diff options
Diffstat (limited to 'views/default/output')
| -rw-r--r-- | views/default/output/access.php | 29 | ||||
| -rw-r--r-- | views/default/output/calendar.php | 8 | ||||
| -rw-r--r-- | views/default/output/confirmlink.php | 46 | ||||
| -rw-r--r-- | views/default/output/date.php | 12 | ||||
| -rw-r--r-- | views/default/output/dropdown.php | 13 | ||||
| -rw-r--r-- | views/default/output/email.php | 4 | ||||
| -rw-r--r-- | views/default/output/img.php | 12 | ||||
| -rw-r--r-- | views/default/output/location.php | 19 | ||||
| -rw-r--r-- | views/default/output/longtext.php | 23 | ||||
| -rw-r--r-- | views/default/output/pulldown.php | 3 | ||||
| -rw-r--r-- | views/default/output/radio.php | 2 | ||||
| -rw-r--r-- | views/default/output/rss_view.php | 7 | ||||
| -rw-r--r-- | views/default/output/tag.php | 35 | ||||
| -rw-r--r-- | views/default/output/tagcloud.php | 33 | ||||
| -rw-r--r-- | views/default/output/tags.php | 72 | ||||
| -rw-r--r-- | views/default/output/text.php | 5 | ||||
| -rw-r--r-- | views/default/output/url.php | 50 |
17 files changed, 255 insertions, 118 deletions
diff --git a/views/default/output/access.php b/views/default/output/access.php index 5490d3203..5c8d62c4d 100644 --- a/views/default/output/access.php +++ b/views/default/output/access.php @@ -9,31 +9,34 @@ //sort out the access level for display if (isset($vars['entity']) && elgg_instanceof($vars['entity'])) { $access_id = $vars['entity']->access_id; - $access_class = 'access_level'; + $access_class = 'elgg-access'; $access_id_string = get_readable_access_level($access_id); + $access_id_string = htmlspecialchars($access_id_string, ENT_QUOTES, 'UTF-8', false); // if within a group or shared access collection display group name and open/closed membership status // @todo have a better way to do this instead of checking against subtype / class. - $container = get_entity($vars['entity']->container_guid); + $container = $vars['entity']->getContainerEntity(); - if ($container instanceof ElggGroup) { + if ($container && $container instanceof ElggGroup) { // we decided to show that the item is in a group, rather than its actual access level // not required. Group ACLs are prepended with "Group: " when written. //$access_id_string = elgg_echo('groups:group') . $container->name; - $membership = $is_group->membership; + $membership = $container->membership; if ($membership == ACCESS_PUBLIC) { - $access_class .= ' group_open'; + $access_class .= ' elgg-access-group-open'; } else { - $access_class .= ' group_closed'; + $access_class .= ' elgg-access-group-closed'; } - } elseif ($container->getSubtype() == 'shared_access') { - $access_level .= ' shared_collection'; + + // @todo this is plugin specific code in core. Should be removed. + } elseif ($container && $container->getSubtype() == 'shared_access') { + $access_class .= ' shared_collection'; } elseif ($access_id == ACCESS_PRIVATE) { - $access_level .= ' private'; - } else { - $access_level .= ' entity_access'; + $access_class .= ' elgg-access-private'; } - echo "<span class=\"$access_class\">$access_id_string</span>"; -}
\ No newline at end of file + $help_text = elgg_echo('access:help'); + + echo "<span title=\"$help_text\" class=\"$access_class\">$access_id_string</span>"; +} diff --git a/views/default/output/calendar.php b/views/default/output/calendar.php index 8729fa1c5..fa0bd0c04 100644 --- a/views/default/output/calendar.php +++ b/views/default/output/calendar.php @@ -9,9 +9,5 @@ * @uses $vars['value'] The current value, if any * */ - -if (is_int($vars['value'])) { - echo date("F j, Y", $vars['value']); -} else { - echo htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8'); -}
\ No newline at end of file +elgg_deprecated_notice('output/calendar was deprecated in favor of output/date', 1.8); +echo elgg_view('output/date', $vars);
