diff options
| author | cash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-10-05 10:53:40 +0000 |
|---|---|---|
| committer | cash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-10-05 10:53:40 +0000 |
| commit | 7f01270ba106937300cf491927839d3428360d0a (patch) | |
| tree | 589b179f84b2fb8d8c229099d0b9f6d3ece682ea /views/installation/input | |
| parent | f1c75074c96f8c8f144bc132f75443dd8502c440 (diff) | |
| download | elgg-7f01270ba106937300cf491927839d3428360d0a.tar.gz elgg-7f01270ba106937300cf491927839d3428360d0a.tar.bz2 | |
moved installation to its own viewtype
git-svn-id: http://code.elgg.org/elgg/trunk@7010 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'views/installation/input')
| -rw-r--r-- | views/installation/input/access.php | 49 | ||||
| -rw-r--r-- | views/installation/input/button.php | 53 | ||||
| -rw-r--r-- | views/installation/input/checkboxes.php | 50 | ||||
| -rw-r--r-- | views/installation/input/form.php | 53 | ||||
| -rw-r--r-- | views/installation/input/hidden.php | 18 | ||||
| -rw-r--r-- | views/installation/input/longtext.php | 24 | ||||
| -rw-r--r-- | views/installation/input/password.php | 23 | ||||
| -rw-r--r-- | views/installation/input/pulldown.php | 45 | ||||
| -rw-r--r-- | views/installation/input/reset.php | 26 | ||||
| -rw-r--r-- | views/installation/input/securitytoken.php | 17 | ||||
| -rw-r--r-- | views/installation/input/submit.php | 26 | ||||
| -rw-r--r-- | views/installation/input/text.php | 26 |
12 files changed, 410 insertions, 0 deletions
diff --git a/views/installation/input/access.php b/views/installation/input/access.php new file mode 100644 index 000000000..a57014840 --- /dev/null +++ b/views/installation/input/access.php @@ -0,0 +1,49 @@ +<?php +/** + * Elgg access level input + * Displays a pulldown input field + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + * + * @uses $vars['value'] The current value, if any + * @uses $vars['js'] Any Javascript to enter into the input tag + * @uses $vars['internalname'] The name of the input field + * + */ + +if (isset($vars['class'])) { + $class = $vars['class']; +} +if (!$class) { + $class = "input_access"; +} + +if ((!isset($vars['options'])) || (!is_array($vars['options']))) { + $vars['options'] = array(); + $vars['options'] = get_write_access_array(); +} + +if (is_array($vars['options']) && sizeof($vars['options']) > 0) { + + ?> + + <select name="<?php echo $vars['internalname']; ?>" <?php if (isset($vars['js'])) echo $vars['js']; ?> <?php if ((isset($vars['disabled'])) && ($vars['disabled'])) echo ' disabled="yes" '; ?> class="<?php echo $class; ?>"> + <?php + + foreach($vars['options'] as $key => $option) { + if ($key != $vars['value']) { + echo "<option value=\"{$key}\">{$option}</option>"; + } else { + echo "<option value=\"{$key}\" selected=\"selected\">{$option}</option>"; + } + } + + ?> + </select> + + <?php + +}
\ No newline at end of file diff --git a/views/installation/input/button.php b/views/installation/input/button.php new file mode 100644 index 000000000..2c36841df --- /dev/null +++ b/views/installation/input/button.php @@ -0,0 +1,53 @@ +<?php +/** + * Create a input button + * Use this view for forms rather than creating a submit/reset button tag in the wild as it provides + * extra security which help prevent CSRF attacks. + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + * + * @uses $vars['value'] The current value, if any + * @uses $vars['js'] Any Javascript to enter into the input tag + * @uses $vars['internalname'] The name of the input field + * @uses $vars['type'] Submit or reset, defaults to submit. + * @uses $vars['src'] Src of an image + * + */ + +global $CONFIG; + +$class = $vars['class']; +if (!$class) { + $class = "submit_button"; +} + +if (isset($vars['type'])) { + $type = strtolower($vars['type']); +} else { + $type = 'submit'; +} + +switch ($type) { + case 'button' : + $type='button'; + break; + case 'reset' : + $type='reset'; + break; + case 'submit': + default: + $type = 'submit'; +} + +$value = htmlentities($vars['value'], ENT_QUOTES, 'UTF-8'); +$name = $vars['internalname']; +$src = $vars['src']; +// blank src if trying to access an offsite image. +if (strpos($src,$CONFIG->wwwroot)===false) { + $src = ""; +} +?> +<input type="<?php echo $type; ?>" class="<?php echo $type; ?>_button" <?php echo $vars['js']; ?> value="<?php echo $value; ?>" src="<?php echo $src; ?>" class="<?php echo $class; ?>" />
