egw.open() allowing to open app-entries utilising the link registry, deprecating egw_open from jsapi.js
- egw.lang(_msg, _arg1, ..., _argN) placeholders are not yet implemented
2011-08-23 14:29:56 +00:00
Andreas Stöckel
149c154540 Added system which allows us to define dependencies inside js files.
An introduction on how this can be done is given in class.egw_include_mgr.inc.php.
This file/class may lateron be extended to minifiy, compress and cache groups of js files - currently only the 'debug-mode' is implemented, which sends all javascript files as individual files, making it easy to debug the java-script files in the browser.

The new method should work with all old code, especially including java-script files as part of an ajax-response, if something is broken, please report that!
2011-08-03 14:03:31 +00:00
Ralf Becker
c84c890738 fixed not working password change, if no rights for password app, but for preferences 2011-06-07 12:11:16 +00:00
Ralf Becker
2add4fe910 no need to scan non-directories - gives only warnings ;-) 2011-06-07 07:02:08 +00:00
Ralf Becker
994d1b63d4 allways display topmenu item "Password" addtional to "Preferences" and shorten "Manual / Help" in topmenu to "Help" 2011-06-03 18:36:47 +00:00
Ralf Becker
47e2764da0 new javascript method egw_open() to open egw_entries using there registered url and popup sizes from the link registry 2011-06-02 11:13:41 +00:00
Ralf Becker
61c0b251c3 * IE9: enable IE dropdown menu hack only for IE<9, as it stalls IE9 www.stylite.de bug #1722 2011-05-31 07:55:51 +00:00
Ralf Becker
42bf4dbc3c updating number of current users via notifications 2011-04-14 09:50:35 +00:00
Ralf Becker
5495491e78 * Admin: session-list is generated now from egw_access_log table independent of readablity of sessions files in filesystem
- session_(dla|action) is stored in egw_access_log table
- notifications refresh via ajax set notification_heartbeat timestamp in egw_access_log
- if notification_heartbeat is set (happens only for browser sessions with popup notification) sessions get removed from session list one minute after browser is closed
- new static method egw_session::notifications_active($account_id) to check if given user has an open browser with notifications popup checking, to ensure popup notifications can fall back to email
--> REQUIRES DATABASE UPDATE / SETUP
2011-04-13 14:11:09 +00:00
Ralf Becker
5507c32e4e fix common::get_body_attribs() (gave fatal error, because egw_framework::_get_body_attribs() was protected) and add body_attribs to Sitemgr Template3::get_meta() 2011-01-06 20:47:21 +00:00
Ralf Becker
594efde2f9 removed wrong app parameter from about url and disabled error_log for not found js file 2010-11-21 13:37:09 +00:00
Ralf Becker
c1fea35c29 * telling IE via X-UA-Compatible IE=edge never to use compatibility modes with old versions (if set eg. via group policy for whole intranet zone) 2010-11-10 10:49:16 +00:00
Ralf Becker
c86787a3bd tell IE > 7 to use it's own mode, not old compatibility mode eg. IE=7 for IE8 2010-11-09 14:44:18 +00:00
Ralf Becker
af7a24eb9a framework->navbar() now automatically calls framework->header(), this way navbar or sidebox can include JS or CSS, because header is called after 2010-10-18 10:46:47 +00:00
Klaus Leithoff
3843c0b59b Feature: to allow admins a) to set an allowed password age, to require all users to change their password regularily; b) force password change for a given user on the users next login; c) better control about the password strength required; Funded by Cricket 2010-09-22 09:48:27 +00:00
Ralf Becker
14b6c569fb new logo for 1.8 2010-09-16 09:57:12 +00:00
Ralf Becker
577c8926bc added abstract function to base egw_framework, as it get called from admin/inc/hook_top_menu.inc.php for pending updates 2010-09-07 19:08:13 +00:00
Ralf Becker
671313b3ea quiten error_log if no CSS file for an app 2010-07-30 13:38:49 +00:00
Ralf Becker
a5ba32b8b6 allow to change password without run rights for preferences via a new password app (part of preferences app, but separate to install) 2010-07-27 14:29:20 +00:00
Ralf Becker
fccbe5fcbd Moved removal of standard javascript files from egw_framework class to
egw_json, as it did not work in all cases
2010-06-24 11:33:51 +00:00
Ralf Becker
f42ee4b026 - for Ajax: no need to load the "standard" files, they are already
loaded, in fact jquery has a problem if loaded twice
- add filectime to js and css files loaded via include_css_js_response
2010-06-24 10:51:02 +00:00
Ralf Becker
8e98f6cea3 New method egw_framework::include_css_js_response to add javascript and
CSS included via egw_framework::validate_file or egw_framework::includeCSS
to an ajax response.
