EGroupware /
egroupware
@@ -188,7 +188,9 @@ |
||
| 188 | 188 | /** |
| 189 | 189 | * Used internally to trace warnings |
| 190 | 190 | */ |
| 191 | -class egw_exception_warning extends Exception {} |
|
| 191 | +class egw_exception_warning extends Exception |
|
| 192 | +{ |
|
| 193 | +} |
|
| 192 | 194 | |
| 193 | 195 | // install our error-handler only for catchable fatal errors and warnings |
| 194 | 196 | // following error types cannot be handled with a user defined function: E_ERROR, E_PARSE, E_CORE_ERROR, E_CORE_WARNING, E_COMPILE_ERROR, E_COMPILE_WARNING |
@@ -24,7 +24,9 @@ discard block |
||
| 24 | 24 | { |
| 25 | 25 | static $preg=null; |
| 26 | 26 | //old: '/<\/?[^>]*\b(iframe|script|javascript|on(before)?(abort|blur|change|click|dblclick|error|focus|keydown|keypress|keyup|load|mousedown|mousemove|mouseout|mouseover|mouseup|reset|select|submit|unload))\b[^>]*>/i'; |
| 27 | - if (!isset($preg)) $preg = |
|
| 27 | + if (!isset($preg)) |
|
| 28 | + { |
|
| 29 | + $preg = |
|
| 28 | 30 | // forbidden tags like iframe or script |
| 29 | 31 | '/(<(\s*\/)?\s*(iframe|script|object|embed|math|meta)[^a-z0-9]|'. |
| 30 | 32 | // on* attributes |
@@ -33,6 +35,7 @@ discard block |
||
| 33 | 35 | '<[^>]+(href|src|dynsrc|lowsrc|background|style|poster|action)\s*=\s*("|\')?[^"\']*javascript|'. |
| 34 | 36 | // benavior:url and expression in style attribute |
| 35 | 37 | '<[^>]+style\s*=\s*("|\')[^>]*(behavior\s*:\s*url|expression)\s*\()/i'; |
| 38 | + } |
|
| 36 | 39 | if (is_array($var)) |
| 37 | 40 | { |
| 38 | 41 | foreach($var as $key => $val) |
@@ -41,7 +44,9 @@ discard block |
||
| 41 | 44 | { |
| 42 | 45 | _check_script_tag($var[$key],$name.'['.$key.']'); |
| 43 | 46 | } |
| 44 | - elseif(strpos($val, '<') !== false) // speedup: ignore everything without < |
|
| 47 | + elseif(strpos($val, '<') !== false) |
|
| 48 | + { |
|
| 49 | + // speedup: ignore everything without < |
|
| 45 | 50 | { |
| 46 | 51 | if (preg_match($preg,$val)) |
| 47 | 52 | { |
@@ -49,6 +54,7 @@ discard block |
||
| 49 | 54 | if ($name == '_POST' && $key == 'json_data' && ($json_data = json_decode($val, true))) |
| 50 | 55 | { |
| 51 | 56 | _check_script_tag($json_data, $name.'[json_data]'); |
| 57 | + } |
|
| 52 | 58 | $_REQUEST[$key] = $var[$key] = json_encode($json_data); |
| 53 | 59 | continue; |
| 54 | 60 | } |
@@ -239,7 +239,10 @@ discard block |
||
| 239 | 239 | $header_done = false; |
| 240 | 240 | foreach($cfs as $name => $field) |
| 241 | 241 | { |
| 242 | - if (in_array($field['type'], Customfields::$non_printable_fields)) continue; |
|
| 242 | + if (in_array($field['type'], Customfields::$non_printable_fields)) |
|
| 243 | + { |
|
| 244 | + continue; |
|
| 245 | + } |
|
| 243 | 246 | |
| 244 | 247 | if (!$header_done) |
| 245 | 248 | { |
@@ -337,8 +340,14 @@ discard block |
||
| 337 | 340 | { |
| 338 | 341 | //error_log(__METHOD__.__LINE__.' Field:'.$name. ' Value (new):'.array2string($data[$name])); |
| 339 | 342 | //error_log(__METHOD__.__LINE__.' Field:'.$name. ' Value (old):'.array2string($old[$name])); |
