* @package admin
* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
* @version $Id$
*/
use EGroupware\Api;
/**
* Site configuration for all apps using an $app/templates/default/config.tpl
*/
class uiconfig
{
var $public_functions = array('index' => True);
function index($params=null)
{
// if we have a xet file, run new et2 config
if (file_exists(EGW_SERVER_ROOT.'/'.$_GET['appname'].'/templates/default/config.xet'))
{
$new_config = new admin_config();
return $new_config->index();
}
// allowing inline js
egw_framework::csp_script_src_attrs('unsafe-inline');
// for POST requests validate CSRF token (or terminate request)
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
Api\Csrf::validate($_POST['csrf_token'], __CLASS__);
}
if (empty($_GET['appname']) && isset($params['appname']))
{
$_appname = $params['appname'];
}
else
{
//_debug_array($params);
$_appname = $_GET['appname'];
}
if ($GLOBALS['egw']->acl->check('site_config_acce',1,'admin'))
{
egw::redirect_link('/index.php');
}
// load the translations of the app we show too, so they dont need to be in admin!
if ($_appname != 'admin')
{
Api\Translation::add_app($_appname);
}
if(get_magic_quotes_gpc() && is_array($_POST['newsettings']))
{
$_POST['newsettings'] = array_stripslashes($_POST['newsettings']);
}
switch($_appname)
{
case 'admin':
case 'addressbook':
case 'calendar':
case 'preferences':
/*
Other special apps can go here for now, e.g.:
case 'bogusappname':
*/
$appname = $_appname;
$config_appname = 'phpgwapi';
break;
case 'phpgwapi':
case '':
/* This keeps the admin from getting into what is a setup-only config */
egw::redirect_link('/admin/index.php');
break;
default:
$appname = $_appname;
$config_appname = $appname;
break;
}
if (ob_get_contents()) ob_end_flush(); // if there is output in buffer, flush it now.
$t = new Template(common::get_tpl_dir($appname));
$t->set_unknowns('keep');
$t->set_file(array('config' => 'config.tpl'));
$t->set_block('config','header','header');
// fix header templates missing essential parts like display of validation errors
$header = $t->get_var('header');
if (strpos($header, '{hidden_vars}') === false)
{
if (strpos($header, '