fixed CSP error for multiple eTemplate2s (CRM view), by allways sending etemplate data via et2_container tag (instead etemplate script tag) and create an et2 object for all of them in egw.js

This commit is contained in:
Ralf Becker 2014-03-10 11:58:49 +00:00
parent bea1863d14
commit 79e1b5c9b8
2 changed files with 32 additions and 73 deletions

View File

@ -46,9 +46,12 @@ class etemplate_new extends etemplate_widget_template
*/
function __construct($name='',$load_via='')
{
// we do NOT call parent consturctor, as we only want to enherit it's (static) methods
if (false) parent::__construct ($name); // satisfy IDE, as we dont call parent constructor
$this->sitemgr = isset($GLOBALS['Common_BO']) && is_object($GLOBALS['Common_BO']);
if ($name) $this->read($name,$template='default',$lang='default',$group=0,$version='',$load_via);
if ($name) $this->read($name,$template='default','default',0,'',$load_via);
// generate new etemplate request object, if not already existing
if(!isset(self::$request)) self::$request = etemplate_request::read();
@ -185,9 +188,6 @@ class etemplate_new extends etemplate_widget_template
egw_framework::validate_file('.','app',$app,false);
}
$header = $GLOBALS['egw']->framework->header(array(
'etemplate' => $load_array
));
// check if we are in an ajax-exec call from jdots template (or future other tabbed templates)
if (isset($GLOBALS['egw']->framework->response))
{
@ -203,23 +203,7 @@ class etemplate_new extends etemplate_widget_template
self::$request = null;
return;
}
else if (!$header)
{
// Headers already sent, another etemplate
echo '<div id="'.$dom_id.'" class="et2_container"></div>';
echo '<script type="text/javascript">window.egw_LAB.wait(function() {
var data = ' . json_encode($load_array) . ';
$j(".et2_container").not("#'.$dom_id.'").on("load", function() {
var et2 = new etemplate2(document.getElementById("'.$dom_id.'"), "'.$currentapp.'.etemplate_new.ajax_process_content.etemplate");
et2.load(data.name,data.url,data.data);
});
})</script>';
}
else
{
//error_log("NON-Ajax " . __LINE__);
echo $header;
echo $GLOBALS['egw']->framework->header();
if ($output_mode != 2)
{
parse_navbar();
@ -228,14 +212,13 @@ class etemplate_new extends etemplate_widget_template
{
echo '<div id="popupMainDiv">'."\n";
}
echo '<div id="'.$dom_id.'" class="et2_container"></div>';
echo '<div id="'.$dom_id.'" class="et2_container" data-etemplate="'.html::htmlspecialchars(json_encode($load_array), true).'"></div>';
if ($output_mode == 2)
{
echo "\n</div>\n";
echo $GLOBALS['egw']->framework->footer();
}
}
ob_flush();
// Send any accumulated json responses - after flush to avoid sending the buffer as a response
@ -329,7 +312,7 @@ class etemplate_new extends etemplate_widget_template
*/
static public function process_exec()
{
$etemplate_exec_id = $_POST['etemplate_exec_id'];
if (get_magic_quotes_gpc()) $_POST['value'] = stripslashes($_POST['value']);
$content = json_decode($_POST['value'],true);
if($content == null && $_POST['exec'])
{
@ -340,8 +323,6 @@ class etemplate_new extends etemplate_widget_template
error_log(__METHOD__."(".array2string($content).")");
self::$request = etemplate_request::read($_POST['etemplate_exec_id']);
if (get_magic_quotes_gpc()) $_POST['value'] = stripslashes($_POST['value']);
$content = json_decode($_POST['value'],true);
if (!($template = self::instance(self::$request->template['name'], self::$request->template['template_set'],
self::$request->template['version'], self::$request->template['load_via'])))
@ -400,6 +381,7 @@ class etemplate_new extends etemplate_widget_template
*/
public function read($name,$template_set=null,$lang='default',$group=0,$version='',$load_via='')
{
unset($lang); unset($group); // not used, but in old signature
$this->rel_path = self::relPath($this->name=$name, $this->template_set=$template_set,
$this->version=$version, $this->laod_via = $load_via);
//error_log(__METHOD__."('$name', '$template_set', '$lang', $group, '$version', '$load_via') rel_path=".array2string($this->rel_path));
@ -551,7 +533,7 @@ class etemplate_new extends etemplate_widget_template
*/
static public function number_format($number,$num_decimal_places=2,$readonly=true)
{
static $dec_separator,$thousands_separator;
static $dec_separator=null,$thousands_separator=null;
if (is_null($dec_separator))
{
$dec_separator = $GLOBALS['egw_info']['user']['preferences']['common']['number_format'][0];
@ -624,7 +606,7 @@ class etemplate_new extends etemplate_widget_template
}
}
// default etemplate class has to be defined by either extending etemplate_new or etemplate_old
class etemplate extends etemplate_old {};
class etemplate extends etemplate_old {}
// Try to discover all widgets, as names don't always match tags (eg: listbox is in menupopup)
$files = scandir(EGW_INCLUDE_ROOT . '/etemplate/inc');

View File

@ -206,32 +206,10 @@
window.framework.setSidebox.apply(window.framework, JSON.parse(sidebox));
}
// load et2
var data = egw_script.getAttribute('data-etemplate');
if (data)
{
// Initialize application js
var callback = null;
// Only initialize once
if(typeof app[window.egw_appName] == "object")
{
callback = function(et2) {app[window.egw_appName].et2_ready(et2);};
}
else
{
egw.debug("warn", "Did not load '%s' JS object",window.egw_appName);
}
// Wait until DOM loaded before we load the etemplate to make sure the target is there
$j(function() {
// Re-load data here, as later code may change the variable
var data = JSON.parse(egw_script.getAttribute('data-etemplate')) || {};
var node = document.getElementById(data.DOMNodeID);
if(!node)
{
egw.debug("error", "Could not find target node %s", data.DOMNodeID);
}
else
{
// load etemplate2 template(s)
$j('div.et2_container[data-etemplate]').each(function(index, node){
var data = JSON.parse(node.getAttribute('data-etemplate')) || {};
var currentapp = data.data.currentapp || window.egw_appName;
if(popup || window.opener)
{
// Resize popup when et2 load is done
@ -239,11 +217,10 @@
window.resizeTo(jQuery(document).width()+20,jQuery(document).height()+70);
});
}
var et2 = new etemplate2(node, window.egw_appName+".etemplate_new.ajax_process_content.etemplate");
et2.load(data.name,data.url,data.data,callback);
}
var et2 = new etemplate2(node, currentapp+".etemplate_new.ajax_process_content.etemplate");
et2.load(data.name,data.url,data.data);
});
}
$j(function() {
// set app-header
if (window.framework && egw_script.getAttribute('data-app-header'))