| 340 | - if (is_array($data[$name]) && array_key_exists('id',$data[$name])) $data[$name] = $data[$name]['id']; |
|
| 341 | - if (is_array($old[$name]) && array_key_exists('id',$old[$name])) $old[$name] = $old[$name]['id']; |
|
| 343 | + if (is_array($data[$name]) && array_key_exists('id',$data[$name])) |
|
| 344 | + { |
|
| 345 | + $data[$name] = $data[$name]['id']; |
|
| 346 | + } |
|
| 347 | + if (is_array($old[$name]) && array_key_exists('id',$old[$name])) |
|
| 348 | + { |
|
| 349 | + $old[$name] = $old[$name]['id']; |
|
| 350 | + } |
|
| 342 | 351 | //error_log(__METHOD__.__LINE__.'(After processing) Field:'.$name. ' Value (new):'.array2string($data[$name])); |
| 343 | 352 | //error_log(__METHOD__.__LINE__.'(After processing) Field:'.$name. ' Value (old):'.array2string($old[$name])); |
| 344 | 353 | } |
@@ -352,11 +361,18 @@ discard block |
||
| 352 | 361 | if (!($app = $this->cf_link_fields[$name])) |
| 353 | 362 | { |
| 354 | 363 | list($app,$id) = explode(':',$id); |
| 355 | - if (!$id) continue; // can be eg. 'addressbook:', if no contact selected |
|
| 364 | + if (!$id) |
|
| 365 | + { |
|
| 366 | + continue; |
|
| 367 | + } |
|
| 368 | + // can be eg. 'addressbook:', if no contact selected |
|
| 356 | 369 | } |
| 357 | 370 | $source_id = $data[$this->id_field]; |
| 358 | 371 | //error_log(__METHOD__.__LINE__.array2string($source_id)); |
| 359 | - if ($source_id) Api\Link::link($this->app,$source_id,$app,$id); |
|
| 372 | + if ($source_id) |
|
| 373 | + { |
|
| 374 | + Api\Link::link($this->app,$source_id,$app,$id); |
|
| 375 | + } |
|
| 360 | 376 | //error_log(__METHOD__.__LINE__."Api\Link::link('$this->app',".array2string($source_id).",'$app',$id);"); |
| 361 | 377 | //echo "<p>Api\Link::link('$this->app',{$data[$this->id_field]},'$app',$id);</p>\n"; |
| 362 | 378 | } |
@@ -364,14 +380,24 @@ discard block |
||
| 364 | 380 | // unlink removed application entries |
| 365 | 381 | foreach(array_diff($old_ids,$current_ids) as $name => $id) |
| 366 | 382 | { |
| 367 | - if (!isset($data[$name])) continue; // ignore not set link cf's, eg. from sync clients |
|
| 383 | + if (!isset($data[$name])) |
|
| 384 | + { |
|
| 385 | + continue; |
|
| 386 | + } |
|
| 387 | + // ignore not set link cf's, eg. from sync clients |
|
| 368 | 388 | if (!($app = $this->cf_link_fields[$name])) |
| 369 | 389 | { |
| 370 | 390 | list($app,$id) = explode(':',$id); |
| 371 | - if (!$id) continue; |
|
| 391 | + if (!$id) |
|
| 392 | + { |
|
| 393 | + continue; |
|
| 394 | + } |
|
| 372 | 395 | } |
| 373 | 396 | $source_id = $data[$this->id_field]; |
| 374 | - if ($source_id) Api\Link::unlink(null,$this->app,$source_id,0,$app,$id); |
|
| 397 | + if ($source_id) |
|
| 398 | + { |
|
| 399 | + Api\Link::unlink(null,$this->app,$source_id,0,$app,$id); |
|
| 400 | + } |
|
| 375 | 401 | //echo "<p>Api\Link::unlink(NULL,'$this->app',{$data[$this->id_field]},0,'$app',$id);</p>\n"; |
| 376 | 402 | } |
| 377 | 403 | } |
@@ -396,7 +422,10 @@ discard block |
||
| 396 | 422 | $changed_fields = self::changed_fields($data,$old); |
| 397 | 423 | //error_log(__METHOD__.__LINE__.' Changedfields:'.array2string($changed_fields)); |
