aboutsummaryrefslogtreecommitdiff
path: root/views/installation/input
diff options
context:
space:
mode:
Diffstat (limited to 'views/installation/input')
-rw-r--r--views/installation/input/access.php49
-rw-r--r--views/installation/input/button.php53
-rw-r--r--views/installation/input/checkboxes.php50
-rw-r--r--views/installation/input/form.php53
-rw-r--r--views/installation/input/hidden.php18
-rw-r--r--views/installation/input/longtext.php24
-rw-r--r--views/installation/input/password.php23
-rw-r--r--views/installation/input/pulldown.php45
-rw-r--r--views/installation/input/reset.php26
-rw-r--r--views/installation/input/securitytoken.php17
-rw-r--r--views/installation/input/submit.php26
-rw-r--r--views/installation/input/text.php26
12 files changed, 410 insertions, 0 deletions
diff --git a/views/installation/input/access.php b/views/installation/input/access.php
new file mode 100644
index 000000000..a57014840
--- /dev/null
+++ b/views/installation/input/access.php
@@ -0,0 +1,49 @@
+<?php
+/**
+ * Elgg access level input
+ * Displays a pulldown input field
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @author Curverider Ltd
+ * @link http://elgg.org/
+ *
+ * @uses $vars['value'] The current value, if any
+ * @uses $vars['js'] Any Javascript to enter into the input tag
+ * @uses $vars['internalname'] The name of the input field
+ *
+ */
+
+if (isset($vars['class'])) {
+ $class = $vars['class'];
+}
+if (!$class) {
+ $class = "input_access";
+}
+
+if ((!isset($vars['options'])) || (!is_array($vars['options']))) {
+ $vars['options'] = array();
+ $vars['options'] = get_write_access_array();
+}
+
+if (is_array($vars['options']) && sizeof($vars['options']) > 0) {
+
+ ?>
+
+ <select name="<?php echo $vars['internalname']; ?>" <?php if (isset($vars['js'])) echo $vars['js']; ?> <?php if ((isset($vars['disabled'])) && ($vars['disabled'])) echo ' disabled="yes" '; ?> class="<?php echo $class; ?>">
+ <?php
+
+ foreach($vars['options'] as $key => $option) {
+ if ($key != $vars['value']) {
+ echo "<option value=\"{$key}\">{$option}</option>";
+ } else {
+ echo "<option value=\"{$key}\" selected=\"selected\">{$option}</option>";
+ }
+ }
+
+ ?>
+ </select>
+
+ <?php
+
+} \ No newline at end of file
diff --git a/views/installation/input/button.php b/views/installation/input/button.php
new file mode 100644
index 000000000..2c36841df
--- /dev/null
+++ b/views/installation/input/button.php
@@ -0,0 +1,53 @@
+<?php
+/**
+ * Create a input button
+ * Use this view for forms rather than creating a submit/reset button tag in the wild as it provides
+ * extra security which help prevent CSRF attacks.
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @author Curverider Ltd
+ * @link http://elgg.org/
+ *
+ * @uses $vars['value'] The current value, if any
+ * @uses $vars['js'] Any Javascript to enter into the input tag
+ * @uses $vars['internalname'] The name of the input field
+ * @uses $vars['type'] Submit or reset, defaults to submit.
+ * @uses $vars['src'] Src of an image
+ *
+ */
+
+global $CONFIG;
+
+$class = $vars['class'];
+if (!$class) {
+ $class = "submit_button";
+}
+
+if (isset($vars['type'])) {
+ $type = strtolower($vars['type']);
+} else {
+ $type = 'submit';
+}
+
+switch ($type) {
+ case 'button' :
+ $type='button';
+ break;
+ case 'reset' :
+ $type='reset';
+ break;
+ case 'submit':
+ default:
+ $type = 'submit';
+}
+
+$value = htmlentities($vars['value'], ENT_QUOTES, 'UTF-8');
+$name = $vars['internalname'];
+$src = $vars['src'];
+// blank src if trying to access an offsite image.