\ No newline at end of file diff --git a/views/default/output/confirmlink.php b/views/default/output/confirmlink.php index bce06305a..532790a38 100644 --- a/views/default/output/confirmlink.php +++ b/views/default/output/confirmlink.php @@ -6,24 +6,42 @@ * @package Elgg * @subpackage Core * - * @uses $vars['text'] The text of the link - * @uses $vars['href'] The address - * @uses $vars['confirm'] The dialog text - * + * @uses $vars['text'] The text of the link + * @uses $vars['href'] The address + * @uses $vars['title'] The title text (defaults to confirm text) + * @uses $vars['confirm'] The dialog text + * @uses $vars['encode_text'] Run $vars['text'] through htmlspecialchars() (false) */ -$confirm = $vars['confirm']; -if (!$confirm) { - $confirm = elgg_echo('question:areyousure'); -} +$vars['rel'] = elgg_extract('confirm', $vars, elgg_echo('question:areyousure')); +$vars['rel'] = addslashes($vars['rel']); +$encode = elgg_extract('encode_text', $vars, false); // always generate missing action tokens -$link = elgg_add_action_tokens_to_url(elgg_normalize_url($vars['href'])); +$vars['href'] = elgg_add_action_tokens_to_url(elgg_normalize_url($vars['href']), true); + +$text = elgg_extract('text', $vars, ''); +if ($encode) { + $text = htmlspecialchars($text, ENT_QUOTES, 'UTF-8', false); +} -if (isset($vars['class']) && $vars['class']) { - $class = 'class="' . $vars['class'] . '"'; +if (!isset($vars['title']) && isset($vars['confirm'])) { + $vars['title'] = $vars['rel']; +} + +if (isset($vars['class'])) { + if (!is_array($vars['class'])) { + $vars['class'] = array($vars['class']); + } + $vars['class'][] = 'elgg-requires-confirmation'; } else { - $class = ''; + $vars['class'] = 'elgg-requires-confirmation'; } -?> -<a href="<?php echo $link; ?>" <?php echo $class; ?> onclick="return confirm('<?php echo addslashes($confirm); ?>');"><?php echo htmlspecialchars($vars['text'], ENT_QUOTES, 'UTF-8'); ?></a> + +unset($vars['encode_text']); +unset($vars['text']); +unset($vars['confirm']); +unset($vars['is_trusted']); + +$attributes = elgg_format_attributes($vars); +echo "<a $attributes>$text</a>"; diff --git a/views/default/output/date.php b/views/default/output/date.php index bd8a65714..1644a3480 100644 --- a/views/default/output/date.php +++ b/views/default/output/date.php @@ -6,10 +6,12 @@ * @package Elgg * @subpackage Core * - * @uses $vars['value'] A UNIX epoch timestamp - * + * @uses $vars['value'] Date as text or a Unix timestamp in seconds */ -if ($vars['value'] > 86400) { - echo date("F j, Y",$vars['value']); -}
\ No newline at end of file +// convert timestamps to text for display +if (is_numeric($vars['value'])) { + $vars['value'] = gmdate('Y-m-d', $vars['value']); +} + +echo $vars['value']; diff --git a/views/default/output/dropdown.php b/views/default/output/dropdown.php new file mode 100644 index 000000000..8d68508ca --- /dev/null +++ b/views/default/output/dropdown.php @@ -0,0 +1,13 @@ +<?php +/** + * Elgg dropdown display + * Displays a value that was entered into the system via a dropdown + * + * @package Elgg + * @subpackage Core + * + * @uses $vars['text'] The text to display + * + */ + +echo htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8', false); diff --git a/views/default/output/email.php b/views/default/output/email.php index 8f5c092b9..f5a8bc4b8 100644 --- a/views/default/output/email.php +++ b/views/default/output/email.php @@ -10,6 +10,8 @@ * */ +$encoded_value = htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8'); + if (!empty($vars['value'])) { - echo "<a href=\"mailto:" . $vars['value'] . "\">". htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8') ."</a>"; + echo "<a href=\"mailto:$encoded_value\">$encoded_value</a>"; }