| 398 | 424 | } |
| 399 | - if (!$changed_fields && ($old || !$GLOBALS['egw_info']['server']['log_user_agent_action'])) return 0; |
|
| 425 | + if (!$changed_fields && ($old || !$GLOBALS['egw_info']['server']['log_user_agent_action'])) |
|
| 426 | + { |
|
| 427 | + return 0; |
|
| 428 | + } |
|
| 400 | 429 | |
| 401 | 430 | if (!is_object($this->historylog) || $this->historylog->user != $this->user) |
| 402 | 431 | { |
@@ -412,10 +441,13 @@ discard block |
||
| 412 | 441 | { |
| 413 | 442 | $status = isset($this->field2history[$name]) ? $this->field2history[$name] : $name; |
| 414 | 443 | //error_log(__METHOD__.__LINE__." Name $name,".' Status:'.array2string($status)); |
| 415 | - if (is_array($status)) // 1:N relation --> remove common rows |
|
| 444 | + if (is_array($status)) |
|
| 445 | + { |
|
| 446 | + // 1:N relation --> remove common rows |
|
| 416 | 447 | { |
| 417 | 448 | //error_log(__METHOD__.__LINE__.' is Array'); |
| 418 | 449 | self::compact_1_N_relation($data[$name],$status); |
| 450 | + } |
|
| 419 | 451 | self::compact_1_N_relation($old[$name],$status); |
| 420 | 452 | $added = array_values(array_diff($data[$name],$old[$name])); |
| 421 | 453 | $removed = array_values(array_diff($old[$name],$data[$name])); |
@@ -449,17 +481,31 @@ discard block |
||
| 449 | 481 | */ |
| 450 | 482 | public function changed_fields(array $data,array $old=null) |
| 451 | 483 | { |
| 452 | - if (is_null($old)) return array_keys($data); |
|
| 484 | + if (is_null($old)) |
|
| 485 | + { |
|
| 486 | + return array_keys($data); |
|
| 487 | + } |
|
| 453 | 488 | $changed_fields = array(); |
| 454 | 489 | foreach($this->field2history as $name => $status) |
| 455 | 490 | { |
| 456 | - if (!$old[$name] && !$data[$name]) continue; // treat all sorts of empty equally |
|
| 491 | + if (!$old[$name] && !$data[$name]) |
|
| 492 | + { |
|
| 493 | + continue; |
|
| 494 | + } |
|
| 495 | + // treat all sorts of empty equally |
|
| 457 | 496 | |
| 458 | - if ($name[0] == '#' && !isset($data[$name])) continue; // no set customfields are not stored, therefore not changed |
|
| 497 | + if ($name[0] == '#' && !isset($data[$name])) |
|
| 498 | + { |
|
| 499 | + continue; |
|
| 500 | + } |
|
| 501 | + // no set customfields are not stored, therefore not changed |
|
| 459 | 502 | |
| 460 | - if (is_array($status)) // 1:N relation |
|
| 503 | + if (is_array($status)) |
|
| 504 | + { |
|
| 505 | + // 1:N relation |
|
| 461 | 506 | { |
| 462 | 507 | self::compact_1_N_relation($data[$name],$status); |
| 508 | + } |
|
| 463 | 509 | self::compact_1_N_relation($old[$name],$status); |
| 464 | 510 | } |
| 465 | 511 | if ($old[$name] != $data[$name]) |
@@ -467,13 +513,22 @@ discard block |
||
| 467 | 513 | // normalize arrays, we do NOT care for the order of multiselections |
| 468 | 514 | if (is_array($data[$name]) || is_array($old[$name])) |
| 469 | 515 | { |
| 470 | - if (!is_array($data[$name])) $data[$name] = explode(',',$data[$name]); |
|
| 471 | - if (!is_array($old[$name])) $old[$name] = explode(',',$old[$name]); |
|
| 516 | + if (!is_array($data[$name])) |