+if (strpos($src,$CONFIG->wwwroot)===false) {
+ $src = "";
+}
+?>
+<input type="<?php echo $type; ?>" class="<?php echo $type; ?>_button" <?php echo $vars['js']; ?> value="<?php echo $value; ?>" src="<?php echo $src; ?>" class="<?php echo $class; ?>" /> \ No newline at end of file
diff --git a/views/installation/input/checkboxes.php b/views/installation/input/checkboxes.php
new file mode 100644
index 000000000..0792f09ce
--- /dev/null
+++ b/views/installation/input/checkboxes.php
@@ -0,0 +1,50 @@
+<?php
+/**
+ * Elgg checkbox input
+ * Displays a checkbox input field
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @author Curverider Ltd
+ * @link http://elgg.org/
+ *
+ * @uses $vars['value'] The current value, if any
+ * @uses $vars['js'] Any Javascript to enter into the input tag
+ * @uses $vars['internalname'] The name of the input field
+ * @uses $vars['options'] An array of strings representing the options for the checkbox field
+ *
+ */
+
+$class = $vars['class'];
+if (!$class) {
+ $class = "input-checkboxes";
+}
+
+foreach($vars['options'] as $label => $option) {
+ //if (!in_array($option,$vars['value'])) {
+ if (is_array($vars['value'])) {
+ if (!in_array($option,$vars['value'])) {
+ $selected = "";
+ } else {
+ $selected = "checked = \"checked\"";
+ }
+ } else {
+ if ($option != $vars['value']) {
+ $selected = "";
+ } else {
+ $selected = "checked = \"checked\"";
+ }
+ }
+
+ // handle indexed array where label is not specified
+ // @todo deprecate in Elgg 1.8
+ if (is_integer($label)) {
+ $label = $option;
+ }
+
+ $disabled = "";
+ if ($vars['disabled']) {
+ $disabled = ' disabled="yes" ';
+ }
+ echo "<label><input type=\"checkbox\" $disabled {$vars['js']} name=\"{$vars['internalname']}[]\" {$selected} value=\"".htmlentities($option, ENT_QUOTES, 'UTF-8')."\" {$selected} class=\"$class\" />{$label}</label><br />";
+} \ No newline at end of file
diff --git a/views/installation/input/form.php b/views/installation/input/form.php
new file mode 100644
index 000000000..35e718adb
--- /dev/null
+++ b/views/installation/input/form.php
@@ -0,0 +1,53 @@
+<?php
+/**
+ * Create a form for data submission.
+ * Use this view for forms rather than creating a form tag in the wild as it provides
+ * extra security which help prevent CSRF attacks.
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @author Curverider Ltd
+ * @link http://elgg.org/
+ *
+ * @uses $vars['body'] The body of the form (made up of other input/xxx views and html
+ * @uses $vars['method'] Method (default POST)
+ * @uses $vars['enctype'] How the form is encoded, default blank
+ * @uses $vars['action'] URL of the action being called
+ *
+ */
+
+if (isset($vars['internalid'])) {
+ $id = $vars['internalid'];
+} else {
+ $id = '';
+}
+if (isset($vars['internalname'])) {
+ $name = $vars['internalname'];
+} else {
+ $name = '';
+}
+$body = $vars['body'];
+$action = $vars['action'];
+if (isset($vars['enctype'])) {
+ $enctype = $vars['enctype'];
+} else {
+ $enctype = '';
+}
+if (isset($vars['method'])) {
+ $method = $vars['method'];
+} else {
+ $method = 'POST';
+}
+
+$method = strtolower($method);
+
+// Generate a security header
+$security_header = "";
+if (!isset($vars['disable_security']) || $vars['disable_security'] != true) {
+ $security_header = elgg_view('input/securitytoken');
+}
+?>
+<form <?php if ($id) { ?>id="<?php echo $id; ?>" <?php } ?> <?php if ($name) { ?>name="<?php echo $name; ?>" <?php } ?> action="<?php echo $action; ?>" method="<?php echo $method; ?>" <?php if ($enctype!="") echo "enctype=\"$enctype\""; ?>>
+<?php echo $security_header; ?>
+<?php echo $body; ?>
+</form> \ No newline at end of file
diff --git a/views/installation/input/hidden.php b/views/installation/input/hidden.php
new file mode 100644
index 000000000..dd5c8bb98
--- /dev/null
+++ b/views/installation/input/hidden.php
@@ -0,0 +1,18 @@
+<?php
+/**
+ * Create a hidden data field
+ * Use this view for forms rather than creating a hidden tag in the wild as it provides
+ * extra security which help prevent CSRF attacks.