\ No newline at end of file diff --git a/views/default/output/img.php b/views/default/output/img.php new file mode 100644 index 000000000..d3f596801 --- /dev/null +++ b/views/default/output/img.php @@ -0,0 +1,12 @@ +<?php +/** + * Elgg image view + * + * @uses string $vars['src'] The image src url. + */ + +$vars['src'] = elgg_normalize_url($vars['src']); +$vars['src'] = elgg_format_url($vars['src']); + +$attributes = elgg_format_attributes($vars); +echo "<img $attributes/>"; diff --git a/views/default/output/location.php b/views/default/output/location.php new file mode 100644 index 000000000..e1009f17d --- /dev/null +++ b/views/default/output/location.php @@ -0,0 +1,19 @@ +<?php +/** + * Display a location + * + * @uses $vars['entity'] The ElggEntity that has a location + * @uses $vars['value'] The location string if the entity is not passed + */ + +if (isset($vars['entity'])) { + $vars['value'] = $vars['entity']->location; + unset($vars['entity']); +} + +// Fixes #4566 we used to allow arrays of strings for location +if (is_array($vars['value'])) { + $vars['value'] = implode(', ', $vars['value']); +} + +echo elgg_view('output/tag', $vars); diff --git a/views/default/output/longtext.php b/views/default/output/longtext.php index 22a4ad46d..589100c4f 100644 --- a/views/default/output/longtext.php +++ b/views/default/output/longtext.php @@ -8,18 +8,31 @@ * * @uses $vars['value'] The text to display * @uses $vars['parse_urls'] Whether to turn urls into links. Default is true. + * @uses $vars['class'] */ -$parse_urls = isset($vars['parse_urls']) ? $vars['parse_urls'] : TRUE; +$class = 'elgg-output'; +$additional_class = elgg_extract('class', $vars, ''); +if ($additional_class) { + $vars['class'] = "$class $additional_class"; +} else { + $vars['class'] = $class; +} -$text = $vars['value']; +$parse_urls = elgg_extract('parse_urls', $vars, true); +unset($vars['parse_urls']); -$text = filter_tags($text); +$text = $vars['value']; +unset($vars['value']); if ($parse_urls) { $text = parse_urls($text); } -$text = autop($text); +$text = filter_tags($text); + +$text = elgg_autop($text); + +$attributes = elgg_format_attributes($vars); -echo $text; +echo "<div $attributes>$text</div>"; diff --git a/views/default/output/pulldown.php b/views/default/output/pulldown.php index c597eb5c9..7097a9a8d 100644 --- a/views/default/output/pulldown.php +++ b/views/default/output/pulldown.php @@ -8,6 +8,7 @@ * * @uses $vars['text'] The text to display * + * @deprecated 1.8 Use output/dropdown */ -echo htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8'); //$vars['value'];
\ No newline at end of file +echo elgg_view('output/dropdown', $vars);
\ No newline at end of file diff --git a/views/default/output/radio.php b/views/default/output/radio.php index dd3198b6d..0fae9977b 100644 --- a/views/default/output/radio.php +++ b/views/default/output/radio.php @@ -10,4 +10,4 @@ * */ -echo elgg_view('output/text',$vars);
\ No newline at end of file +echo elgg_view('output/text', $vars);
\ No newline at end of file diff --git a/views/default/output/rss_view.php b/views/default/output/rss_view.php deleted file mode 100644 index 530bb9684..000000000 --- a/views/default/output/rss_view.php +++ /dev/null @@ -1,7 +0,0 @@ -<?php - /** - * View to display the RSS link - * @todo check this - it doesn't appear this view is ever called - **/ -?> -<div class="rss-link clearfix"><a href="" title="RSS feed for the wire">RSS feed for the wire</a></div>
\ No newline at end of file diff --git a/views/default/output/tag.php b/views/default/output/tag.php new file mode 100644 index 000000000..6bd9a72a7 --- /dev/null +++ b/views/default/output/tag.php @@ -0,0 +1,35 @@ +<?php +/** + * Elgg single tag output + * + * @uses $vars['value'] String + * @uses $vars['type'] The entity type, optional + * @uses $vars['subtype'] The entity subtype, optional + * + */ + +if (!empty($vars['type'])) { + $type = "&type=" . rawurlencode($vars['type']); +} else { + $type = ""; +} +if (!empty($vars['subtype'])) { + $subtype = "&subtype=" . rawurlencode($vars['subtype']); +} else { + $subtype = ""; +} +if (!empty($vars['object'])) { + $object = "&object=" . rawurlencode($vars['object']); +} else { + $object = ""; +} + +if (isset($vars['value'])) { + $url = elgg_get_site_url() . 