|
| 517 | + { |
|
| 518 | + $data[$name] = explode(',',$data[$name]); |
|
| 519 | + } |
|
| 520 | + if (!is_array($old[$name])) |
|
| 521 | + { |
|
| 522 | + $old[$name] = explode(',',$old[$name]); |
|
| 523 | + } |
|
| 472 | 524 | if (count($data[$name]) == count($old[$name])) |
| 473 | 525 | { |
| 474 | 526 | sort($data[$name]); |
| 475 | 527 | sort($old[$name]); |
| 476 | - if ($data[$name] == $old[$name]) continue; |
|
| 528 | + if ($data[$name] == $old[$name]) |
|
| 529 | + { |
|
| 530 | + continue; |
|
| 531 | + } |
|
| 477 | 532 | } |
| 478 | 533 | } |
| 479 | 534 | elseif (str_replace("\r", '', $old[$name]) == str_replace("\r", '', $data[$name])) |
@@ -534,13 +589,19 @@ discard block |
||
| 534 | 589 | public function do_notifications($data,$old,$deleted=null,&$email_notified=null) |
| 535 | 590 | { |
| 536 | 591 | $this->errors = $email_sent = array(); |
| 537 | - if (!empty($email_notified) && is_array($email_notified)) $email_sent = $email_notified; |
|
| 592 | + if (!empty($email_notified) && is_array($email_notified)) |
|
| 593 | + { |
|
| 594 | + $email_sent = $email_notified; |
|
| 595 | + } |
|
| 538 | 596 | |
| 539 | - if (!$this->notify_current_user && $this->user) // do we have a current user and should we notify the current user about his own changes |
|
| 597 | + if (!$this->notify_current_user && $this->user) |
|
| 598 | + { |
|
| 599 | + // do we have a current user and should we notify the current user about his own changes |
|
| 540 | 600 | { |
| 541 | 601 | //error_log("do_notificaton() adding user=$this->user to email_sent, to not notify him"); |
| 542 | 602 | $email_sent[] = $GLOBALS['egw']->accounts->id2name($this->user,'account_email'); |
| 543 | 603 | } |
| 604 | + } |
|
| 544 | 605 | $skip_notify = $this->get_config('skip_notify',$data,$old); |
| 545 | 606 | if($skip_notify && is_array($skip_notify)) |
| 546 | 607 | { |
@@ -579,11 +640,14 @@ discard block |
||
| 579 | 640 | //error_log(__METHOD__."() data[$this->assigned_field]=".print_r($data[$this->assigned_field],true).", old[$this->assigned_field]=".print_r($old[$this->assigned_field],true)); |
| 580 | 641 | $old_assignees = array(); |
| 581 | 642 | $assignees = $assigned ? $assigned : array(); |
| 582 | - if ($data[$this->assigned_field]) // current assignments |
|
| 643 | + if ($data[$this->assigned_field]) |
|
| 644 | + { |
|
| 645 | + // current assignments |
|
| 583 | 646 | { |
| 584 | 647 | $assignees = is_array($data[$this->assigned_field]) ? |
| 585 | 648 | $data[$this->assigned_field] : explode(',',$data[$this->assigned_field]); |
| 586 | 649 | } |
| 650 | + } |
|
| 587 | 651 | if ($old && $old[$this->assigned_field]) |
| 588 | 652 | { |
| 589 | 653 | $old_assignees = is_array($old[$this->assigned_field]) ? |
@@ -592,7 +656,10 @@ discard block |
||
| 592 | 656 | foreach(array_unique(array_merge($assignees,$old_assignees)) as $assignee) |
| 593 | 657 | { |
| 594 | 658 | //error_log(__METHOD__."() assignee=$assignee, type=".$GLOBALS['egw']->accounts->get_type($assignee).", email=".$GLOBALS['egw']->accounts->id2name($assignee,'account_email')); |