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @author Curverider Ltd
+ * @link http://elgg.org/
+ *
+ * @uses $vars['value'] The current value, if any
+ * @uses $vars['js'] Any Javascript to enter into the input tag
+ * @uses $vars['internalname'] The name of the input field
+ *
+ */
+?>
+<input type="hidden" <?php echo $vars['js']; ?> name="<?php echo $vars['internalname']; ?>" value="<?php echo htmlentities($vars['value'], ENT_QUOTES, 'UTF-8'); ?>" /> \ No newline at end of file
diff --git a/views/installation/input/longtext.php b/views/installation/input/longtext.php
new file mode 100644
index 000000000..9da3d8276
--- /dev/null
+++ b/views/installation/input/longtext.php
@@ -0,0 +1,24 @@
+<?php
+/**
+ * Elgg long text input
+ * Displays a long text input field
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @author Curverider Ltd
+ * @link http://elgg.org/
+ *
+ * @uses $vars['value'] The current value, if any
+ * @uses $vars['js'] Any Javascript to enter into the input tag
+ * @uses $vars['internalname'] The name of the input field
+ *
+ */
+
+$class = $vars['class'];
+if (!$class) {
+ $class = "input_textarea";
+}
+
+?>
+
+<textarea class="<?php echo $class; ?>" name="<?php echo $vars['internalname']; ?>" <?php if ($vars['disabled']) echo ' disabled="yes" '; ?> <?php echo $vars['js']; ?>><?php echo $vars['value']; ?></textarea> \ No newline at end of file
diff --git a/views/installation/input/password.php b/views/installation/input/password.php
new file mode 100644
index 000000000..461f77955
--- /dev/null
+++ b/views/installation/input/password.php
@@ -0,0 +1,23 @@
+<?php
+/**
+ * Elgg password input
+ * Displays a password input field
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @author Curverider Ltd
+ * @link http://elgg.org/
+ *
+ * @uses $vars['value'] The current value, if any
+ * @uses $vars['js'] Any Javascript to enter into the input tag
+ * @uses $vars['internalname'] The name of the input field
+ *
+ */
+
+$class = $vars['class'];
+if (!$class) {
+ $class = "input_password";
+}
+?>
+
+<input type="password" <?php if ($vars['disabled']) echo ' disabled="yes" '; ?> <?php echo $vars['js']; ?> name="<?php echo $vars['internalname']; ?>" <?php if (isset($vars['internalid'])) echo "id=\"{$vars['internalid']}\""; ?> value="<?php echo htmlentities($vars['value'], ENT_QUOTES, 'UTF-8'); ?>" class="<?php echo $class; ?>" />
diff --git a/views/installation/input/pulldown.php b/views/installation/input/pulldown.php
new file mode 100644
index 000000000..6ad12eec4
--- /dev/null
+++ b/views/installation/input/pulldown.php
@@ -0,0 +1,45 @@
+<?php
+/**
+ * Elgg pulldown input
+ * Displays a pulldown input field
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @author Curverider Ltd
+ * @link http://elgg.org/
+ *
+ * @uses $vars['value'] The current value, if any
+ * @uses $vars['js'] Any Javascript to enter into the input tag
+ * @uses $vars['internalname'] The name of the input field
+ * @uses $vars['options'] An array of strings representing the options for the pulldown field
+ * @uses $vars['options_values'] An associative array of "value" => "option" where "value" is an internal name and "option" is
+ * the value displayed on the button. Replaces $vars['options'] when defined.
