holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixed CSP error for multiple eTemplate2s (CRM view), by allways sending etemplate data via et2_container tag (instead etemplate script tag) and create an et2 object for all of them in egw.js

Browse Source
This commit is contained in:
Ralf Becker 2014-03-10 11:58:49 +00:00
parent bea1863d14
commit 79e1b5c9b8
2 changed files with 32 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
etemplate/inc/class.etemplate.inc.php
View File

@ -46,9 +46,12 @@ class etemplate_new extends etemplate_widget_template
*/ */
function __construct($name='',$load_via='') function __construct($name='',$load_via='')
{ {
// we do NOT call parent consturctor, as we only want to enherit it's (static) methods
if (false) parent::__construct ($name); // satisfy IDE, as we dont call parent constructor
$this->sitemgr = isset($GLOBALS['Common_BO']) && is_object($GLOBALS['Common_BO']); $this->sitemgr = isset($GLOBALS['Common_BO']) && is_object($GLOBALS['Common_BO']);
if ($name) $this->read($name,$template='default',$lang='default',$group=0,$version='',$load_via); if ($name) $this->read($name,$template='default','default',0,'',$load_via);
// generate new etemplate request object, if not already existing // generate new etemplate request object, if not already existing
if(!isset(self::$request)) self::$request = etemplate_request::read(); if(!isset(self::$request)) self::$request = etemplate_request::read();
@ -185,9 +188,6 @@ class etemplate_new extends etemplate_widget_template
egw_framework::validate_file('.','app',$app,false); egw_framework::validate_file('.','app',$app,false);
} }
$header = $GLOBALS['egw']->framework->header(array(
'etemplate' => $load_array
));
// check if we are in an ajax-exec call from jdots template (or future other tabbed templates) // check if we are in an ajax-exec call from jdots template (or future other tabbed templates)
if (isset($GLOBALS['egw']->framework->response)) if (isset($GLOBALS['egw']->framework->response))
{ {
@ -203,23 +203,7 @@ class etemplate_new extends etemplate_widget_template
self::$request = null; self::$request = null;
return; return;
} }
else if (!$header) echo $GLOBALS['egw']->framework->header();
{
// Headers already sent, another etemplate
echo '<div id="'.$dom_id.'" class="et2_container"></div>';
echo '<script type="text/javascript">window.egw_LAB.wait(function() {
var data = ' . json_encode($load_array) . ';
$j(".et2_container").not("#'.$dom_id.'").on("load", function() {
var et2 = new etemplate2(document.getElementById("'.$dom_id.'"), "'.$currentapp.'.etemplate_new.ajax_process_content.etemplate");
et2.load(data.name,data.url,data.data);
});
})</script>';
}
else
{
//error_log("NON-Ajax " . __LINE__);
echo $header;
if ($output_mode != 2) if ($output_mode != 2)
{ {
parse_navbar(); parse_navbar();
@ -228,14 +212,13 @@ class etemplate_new extends etemplate_widget_template
{ {
echo '<div id="popupMainDiv">'."\n"; echo '<div id="popupMainDiv">'."\n";
} }
echo '<div id="'.$dom_id.'" class="et2_container"></div>'; echo '<div id="'.$dom_id.'" class="et2_container" data-etemplate="'.html::htmlspecialchars(json_encode($load_array), true).'"></div>';
if ($output_mode == 2) if ($output_mode == 2)
{ {
echo "\n</div>\n"; echo "\n</div>\n";
echo $GLOBALS['egw']->framework->footer(); echo $GLOBALS['egw']->framework->footer();
} }
}
ob_flush(); ob_flush();
// Send any accumulated json responses - after flush to avoid sending the buffer as a response // Send any accumulated json responses - after flush to avoid sending the buffer as a response
@ -329,7 +312,7 @@ class etemplate_new extends etemplate_widget_template
*/ */
static public function process_exec() static public function process_exec()
{ {
$etemplate_exec_id = $_POST['etemplate_exec_id']; if (get_magic_quotes_gpc()) $_POST['value'] = stripslashes($_POST['value']);
$content = json_decode($_POST['value'],true); $content = json_decode($_POST['value'],true);
if($content == null && $_POST['exec']) if($content == null && $_POST['exec'])
{ {
@ -340,8 +323,6 @@ class etemplate_new extends etemplate_widget_template
error_log(__METHOD__."(".array2string($content).")"); error_log(__METHOD__."(".array2string($content).")");
self::$request = etemplate_request::read($_POST['etemplate_exec_id']); self::$request = etemplate_request::read($_POST['etemplate_exec_id']);
if (get_magic_quotes_gpc()) $_POST['value'] = stripslashes($_POST['value']);
$content = json_decode($_POST['value'],true);
if (!($template = self::instance(self::$request->template['name'], self::$request->template['template_set'], if (!($template = self::instance(self::$request->template['name'], self::$request->template['template_set'],
self::$request->template['version'], self::$request->template['load_via']))) self::$request->template['version'], self::$request->template['load_via'])))
@ -400,6 +381,7 @@ class etemplate_new extends etemplate_widget_template
*/ */
public function read($name,$template_set=null,$lang='default',$group=0,$version='',$load_via='') public function read($name,$template_set=null,$lang='default',$group=0,$version='',$load_via='')
{ {
unset($lang); unset($group); // not used, but in old signature
$this->rel_path = self::relPath($this->name=$name, $this->template_set=$template_set, $this->rel_path = self::relPath($this->name=$name, $this->template_set=$template_set,
$this->version=$version, $this->laod_via = $load_via); $this->version=$version, $this->laod_via = $load_via);
//error_log(__METHOD__."('$name', '$template_set', '$lang', $group, '$version', '$load_via') rel_path=".array2string($this->rel_path)); //error_log(__METHOD__."('$name', '$template_set', '$lang', $group, '$version', '$load_via') rel_path=".array2string($this->rel_path));
@ -551,7 +533,7 @@ class etemplate_new extends etemplate_widget_template
*/ */
static public function number_format($number,$num_decimal_places=2,$readonly=true) static public function number_format($number,$num_decimal_places=2,$readonly=true)
{ {
static $dec_separator,$thousands_separator; static $dec_separator=null,$thousands_separator=null;
if (is_null($dec_separator)) if (is_null($dec_separator))
{ {
$dec_separator = $GLOBALS['egw_info']['user']['preferences']['common']['number_format'][0]; $dec_separator = $GLOBALS['egw_info']['user']['preferences']['common']['number_format'][0];
@ -624,7 +606,7 @@ class etemplate_new extends etemplate_widget_template
} }
} }
// default etemplate class has to be defined by either extending etemplate_new or etemplate_old // default etemplate class has to be defined by either extending etemplate_new or etemplate_old
class etemplate extends etemplate_old {}; class etemplate extends etemplate_old {}
// Try to discover all widgets, as names don't always match tags (eg: listbox is in menupopup) // Try to discover all widgets, as names don't always match tags (eg: listbox is in menupopup)
$files = scandir(EGW_INCLUDE_ROOT . '/etemplate/inc'); $files = scandir(EGW_INCLUDE_ROOT . '/etemplate/inc');