\ No newline at end of file diff --git a/views/installation/input/checkboxes.php b/views/installation/input/checkboxes.php new file mode 100644 index 000000000..0792f09ce --- /dev/null +++ b/views/installation/input/checkboxes.php @@ -0,0 +1,50 @@ +<?php +/** + * Elgg checkbox input + * Displays a checkbox input field + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + * + * @uses $vars['value'] The current value, if any + * @uses $vars['js'] Any Javascript to enter into the input tag + * @uses $vars['internalname'] The name of the input field + * @uses $vars['options'] An array of strings representing the options for the checkbox field + * + */ + +$class = $vars['class']; +if (!$class) { + $class = "input-checkboxes"; +} + +foreach($vars['options'] as $label => $option) { + //if (!in_array($option,$vars['value'])) { + if (is_array($vars['value'])) { + if (!in_array($option,$vars['value'])) { + $selected = ""; + } else { + $selected = "checked = \"checked\""; + } + } else { + if ($option != $vars['value']) { + $selected = ""; + } else { + $selected = "checked = \"checked\""; + } + } + + // handle indexed array where label is not specified + // @todo deprecate in Elgg 1.8 + if (is_integer($label)) { + $label = $option; + } + + $disabled = ""; + if ($vars['disabled']) { + $disabled = ' disabled="yes" '; + } + echo "<label><input type=\"checkbox\" $disabled {$vars['js']} name=\"{$vars['internalname']}[]\" {$selected} value=\"".htmlentities($option, ENT_QUOTES, 'UTF-8')."\" {$selected} class=\"$class\" />{$label}</label><br />"; +}
\ No newline at end of file diff --git a/views/installation/input/form.php b/views/installation/input/form.php new file mode 100644 index 000000000..35e718adb --- /dev/null +++ b/views/installation/input/form.php @@ -0,0 +1,53 @@ +<?php +/** + * Create a form for data submission. + * Use this view for forms rather than creating a form tag in the wild as it provides + * extra security which help prevent CSRF attacks. + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + * + * @uses $vars['body'] The body of the form (made up of other input/xxx views and html + * @uses $vars['method'] Method (default POST) + * @uses $vars['enctype'] How the form is encoded, default blank + * @uses $vars['action'] URL of the action being called + * + */ + +if (isset($vars['internalid'])) { + $id = $vars['internalid']; +} else { + $id = ''; +} +if (isset($vars['internalname'])) { + $name = $vars['internalname']; +} else { + $name = ''; +} +$body = $vars['body']; +$action = $vars['action']; +if (isset($vars['enctype'])) { + $enctype = $vars['enctype']; +} else { + $enctype = ''; +} +if (isset($vars['method'])) { + $method = $vars['method']; +} else { + $method = 'POST'; +} + +$method = strtolower($method); + +// Generate a security header +$security_header = ""; +if (!isset($vars['disable_security']) || $vars['disable_security'] != true) { + $security_header = elgg_view('input/securitytoken'); +} +?> +<form <?php if ($id) { ?>id="<?php echo $id; ?>" <?php } ?> <?php if ($name) { ?>name="<?php echo $name; ?>" <?php } ?> action="<?php echo $action; ?>" method="<?php echo $method; ?>" <?php if ($enctype!="") echo "enctype=\"$enctype\""; ?>> +<?php echo $security_header; ?> +<?php echo $body; ?> +</form>