+ */
+
+
+$class = $vars['class'];
+if (!$class) {
+ $class = "input-pulldown";
+}
+?>
+<select name="<?php echo $vars['internalname']; ?>" <?php echo $vars['js']; ?> <?php if ($vars['disabled']) echo ' disabled="yes" '; ?> class="<?php echo $class; ?>">
+<?php
+if ($vars['options_values']) {
+ foreach($vars['options_values'] as $value => $option) {
+ if ($value != $vars['value']) {
+ echo "<option value=\"$value\">{$option}</option>";
+ } else {
+ echo "<option value=\"$value\" selected=\"selected\">{$option}</option>";
+ }
+ }
+} else {
+ foreach($vars['options'] as $option) {
+ if ($option != $vars['value']) {
+ echo "<option>{$option}</option>";
+ } else {
+ echo "<option selected=\"selected\">{$option}</option>";
+ }
+ }
+}
+?>
+</select> \ No newline at end of file
diff --git a/views/installation/input/reset.php b/views/installation/input/reset.php
new file mode 100644
index 000000000..bb8d278c3
--- /dev/null
+++ b/views/installation/input/reset.php
@@ -0,0 +1,26 @@
+<?php
+/**
+ * Create a reset input button
+ * Use this view for forms rather than creating a submit/reset button tag in the wild as it provides
+ * extra security which help prevent CSRF attacks.
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @author Curverider Ltd
+ * @link http://elgg.org/
+ *
+ * @uses $vars['value'] The current value, if any
+ * @uses $vars['js'] Any Javascript to enter into the input tag
+ * @uses $vars['internalname'] The name of the input field
+ * @uses $vars['type'] Submit or reset, defaults to submit.
+ *
+ */
+
+$vars['type'] = 'reset';
+$class = $vars['class'];
+if (!$class) {
+ $class = "submit_button";
+}
+$vars['class'] = $class;
+
+echo elgg_view('input/button', $vars); \ No newline at end of file
diff --git a/views/installation/input/securitytoken.php b/views/installation/input/securitytoken.php
new file mode 100644
index 000000000..a2a4a0e01
--- /dev/null
+++ b/views/installation/input/securitytoken.php
@@ -0,0 +1,17 @@
+<?php
+/**
+ * CSRF security token view for use with secure forms.
+ *
+ * It is still recommended that you use input/form.
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @author Curverider Ltd
+ * @link http://elgg.org/
+ */
+
+$ts = time();
+$token = generate_action_token($ts);
+
+echo elgg_view('input/hidden', array('internalname' => '__elgg_token', 'value' => $token));
+echo elgg_view('input/hidden', array('internalname' => '__elgg_ts', 'value' => $ts));
diff --git a/views/installation/input/submit.php b/views/installation/input/submit.php
new file mode 100644
index 000000000..cfa7989d0
--- /dev/null
+++ b/views/installation/input/submit.php
@@ -0,0 +1,26 @@
+<?php
+/**
+ * Create a submit input button
+ * Use this view for forms rather than creating a submit/reset button tag in the wild as it provides
+ * extra security which help prevent CSRF attacks.
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @author Curverider Ltd
+ * @link http://elgg.org/
+ *
+ * @uses $vars['value'] The current value, if any
+ * @uses $vars['js'] Any Javascript to enter into the input tag
+ * @uses $vars['internalname'] The name of the input field
+ * @uses $vars['type'] Submit or reset, defaults to submit.
+ *
+ */
+
+$vars['type'] = 'submit';
+$class = $vars['class'];
+if (!$class) {
+ $class = "submit_button";
+}
+$vars['class'] = $class;
+
+echo elgg_view('input/button', $vars); \ No newline at end of file
diff --git a/views/installation/input/text.php b/views/installation/input/text.php
new file mode 100644
index 000000000..7f69a2f93
--- /dev/null
+++ b/views/installation/input/text.php
@@ -0,0 +1,26 @@
+<?php
+/**
+ * Elgg text input
+ * Displays a text input field
+ *
+ * @package Elgg
+ * @subpackage Core
+
+ * @author Curverider Ltd
+
+ * @link http://elgg.org/
+ *
+ * @uses $vars['value'] The current value, if any
+ * @uses $vars['js'] Any Javascript to enter into the input tag
+ * @uses $vars['internalname'] The name of the input field
+ * @uses $vars['disabled'] If true then control is read-only
+ * @uses $vars['class'] Class override
+ */
+
+$class = $vars['class'];
+if (!$class) {
+ $class = "input_text";
+}
+
+?>
+<input type="text" <?php if ($vars['disabled']) echo ' disabled="yes" '; ?> <?php echo $vars['js']; ?> name="<?php echo $vars['internalname']; ?>" value="<?php echo htmlentities($vars['value'], ENT_QUOTES, 'UTF-8'); ?>" class="<?php echo $class ?>"/> \ No newline at end of file