'search?q=' . rawurlencode($vars['value']) . "&search_type=tags{$type}{$subtype}{$object}"; + $vars['value'] = htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8', false); + echo elgg_view('output/url', array( + 'href' => $url, + 'text' => $vars['value'], + 'rel' => 'tag', + )); +} diff --git a/views/default/output/tagcloud.php b/views/default/output/tagcloud.php index b0737c6f1..2fbf1cd0a 100644 --- a/views/default/output/tagcloud.php +++ b/views/default/output/tagcloud.php @@ -12,8 +12,6 @@ * @uses $vars['subtype'] Entity subtype */ -$context = elgg_get_context(); - if (!empty($vars['subtype'])) { $subtype = "&entity_subtype=" . urlencode($vars['subtype']); } else { @@ -41,6 +39,8 @@ if (!empty($vars['tagcloud']) && is_array($vars['tagcloud'])) { $cloud = ''; foreach ($vars['tagcloud'] as $tag) { + $tag->tag = htmlspecialchars($tag->tag, ENT_QUOTES, 'UTF-8', false); + if ($cloud != '') { $cloud .= ', '; } @@ -49,27 +49,18 @@ if (!empty($vars['tagcloud']) && is_array($vars['tagcloud'])) { if ($size < 100) { $size = 100; } - $url = elgg_get_site_url()."pg/search/?q=". urlencode($tag->tag) . "&search_type=tags$type$subtype"; - $cloud .= "<a href=\"$url\" style=\"font-size: $size%\" title=\"".addslashes($tag->tag)." ($tag->total)\" style=\"text-decoration:none;\">" . htmlspecialchars($tag->tag, ENT_QUOTES, 'UTF-8') . "</a>"; - } - - if ($context != 'tags') { - $text = elgg_echo('tagcloud:allsitetags'); - $cloud .= '<p class="elgg-tags">'; - $cloud .= "<a href=\"".elgg_get_site_url()."pg/tags\">$text</a>"; - $cloud .= '</p>'; + $url = "search?q=". urlencode($tag->tag) . "&search_type=tags$type$subtype"; + + $cloud .= elgg_view('output/url', array( + 'text' => $tag->tag, + 'href' => $url, + 'style' => "font-size: $size%;", + 'title' => "$tag->tag ($tag->total)", + 'rel' => 'tag' + )); } $cloud .= elgg_view('tagcloud/extend'); - if ($context != 'tags') { - $params = array( - 'title' => elgg_echo('tagcloud'), - 'body' => $cloud, - 'body_class' => 'elgg-tagcloud', - ); - echo elgg_view('layout_elements/module', $params); - } else { - echo "<div class=\"elgg-tagcloud\">$cloud</div>"; - } + echo "<div class=\"elgg-tagcloud\">$cloud</div>"; } diff --git a/views/default/output/tags.php b/views/default/output/tags.php index 1dbf14a7d..db096a3be 100644 --- a/views/default/output/tags.php +++ b/views/default/output/tags.php @@ -1,24 +1,34 @@ <?php /** * Elgg tags - * Displays a list of tags, separated by commas - * * Tags can be a single string (for one tag) or an array of strings * - * @package Elgg - * @subpackage Core - * - * @uses $vars['tags'] The tags to display - * @uses $vars['tagtype'] The tagtype, optionally + * @uses $vars['value'] Array of tags or a string + * @uses $vars['type'] The entity type, optional + * @uses $vars['subtype'] The entity subtype, optional + * @uses $vars['entity'] Optional. Entity whose tags are being displayed (metadata ->tags) + * @uses $vars['list_class'] Optional. Additional classes to be passed to <ul> element + * @uses $vars['item_class'] Optional. Additional classes to be passed to <li> elements + * @uses $vars['icon_class'] Optional. Additional classes to be passed to tags icon image */ +if (isset($vars['entity'])) { + $vars['tags'] = $vars['entity']->tags; + unset($vars['entity']); +} + +if (!empty($vars['type'])) { + $type = "&type=" . rawurlencode($vars['type']); +} else { + $type = ""; +} if (!empty($vars['subtype'])) { - $subtype = "&subtype=" . urlencode($vars['subtype']); + $subtype = "&subtype=" . rawurlencode($vars['subtype']); } else { $subtype = ""; } if (!empty($vars['object'])) { - $object = "&object=" . urlencode($vars['object']); + $object = "&object=" . rawurlencode($vars['object']); } else { $object = ""; } @@ -27,24 +37,46 @@ if (empty($vars['tags']) && !empty($vars['value'])) { $vars['tags'] = $vars['value']; } +if (empty($vars['tags']) && isset($vars['entity'])) { + $vars['tags'] = $vars['entity']->tags; +} + if (!empty($vars['tags'])) { - $tagstr = ""; if (!is_array($vars['tags'])) { $vars['tags'] = array($vars['tags']); } + $list_class = "elgg-tags"; + if (isset($vars['list_class'])) { + $list_class = "$list_class {$vars['list_class']}"; + } + + $item_class = "elgg-tag"; + if (isset($vars['item_class'])) { + $item_class = "$item_class {$vars['item_class']}"; + } + + $icon_class = elgg_extract('icon_class', $vars); + $list_items = '<li>' . elgg_view_icon('tag', $icon_class) . '</li>'; + foreach($vars['tags'] as $tag) { - if (!empty($tagstr)) { - $tagstr .