Commit Graph

132 Commits

Author SHA1 Message Date
Ralf Becker
43e1bfcc12 switching on Content-Security-Policy: script-src 'self' 'unsafe-eval' for all templates, old non-et2 apps can call egw_framework::csp_script_src_attrs('unsafe-inline') to enable inline scripts in their scope, et2 does it for CK editor which does not support CSP currently and old etemplate does it for all apps using it 2013-10-05 13:33:28 +00:00
Ralf Becker
f8a0db06fc completly remove preferences menu from sidebox and tiled preferences index in favoir of app-sensitive entries in top-menu 2013-10-03 09:23:18 +00:00
Ralf Becker
6f162f144e add context sensitive link to ACL/grant access to top-menu, same is to be happen for cats and preferences itself and preferences in sidebox will be removed 2013-10-02 16:29:08 +00:00
Ralf Becker
1590d02816 new egw_framework::message($msg, $msg_type="success") method and fixing nextmatch filter-change to return app-header 2013-09-05 11:53:25 +00:00
Ralf Becker
aa8a848871 optional parameter for egw_framework::window_close() to specify an alert message, which get shown/alerted, before closing the window 2013-08-26 10:24:11 +00:00
Ralf Becker
b2ba685edd remove inline javascript from idots and jerryr templates 2013-08-21 20:22:53 +00:00
Ralf Becker
73aa652c41 missing egw.js from last commit and egw_framework::window_focus() method 2013-08-20 13:25:36 +00:00
Ralf Becker
1c4f65120c new egw_framework methods refresh_opener and window_close to call egw_refresh on opener or close popup window in a content security save way 2013-08-20 12:06:41 +00:00
Ralf Becker
8ce9969ece we need to double encode (html::htmlspecialchars( , TRUE)), as otherwise we get invalid json, eg. for quotes, fixes not working display in filemanager for some directories containing directories with quotes in their name 2013-08-01 06:36:18 +00:00
Ralf Becker
8ec5425c5a disable minify-ing of javascript, until I find time to fix it, as it stalls testers (css still get minifyed, if debug minify is off in site config) 2013-07-24 07:42:27 +00:00
Ralf Becker
16191d4db4 rendering quick-add menu on clientside and content-security safe, thought not yet in idots template, also removed not used inline javascript from idots 2013-07-22 19:20:13 +00:00
Ralf Becker
4ed52a2b16 get notifications-popup ready for content-security, install as object in app.notifications and use data-poll-intervall of script tag to pass poll frequency 2013-07-22 13:29:20 +00:00
Nathan Gray
67d6775f54 Use htmlspecialchars to escape data-attributes 2013-07-19 18:03:47 +00:00
Ralf Becker
5e3c0192d3 $extra parameter for framework->header() 2013-07-19 17:07:05 +00:00
Ralf Becker
f55a668bdf include user-data and common prefs like we already do it with eg. server config 2013-07-19 15:22:00 +00:00
Ralf Becker
d16c426fb6 first step towards content-security by passing parameters to egw.js script via data-attributes of script tag instead of using inline scripts in page 2013-07-19 08:45:26 +00:00
Ralf Becker
792f1b26cc replacing egw.LAB with egw_LAB, as egw object is shared by all iframes and popups, while LAB has to work on document 2013-07-17 12:47:21 +00:00
Ralf Becker
a23205060b use new eTemplate preferences 2013-05-10 16:39:42 +00:00
Ralf Becker
ad4776c78e allways using filemtime for timestamps appended to urls to force loading of current version, as mixed use of file{c,m}time causes wired errors due to double loading eg. on OS X where they are different 2013-04-13 07:17:36 +00:00
Ralf Becker
a1d90ea237 get regexp to play nice with opening script tag without attributes 2013-04-09 12:47:44 +00:00
Ralf Becker
6e28933f18 missing onLoad attibute in body tag, causing all sorts of things to fail 2013-04-02 08:13:37 +00:00
Nathan Gray
a20f7651a0 Wrap some more js 2013-04-01 22:19:10 +00:00
Nathan Gray
ef2a5d377d Use LABjs throughout framework to load javascript - prevents a lot of undefined / timing errors 2013-04-01 19:14:52 +00:00
Nathan Gray
68529ce692 Load et2 CSS in at the top level so it's available for sidebox 2013-03-12 22:45:58 +00:00
Ralf Becker
52ea94cbee using LABjs to load javascript files in order via egw.includeJS 2013-02-15 15:30:35 +00:00
Ralf Becker
5f1c76ae91 refactored js loading a bit, to be able to get files to load for et2 2013-02-13 16:28:39 +00:00
Nathan Gray
f72a582532 Use chosen plugin for to get fancy selectboxes. Selectboxes with more than 12 options get it turned on automatically 2012-11-12 19:29:23 +00:00
Ralf Becker
f7cc51ad18 do NOT minify ckeditor, as it breaks it (it is already minifyed anyway) 2012-10-26 10:00:05 +00:00
Ralf Becker
18fe5c1d4b fixed minify issues: installation in docroot is now handeled, as well as problems with jscalendar and email 2012-10-26 09:24:39 +00:00
Ralf Becker
b6a2d9591f koping with EGroupware installed direct in docroot (webserver_url "", "/" or "http(s)://domain.com/") 2012-10-24 06:27:56 +00:00
Ralf Becker
6996efe50b use minify on javascript files: for now minify does NOT support query parameters, nor php files generating javascript, therefore these are excluded 2012-10-15 17:22:44 +00:00
Ralf Becker
4e8f54268c fix for typo: path_url --> parse_url 2012-10-15 06:51:54 +00:00
Ralf Becker
71ec92a777 cache, concat and minify all css resources to speed up requests, javascript files planned too 2012-10-14 19:38:32 +00:00
Ralf Becker
5100dfcc71 * Password: fixed not working check, if user has right to change password, causing password link in topmenu to be displayed when not in preferences app 2012-06-29 07:14:46 +00:00
Ralf Becker
3e4ef81080 load wz_tooltips only if required: $GLOBALS[egw_info][flags][include_wz_tooltip] set or html::tooltip() called before calling common::egw_header(), calling header again as end of home page to allow apps to load stuff into the header (not only wz_tooltip) 2012-04-04 13:05:58 +00:00
Andreas Stöckel
c525cadcdb Reverted accidently made commit for class.egw_framework.inc.php 2012-03-23 13:43:20 +00:00
Andreas Stöckel
eadeb57f28 Fixed problem with registered data callbacks, when the window the callback belongs to is closed 2012-03-23 13:39:27 +00:00
Klaus Leithoff
3abeb7c464 add onbeforeunload as action 2012-03-21 08:25:17 +00:00
Andreas Stöckel
dc017ed889 Now again using a local etemplate2 instance on the client 2012-03-12 12:05:14 +00:00
Andreas Stöckel
d486e50a57 phpgwapi:
* Changed way of how "webserverUrl" gets set - any type of data can now be
	  injected into the egw object by creating an object with the data and an
	  entry "prefsOnly" set to true. This allows to ensure, that "webserverUrl"
	  is the first thing that is being set in the egw object (as needed when
	  including new JS/CSS files at runtime)