Fixed jscalendar to use that service and sitemgr to include it manually.
2010-06-23 23:01:57 +00:00
Ralf Becker
5465b281cc new method to include css files: egw_framework::includeCSS($app,$name) or includeCSS($path) 2010-06-18 11:19:24 +00:00
Andreas Stöckel
e8cc19df9a Fixed some typos and IE-specific problems 2010-06-16 12:48:17 +00:00
Andreas Stöckel
c953709866 - Added server side implementation of application sorting
- Filtering "remove"-function from arrays before sending them via json
2010-06-16 12:07:50 +00:00
Ralf Becker
88ebb437c2 methods to set or get all body tags or javascript files, replacing direct access to variables of old javascript class 2010-06-15 16:08:10 +00:00
Ralf Becker
d4e5476304 returning content of onXXX tag after adding code 2010-06-13 07:44:53 +00:00
Ralf Becker
dba87a90cf setting vars empty, which get only conditionally set 2010-06-10 15:37:47 +00:00
Ralf Becker
5443acbb21 allow json in body on(Load|Unload|Resize) tags 2010-06-10 14:31:30 +00:00
Ralf Becker
5bcf29400b setting webserver_url for new json handler, if used with templates other then jdots 2010-06-10 08:38:02 +00:00
Andreas Stöckel
2f1353ba3a Initializing $top_menu_extra as an array 2010-06-10 07:35:16 +00:00
Ralf Becker
e95da23141 removing xajax, as we no longer need it (get emulated by our new json stuff) 2010-06-10 07:01:14 +00:00
Ralf Becker
e977610a4b Integrated (used) javascript methods:
- js->validate_file()
- js->set_on(Load|Unload|Resize)
into egw_framwork and made them static
(egw::__get('js') returns now the framework so all old code should
continue to work)
2010-06-09 15:30:53 +00:00
Ralf Becker
8b49db5a57 new framework method to return javascript to call manual 2010-06-07 22:06:35 +00:00
Ralf Becker
6ecb981cb5 Moved after_navbar hook into a egw_framework method 2010-06-07 17:31:43 +00:00
Ralf Becker
30d45d9b37 allways load jquery (not -ui) and egw_json for all templates 2010-06-07 15:10:58 +00:00
Ralf Becker
8f86299005 fixing quick add to work with jDots 2010-06-07 14:44:38 +00:00
Ralf Becker
601289343c moved top menu logic from idots_framework class to egw_framework,
to be able to use it from other templates too
2010-06-07 11:49:16 +00:00
Ralf Becker
ff1c3b9be1 allways use "About EGroupware", as about is not any more application specific 2010-06-04 12:43:35 +00:00
Andreas Stöckel
f88e1339c6 Fixed powered_by link in jdots 2010-06-04 08:06:02 +00:00
Ralf Becker
7d19819ba1 cleaned up about to use framework->list_templates to support app like templates 2010-06-02 22:43:41 +00:00
Ralf Becker
a4a427e2ab allow to specifiy a path or url, instead only an url 2010-06-02 21:28:07 +00:00
Ralf Becker
d9b9e79fcd fixed missing var causing app like templates not to be found 2010-06-02 17:33:26 +00:00
Ralf Becker
3a15cdcd6e Finding of templates and their themes, if they are packaged in dirs as
apps
2010-06-02 10:59:58 +00:00
Ralf Becker
472a420231 allow to package templates like applicatons in an own directory, cleand up index.php a bit 2010-06-02 09:20:55 +00:00
Andreas Stöckel
ca263fc6d8 - Rewrote redirect function
- Setting the webserver url in head
2010-06-02 08:10:43 +00:00
Ralf Becker
b9f98321f5 allow template to overwrite link and redirect_link methods 2010-06-01 21:38:00 +00:00
Ralf Becker
5a47d445e8 "fix tiny mail window, because felamimail uses egw_getWindowOuterHeight() instead of a fixed height given as number" 2010-05-09 09:41:38 +00:00