\ No newline at end of file diff --git a/views/installation/input/hidden.php b/views/installation/input/hidden.php new file mode 100644 index 000000000..dd5c8bb98 --- /dev/null +++ b/views/installation/input/hidden.php @@ -0,0 +1,18 @@ +<?php +/** + * Create a hidden data field + * Use this view for forms rather than creating a hidden tag in the wild as it provides + * extra security which help prevent CSRF attacks. + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + * + * @uses $vars['value'] The current value, if any + * @uses $vars['js'] Any Javascript to enter into the input tag + * @uses $vars['internalname'] The name of the input field + * + */ +?> +<input type="hidden" <?php echo $vars['js']; ?> name="<?php echo $vars['internalname']; ?>" value="<?php echo htmlentities($vars['value'], ENT_QUOTES, 'UTF-8'); ?>" />
\ No newline at end of file diff --git a/views/installation/input/longtext.php b/views/installation/input/longtext.php new file mode 100644 index 000000000..9da3d8276 --- /dev/null +++ b/views/installation/input/longtext.php @@ -0,0 +1,24 @@ +<?php +/** + * Elgg long text input + * Displays a long text input field + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + * + * @uses $vars['value'] The current value, if any + * @uses $vars['js'] Any Javascript to enter into the input tag + * @uses $vars['internalname'] The name of the input field + * + */ + +$class = $vars['class']; +if (!$class) { + $class = "input_textarea"; +} + +?> + +<textarea class="<?php echo $class; ?>" name="<?php echo $vars['internalname']; ?>" <?php if ($vars['disabled']) echo ' disabled="yes" '; ?> <?php echo $vars['js']; ?>><?php echo $vars['value']; ?></textarea>
\ No newline at end of file diff --git a/views/installation/input/password.php b/views/installation/input/password.php new file mode 100644 index 000000000..461f77955 --- /dev/null +++ b/views/installation/input/password.php @@ -0,0 +1,23 @@ +<?php +/** + * Elgg password input + * Displays a password input field + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + * + * @uses $vars['value'] The current value, if any + * @uses $vars['js'] Any Javascript to enter into the input tag + * @uses $vars['internalname'] The name of the input field + * + */ + +$class = $vars['class']; +if (!$class) { + $class = "input_password"; +} +?> + +<input type="password" <?php if ($vars['disabled']) echo ' disabled="yes" '; ?> <?php echo $vars['js']; ?> name="<?php echo $vars['internalname']; ?>" <?php if (isset($vars['internalid'])) echo "id=\"{$vars['internalid']}\""; ?> value="<?php echo htmlentities($vars['value'], ENT_QUOTES, 'UTF-8'); ?>" class="<?php echo $class; ?>" /> diff --git a/views/installation/input/pulldown.php b/views/installation/input/pulldown.php new file mode 100644 index 000000000..6ad12eec4 --- /dev/null +++ b/views/installation/input/pulldown.php @@ -0,0 +1,45 @@ +<?php +/** + * Elgg pulldown input + * Displays a pulldown input field + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + * + * @uses $vars['value'] The current value, if any + * @uses $vars['js'] Any Javascript to enter into the input tag + * @uses $vars['internalname'] The name of the input field + * @uses $vars['options'] An array of strings representing the options for the pulldown field + * @uses $vars['options_values'] An associative array of "value" => "option" where "value" is an internal name and "option" is + * the value displayed on the button. Replaces $vars['options'] when defined. + */ + + +$class = $vars['class']; +if (!$class) { + $class = "input-pulldown"; +} +?> +<select name="<?php echo $vars['internalname']; ?>" <?php echo $vars['js']; ?> <?php if ($vars['disabled']) echo ' disabled="yes" '; ?> class="<?php echo $class; ?>"> +<?php +if ($vars['options_values']) { + foreach($vars['options_values'] as $value => $option) { + if ($value != $vars['value']) { + echo "<option value=\"$value\">{$option}</option>"; + } else { + echo "<option value=\"$value\" selected=\"selected\">{$option}</option>"; + } + } +} else { + foreach($vars['options'] as $option) { + if ($option != $vars['value']) { + echo "<option>{$option}</option>"; + } else { + echo "<option selected=\"selected\">{$option}</option>"; + } + } +} +?> +</select>