jsapi:
	* Fixed including JS/CSS files at runtime in other windows than the root
	  window
	* Added "ready" function/module, which provides an alternative to the
	  $j("ready") function. The ready module provides the functionality to
	  postpone calling the "ready" until certain events happened.
	* using jQuery calendar object instead of jscalendar in the calendar
	  function.
	* added "jquery" module which takes care of including all jQuery modules
	  in all windows
	* added possibility for modules to update constants using the "constant"
	  function.
	* added possibility for modules to access certain other modules using
	  the "module" function

etemplate:
	* Using new egw(window).ready function to build the template first if
	  loading has finished.
2012-03-09 15:32:29 +00:00
Andreas Stöckel
df06f6657c Now always including egw and etemplate2 javascript code if we are in the top window 2012-03-08 14:05:00 +00:00
Ralf Becker
000b74bded framework->isTop($consider_navbar_not_yet_called_as_true=true): true if we are rendering the top-level EGroupware window 2012-03-07 08:45:57 +00:00
Ralf Becker
f676a23821 fixes for PHP 5.4 warnings and strict warnings, thought disabled E_STRICT for now, because of various strict warnings in working code, which could not be easy fixed in all areas (see comment in phpgwapi/inc/functions.inc.php) 2012-03-04 13:33:10 +00:00
Klaus Leithoff
d37ee80161 mending Warnings: Cannot use a scalar value as an array 2011-12-20 15:57:03 +00:00
Ralf Becker
e9ba37173a remove old ISS specific redirect code and default of $_SERVER[PHP_SELF] for $url parameter of egw::redirect (not used in current EGroupware) 2011-11-30 20:32:45 +00:00
Nathan Gray
c3abca67db Return an array, not null, if there are no preferences for the app 2011-11-09 16:32:42 +00:00
Ralf Becker
046c0919cc make basic data of current user available via egw.user(_field) 2011-08-31 12:17:34 +00:00
Ralf Becker
7868b684cd using php5 constructors 2011-08-31 07:50:28 +00:00
Ralf Becker
ea7ad6318d new clientside image-name to url map: egw.image(_name, _app="phpgwapi")
eg. egw.image('favicon') returns '/egroupware/phpgwapi/templates/default/favicon.ico'
--> pondon to serverside common::image($app,$name) method
2011-08-30 22:19:38 +00:00
Ralf Becker
be6fd87783 - sending EGroupware configuration (non-sensible stuff) to browser and make it available via egw.config(_name, _app="phpgwapi")
- sending link-registry in the same file
- used javascript file uses etag to ensure there's no need to load it on each request
2011-08-26 16:27:57 +00:00