| 595 | - if (!$assignee) continue; |
|
| 659 | + if (!$assignee) |
|
| 660 | + { |
|
| 661 | + continue; |
|
| 662 | + } |
|
| 596 | 663 | |
| 597 | 664 | // item assignee is a user |
| 598 | 665 | if ($GLOBALS['egw']->accounts->get_type($assignee) == 'u') |
@@ -600,10 +667,13 @@ discard block |
||
| 600 | 667 | if (($email = $GLOBALS['egw']->accounts->id2name($assignee,'account_email')) && !in_array($email, $email_sent)) |
| 601 | 668 | { |
| 602 | 669 | if ($this->send_notification($data,$old,$email,$assignee,'notify_assigned', |
| 603 | - in_array($assignee,$assignees) !== in_array($assignee,$old_assignees) || $deleted)) // assignment changed |
|
| 670 | + in_array($assignee,$assignees) !== in_array($assignee,$old_assignees) || $deleted)) |
|
| 671 | + { |
|
| 672 | + // assignment changed |
|
| 604 | 673 | { |
| 605 | 674 | $email_sent[] = $email; |
| 606 | 675 | } |
| 676 | + } |
|
| 607 | 677 | } |
| 608 | 678 | } |
| 609 | 679 | else // item assignee is a group |
@@ -613,10 +683,13 @@ discard block |
||
| 613 | 683 | if (($email = $GLOBALS['egw']->accounts->id2name($u,'account_email')) && !in_array($email, $email_sent)) |
| 614 | 684 | { |
| 615 | 685 | if ($this->send_notification($data,$old,$email,$u,'notify_assigned', |
| 616 | - in_array($u,$assignees) !== in_array($u,$old_assignees) || $deleted)) // assignment changed |
|
| 686 | + in_array($u,$assignees) !== in_array($u,$old_assignees) || $deleted)) |
|
| 687 | + { |
|
| 688 | + // assignment changed |
|
| 617 | 689 | { |
| 618 | 690 | $email_sent[] = $email; |
| 619 | 691 | } |
| 692 | + } |
|
| 620 | 693 | } |
| 621 | 694 | } |
| 622 | 695 | } |
@@ -679,25 +752,38 @@ discard block |
||
| 679 | 752 | public function send_notification($data,$old,$email,$user_or_lang,$check=null,$assignment_changed=true,$deleted=null) |
| 680 | 753 | { |
| 681 | 754 | //error_log(__METHOD__."(,,'$email',$user_or_lang,$check,$assignment_changed,$deleted)"); |
| 682 | - if (!$email) return false; |
|
| 755 | + if (!$email) |
|
| 756 | + { |
|
| 757 | + return false; |
|
| 758 | + } |
|
| 683 | 759 | |
| 684 | 760 | $save_user = $GLOBALS['egw_info']['user']; |
| 685 | 761 | $do_notify = true; |
| 686 | 762 | |
| 687 | - if (is_numeric($user_or_lang)) // user --> read everything from his prefs |
|
| 763 | + if (is_numeric($user_or_lang)) |
|
| 764 | + { |
|
| 765 | + // user --> read everything from his prefs |
|
| 688 | 766 | { |
| 689 | 767 | $GLOBALS['egw_info']['user']['account_id'] = $user_or_lang; |
| 768 | + } |
|
| 690 | 769 | $GLOBALS['egw']->preferences->__construct($user_or_lang); |
| 691 | 770 | $GLOBALS['egw_info']['user']['preferences'] = $GLOBALS['egw']->preferences->read_repository(false); // no session prefs! |
| 692 | 771 | |
| 693 | - if ($check && $this->check2pref) $check = $this->check2pref[$check]; |
|
| 772 | + if ($check && $this->check2pref) |
|
| 773 | + { |
|
| 774 | + $check = $this->check2pref[$check]; |
|
| 775 | + } |
|
| 694 | 776 | |
| 695 | 777 | if ($check && !$GLOBALS['egw_info']['user']['preferences'][$this->app][$check] || // no notification requested |