\ No newline at end of file diff --git a/views/installation/input/reset.php b/views/installation/input/reset.php new file mode 100644 index 000000000..bb8d278c3 --- /dev/null +++ b/views/installation/input/reset.php @@ -0,0 +1,26 @@ +<?php +/** + * Create a reset input button + * Use this view for forms rather than creating a submit/reset button tag in the wild as it provides + * extra security which help prevent CSRF attacks. + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + * + * @uses $vars['value'] The current value, if any + * @uses $vars['js'] Any Javascript to enter into the input tag + * @uses $vars['internalname'] The name of the input field + * @uses $vars['type'] Submit or reset, defaults to submit. + * + */ + +$vars['type'] = 'reset'; +$class = $vars['class']; +if (!$class) { + $class = "submit_button"; +} +$vars['class'] = $class; + +echo elgg_view('input/button', $vars);
\ No newline at end of file diff --git a/views/installation/input/securitytoken.php b/views/installation/input/securitytoken.php new file mode 100644 index 000000000..a2a4a0e01 --- /dev/null +++ b/views/installation/input/securitytoken.php @@ -0,0 +1,17 @@ +<?php +/** + * CSRF security token view for use with secure forms. + * + * It is still recommended that you use input/form. + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + */ + +$ts = time(); +$token = generate_action_token($ts); + +echo elgg_view('input/hidden', array('internalname' => '__elgg_token', 'value' => $token)); +echo elgg_view('input/hidden', array('internalname' => '__elgg_ts', 'value' => $ts)); diff --git a/views/installation/input/submit.php b/views/installation/input/submit.php new file mode 100644 index 000000000..cfa7989d0 --- /dev/null +++ b/views/installation/input/submit.php @@ -0,0 +1,26 @@ +<?php +/** + * Create a submit input button + * Use this view for forms rather than creating a submit/reset button tag in the wild as it provides + * extra security which help prevent CSRF attacks. + * + * @package Elgg + * @subpackage Core + * @author Curverider Ltd + * @link http://elgg.org/ + * + * @uses $vars['value'] The current value, if any + * @uses $vars['js'] Any Javascript to enter into the input tag + * @uses $vars['internalname'] The name of the input field + * @uses $vars['type'] Submit or reset, defaults to submit. + * + */ + +$vars['type'] = 'submit'; +$class = $vars['class']; +if (!$class) { + $class = "submit_button"; +} +$vars['class'] = $class; + +echo elgg_view('input/button', $vars);
\ No newline at end of file diff --git a/views/installation/input/text.php b/views/installation/input/text.php new file mode 100644 index 000000000..7f69a2f93 --- /dev/null +++ b/views/installation/input/text.php @@ -0,0 +1,26 @@ +<?php +/** + * Elgg text input + * Displays a text input field + * + * @package Elgg + * @subpackage Core + + * @author Curverider Ltd + + * @link http://elgg.org/ + * + * @uses $vars['value'] The current value, if any + * @uses $vars['js'] Any Javascript to enter into the input tag + * @uses $vars['internalname'] The name of the input field + * @uses $vars['disabled'] If true then control is read-only + * @uses $vars['class'] Class override + */ + +$class = $vars['class']; +if (!$class) { + $class = "input_text"; +} + +?> +<input type="text" <?php if ($vars['disabled']) echo ' disabled="yes" '; ?> <?php echo $vars['js']; ?> name="<?php echo $vars['internalname']; ?>" value="<?php echo htmlentities($vars['value'], ENT_QUOTES, 'UTF-8'); ?>" class="<?php echo $class ?>"/>
\ No newline at end of file |