37
phpgwapi/js/jsapi/egw.js
View File

@ -206,32 +206,10 @@
window.framework.setSidebox.apply(window.framework, JSON.parse(sidebox)); window.framework.setSidebox.apply(window.framework, JSON.parse(sidebox));
} }
// load et2 // load etemplate2 template(s)
var data = egw_script.getAttribute('data-etemplate'); $j('div.et2_container[data-etemplate]').each(function(index, node){
if (data) var data = JSON.parse(node.getAttribute('data-etemplate')) || {};
{ var currentapp = data.data.currentapp || window.egw_appName;
// Initialize application js
var callback = null;
// Only initialize once
if(typeof app[window.egw_appName] == "object")
{
callback = function(et2) {app[window.egw_appName].et2_ready(et2);};
}
else
{
egw.debug("warn", "Did not load '%s' JS object",window.egw_appName);
}
// Wait until DOM loaded before we load the etemplate to make sure the target is there
$j(function() {
// Re-load data here, as later code may change the variable
var data = JSON.parse(egw_script.getAttribute('data-etemplate')) || {};
var node = document.getElementById(data.DOMNodeID);
if(!node)
{
egw.debug("error", "Could not find target node %s", data.DOMNodeID);
}
else
{
if(popup || window.opener) if(popup || window.opener)
{ {
// Resize popup when et2 load is done // Resize popup when et2 load is done
@ -239,11 +217,10 @@
window.resizeTo(jQuery(document).width()+20,jQuery(document).height()+70); window.resizeTo(jQuery(document).width()+20,jQuery(document).height()+70);
}); });
} }
var et2 = new etemplate2(node, window.egw_appName+".etemplate_new.ajax_process_content.etemplate"); var et2 = new etemplate2(node, currentapp+".etemplate_new.ajax_process_content.etemplate");
et2.load(data.name,data.url,data.data,callback); et2.load(data.name,data.url,data.data);
}
}); });
}
$j(function() { $j(function() {
// set app-header // set app-header
if (window.framework && egw_script.getAttribute('data-app-header')) if (window.framework && egw_script.getAttribute('data-app-header'))