| 696 | 778 | // only notification about changed assignment requested |
| 697 | 779 | $check && $GLOBALS['egw_info']['user']['preferences'][$this->app][$check] === 'assignment' && !$assignment_changed || |
| 698 | - $this->user == $user_or_lang && !$this->notify_current_user) // no popup for own actions |
|
| 780 | + $this->user == $user_or_lang && !$this->notify_current_user) |
|
| 699 | 781 | { |
| 700 | - $do_notify = false; // no notification requested / necessary |
|
| 782 | + // no popup for own actions |
|
| 783 | + { |
|
| 784 | + $do_notify = false; |
|
| 785 | + } |
|
| 786 | + // no notification requested / necessary |
|
| 701 | 787 | } |
| 702 | 788 | } |
| 703 | 789 | else |
@@ -706,10 +792,13 @@ discard block |
||
| 706 | 792 | $GLOBALS['egw_info']['user']['preferences'] = $GLOBALS['egw']->preferences->default_prefs(); |
| 707 | 793 | $GLOBALS['egw_info']['user']['preferences']['common']['lang'] = $user_or_lang; |
| 708 | 794 | } |
| 709 | - if ($GLOBALS['egw_info']['user']['preferences']['common']['lang'] != Api\Translation::$userlang) // load the right language if needed |
|
| 795 | + if ($GLOBALS['egw_info']['user']['preferences']['common']['lang'] != Api\Translation::$userlang) |
|
| 796 | + { |
|
| 797 | + // load the right language if needed |
|
| 710 | 798 | { |
| 711 | 799 | Api\Translation::init(); |
| 712 | 800 | } |
| 801 | + } |
|
| 713 | 802 | |
| 714 | 803 | $receiver = is_numeric($user_or_lang) ? $user_or_lang : $email; |
| 715 | 804 | |
@@ -813,7 +902,10 @@ discard block |
||
| 813 | 902 | $do_time = ($timestamp->format('Hi') != '0000'); |
| 814 | 903 | } |
| 815 | 904 | $format = $GLOBALS['egw_info']['user']['preferences']['common']['dateformat']; |
| 816 | - if ($do_time) $format .= ' '.($GLOBALS['egw_info']['user']['preferences']['common']['timeformat'] != 12 ? 'H:i' : 'h:i a'); |
|
| 905 | + if ($do_time) |
|
| 906 | + { |
|
| 907 | + $format .= ' '.($GLOBALS['egw_info']['user']['preferences']['common']['timeformat'] != 12 ? 'H:i' : 'h:i a'); |
|
| 908 | + } |
|
| 817 | 909 | |
| 818 | 910 | return $timestamp->format($format); |
| 819 | 911 | } |
@@ -843,9 +935,12 @@ discard block |
||
| 843 | 935 | { |
| 844 | 936 | $name = $GLOBALS['egw']->accounts->id2name($this->user,'account_fullname'); |
| 845 | 937 | |
| 846 | - if($prefer_id) { |
|
| 938 | + if($prefer_id) |
|
| 939 | + { |
|
| 847 | 940 | $sender = $this->user; |
| 848 | - } else { |
|
| 941 | + } |
|
| 942 | + else |
|
| 943 | + { |
|
| 849 | 944 | $sender = $name ? $name.' <'.$email.'>' : $email; |
| 850 | 945 | } |
| 851 | 946 | } |
@@ -947,7 +1042,10 @@ discard block |
||
| 947 | 1042 | // remove the session-id in the notification mail! |
| 948 | 1043 | $link = preg_replace('/(sessionid|kp3|domain)=[^&]+&?/','',$link); |
| 949 | 1044 | |
| 950 | - if ($popup) $link .= '&nopopup=1'; |
|
| 1045 | + if ($popup) |
|
| 1046 | + { |
|
| 1047 | + $link .= '&nopopup=1'; |
|
| 1048 | + } |
|
| 951 | 1049 | } |
| 952 | 1050 | //error_log(__METHOD__."(..., $allow_popup, $receiver) returning ".array2string($allow_popup ? array($link,$popup) : $link)); |