= ", "; - } - if (!empty($vars['type'])) { - $type = "&type={$vars['type']}"; - } else { - $type = ""; - } + $url = elgg_get_site_url() . 'search?q=' . rawurlencode($tag) . "&search_type=tags{$type}{$subtype}{$object}"; if (is_string($tag)) { - $tagstr .= "<a rel=\"tag\" href=\"".elgg_get_site_url()."pg/search/?q=".urlencode($tag) . "&search_type=tags{$type}{$subtype}{$object}\">" . htmlspecialchars($tag, ENT_QUOTES, 'UTF-8') . "</a>"; + $tag = htmlspecialchars($tag, ENT_QUOTES, 'UTF-8', false); + $list_items .= "<li class=\"$item_class\">"; + $list_items .= elgg_view('output/url', array('href' => $url, 'text' => $tag, 'rel' => 'tag')); + $list_items .= '</li>'; } } - echo $tagstr; + + $list = <<<___HTML + <div class="clearfix"> + <ul class="$list_class"> + $list_items + </ul> + </div> +___HTML; + + echo $list; } + diff --git a/views/default/output/text.php b/views/default/output/text.php index f95e2d7fd..5cbfc35b0 100644 --- a/views/default/output/text.php +++ b/views/default/output/text.php @@ -6,8 +6,7 @@ * @package Elgg * @subpackage Core * - * @uses $vars['text'] The text to display - * + * @uses $vars['value'] The text to display */ -echo htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8'); // $vars['value'];
\ No newline at end of file +echo htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8', false);
\ No newline at end of file diff --git a/views/default/output/url.php b/views/default/output/url.php index 8ea84d3d6..81b02087d 100644 --- a/views/default/output/url.php +++ b/views/default/output/url.php @@ -8,41 +8,49 @@ * * @uses string $vars['text'] The string between the <a></a> tags. * @uses string $vars['href'] The unencoded url string - * @uses bool $vars['encode_text'] Run $vars['text'] through htmlspecialchars()? - * @uses bool $vars['is_action'] Is this a link to an action? - * + * @uses bool $vars['encode_text'] Run $vars['text'] through htmlspecialchars() (false) + * @uses bool $vars['is_action'] Is this a link to an action (false) + * @uses bool $vars['is_trusted'] Is this link trusted (false) */ -$url = trim($vars['href']); +$url = elgg_extract('href', $vars, null); if (!$url and isset($vars['value'])) { $url = trim($vars['value']); unset($vars['value']); } -if (!empty($url)) { - if (isset($vars['text'])) { - if (isset($vars['encode_text']) && $vars['encode_text']) { - $text = htmlspecialchars($vars['text'], ENT_QUOTES, 'UTF-8'); - } else { - $text = $vars['text']; - } - - unset($vars['text']); +if (isset($vars['text'])) { + if (elgg_extract('encode_text', $vars, false)) { + $text = htmlspecialchars($vars['text'], ENT_QUOTES, 'UTF-8', false); } else { - $text = htmlspecialchars($url, ENT_QUOTES, 'UTF-8'); + $text = $vars['text']; } + unset($vars['text']); +} else { + $text = htmlspecialchars($url, ENT_QUOTES, 'UTF-8', false); +} - unset($vars['encode_text']); +unset($vars['encode_text']); +if ($url) { $url = elgg_normalize_url($url); - if (isset($vars['is_action'])) { - $url = elgg_add_action_tokens_to_url($url, FALSE); - unset($vars['is_action']); + if (elgg_extract('is_action', $vars, false)) { + $url = elgg_add_action_tokens_to_url($url, false); + } + + if (!elgg_extract('is_trusted', $vars, false)) { + if (!isset($vars['rel'])) { + $vars['rel'] = 'nofollow'; + $url = strip_tags($url); + } } $vars['href'] = $url; +} + +unset($vars['is_action']); +unset($vars['is_trusted']); - $attributes = elgg_format_attributes($vars); - echo "<a $attributes>$text</a>"; -}
\ No newline at end of file +$attributes = elgg_format_attributes($vars); +echo "<a $attributes>$text</a>"; |