| 953 | 1051 | return $allow_popup ? array($link,$popup) : $link; |
@@ -1022,7 +1120,11 @@ discard block |
||
| 1022 | 1120 | // if both values are '', 0 or null, we count them as equal too |
| 1023 | 1121 | $modified = $old && $data[$name] != $old[$name] && !(!$data[$name] && !$old[$name]); |
| 1024 | 1122 | //if ($modified) error_log("data[$name]=".print_r($data[$name],true).", old[$name]=".print_r($old[$name],true)." --> modified=".(int)$modified); |
| 1025 | - if (empty($detail['value']) && !$modified) continue; // skip unchanged, empty values |
|
| 1123 | + if (empty($detail['value']) && !$modified) |
|
| 1124 | + { |
|
| 1125 | + continue; |
|
| 1126 | + } |
|
| 1127 | + // skip unchanged, empty values |
|
| 1026 | 1128 | |
| 1027 | 1129 | $body .= $this->format_line($html_email,$detail['type'],$modified, |
| 1028 | 1130 | $detail['label'] ? $detail['label'] : '', $detail['value']); |
@@ -1056,7 +1158,11 @@ discard block |
||
| 1056 | 1158 | |
| 1057 | 1159 | if ($html_mail) |
| 1058 | 1160 | { |
| 1059 | - if (!$this->html_content_allow) $line = Api\Html::htmlspecialchars($line); // XSS |
|
| 1161 | + if (!$this->html_content_allow) |
|
| 1162 | + { |
|
| 1163 | + $line = Api\Html::htmlspecialchars($line); |
|
| 1164 | + } |
|
| 1165 | + // XSS |
|
| 1060 | 1166 | |
| 1061 | 1167 | $color = $modified ? 'red' : false; |
| 1062 | 1168 | $size = '110%'; |
@@ -1095,15 +1201,24 @@ discard block |
||
| 1095 | 1201 | } |
| 1096 | 1202 | else // text-mail |
| 1097 | 1203 | { |
| 1098 | - if ($type == 'reply') $content = str_repeat('-',64)."\n"; |
|
| 1204 | + if ($type == 'reply') |
|
| 1205 | + { |
|
| 1206 | + $content = str_repeat('-',64)."\n"; |
|
| 1207 | + } |
|
| 1099 | 1208 | |
| 1100 | - if ($modified) $content .= '> '; |
|
| 1209 | + if ($modified) |
|
| 1210 | + { |
|
| 1211 | + $content .= '> '; |
|
| 1212 | + } |
|
| 1101 | 1213 | } |
| 1102 | 1214 | $content .= $line; |
| 1103 | 1215 | |
| 1104 | 1216 | if ($html_mail) |
| 1105 | 1217 | { |
| 1106 | - if ($line && $data) $content .= '</td><td style="'.$style.'">'; |
|
| 1218 | + if ($line && $data) |
|
| 1219 | + { |
|
| 1220 | + $content .= '</td><td style="'.$style.'">'; |
|
| 1221 | + } |
|
| 1107 | 1222 | if ($type == 'link') |
| 1108 | 1223 | { |
| 1109 | 1224 | // the link is often too long for html boxes chunk-split allows to break lines if needed |
@@ -1122,7 +1237,10 @@ discard block |
||
| 1122 | 1237 | { |
| 1123 | 1238 | $content .= ($content&&$data?': ':'').$data; |
| 1124 | 1239 | } |
| 1125 | - if ($html_mail) $content .= '</td></tr>'; |
|
| 1240 | + if ($html_mail) |
|
| 1241 | + { |
|
| 1242 | + $content .= '</td></tr>'; |
|
| 1243 | + } |
|
| 1126 | 1244 | |
| 1127 | 1245 | $content .= "\n"; |
| 1128 | 1246 | |
@@ -142,7 +142,10 @@ discard block |
||
| 142 | 142 | */ |
| 143 | 143 | function search($filter,$order='history_id',$sort='DESC',$limit=null) |
| 144 | 144 | { |
| 145 | - if (!is_array($filter)) $filter = is_numeric($filter) ? array('history_record_id' => $filter) : array(); |
|
| 145 | + if (!is_array($filter)) |
|
| 146 | + { |
|
| 147 | + $filter = is_numeric($filter) ? array('history_record_id' => $filter) : array(); |
|
| 148 | + } |
|
| 146 | 149 | |
| 147 | 150 | if (!$order || !preg_match('/^[a-z0-9_]+$/i',$order) || !preg_match('/^(asc|desc)?$/i',$sort)) |
| 148 | 151 | { |
@@ -160,10 +163,16 @@ discard block |
||
| 160 | 163 | unset($filter[$col]); |
| 161 | 164 | } |
| 162 | 165 | } |
| 163 | - if (!isset($filter['history_appname'])) $filter['history_appname'] = $this->appname; |
|
| 166 | + if (!isset($filter['history_appname'])) |
|
| 167 | + { |
|
| 168 | + $filter['history_appname'] = $this->appname; |
|
| 169 | + } |
|
| 164 | 170 | |
| 165 | 171 | // do not try to read all history entries of an app |
| 166 | - if (!$filter['history_record_id']) return array(); |
|
| 172 | + if (!$filter['history_record_id']) |
|
| 173 | + { |
|
| 174 | + return array(); |
|
| 175 | + } |
|
| 167 | 176 | |
| 168 | 177 | $rows = array(); |
| 169 | 178 | foreach($this->db->select(self::TABLE, '*', $filter, __LINE__, __FILE__, |
@@ -188,8 +197,10 @@ discard block |
||
| 188 | 197 | $rows = array(); |
| 189 | 198 | $filter['history_appname'] = $query['appname']; |
| 190 | 199 | $filter['history_record_id'] = $query['record_id']; |
| 191 | - if(is_array($query['colfilter'])) { |
|
| 192 | - foreach($query['colfilter'] as $column => $value) { |
|
| 200 | + if(is_array($query['colfilter'])) |
|
| 201 | + { |
|
| 202 | + foreach($query['colfilter'] as $column => $value) |
|
| 203 | + { |
|
| 193 | 204 | $filter[$column] = $value; |
| 194 | 205 | } |
| 195 | 206 | } |
@@ -21,7 +21,10 @@ |
||
| 21 | 21 | { |
| 22 | 22 | function __construct($msg=null,$code=102) |
| 23 | 23 | { |
| 24 | - if (is_null($msg)) $msg = 'admin'; |
|
| 24 | + if (is_null($msg)) |
|
| 25 | + { |
|
| 26 | + $msg = 'admin'; |
|
| 27 | + } |
|
| 25 | 28 | |
| 26 | 29 | parent::__construct($msg,$code); |
| 27 | 30 | } |
@@ -19,4 +19,6 @@ |
||
| 19 | 19 | * User lacks a record level permission, eg. he's not the owner and has no grant from the owner |
| 20 | 20 | * |
| 21 | 21 | */ |
| 22 | -class Record extends Exception\NoPermission { } |
|
| 22 | +class Record extends Exception\NoPermission |
|
| 23 | +{ |
|
| 24 | +} |
|
@@ -28,7 +28,10 @@ |
||
| 28 | 28 | */ |
| 29 | 29 | function __construct($msg=null,$code=2) |
| 30 | 30 | { |
| 31 | - if (is_null($msg)) $msg = lang('Entry not found!'); |
|
| 31 | + if (is_null($msg)) |
|
| 32 | + { |
|
| 33 | + $msg = lang('Entry not found!'); |
|
| 34 | + } |
|
| 32 | 35 | |
| 33 | 36 | parent::__construct($msg,$code); |
| 34 | 37 | } |
@@ -17,4 +17,6 @@ |
||
| 17 | 17 | * Wrong or missing required user input: message should be translated so it can be shown directly to the user |
| 18 | 18 | * |
| 19 | 19 | */ |
| 20 | -class WrongUserinput extends AssertionFailed { } |
|
| 20 | +class WrongUserinput extends AssertionFailed |
|
| 21 | +{ |
|
| 22 | +} |
|
@@ -18,4 +18,6 @@ |
||
| 18 | 18 | * |
| 19 | 19 | * As you get this only by an error in the code or during development, the message does not need to be translated |
| 20 | 20 | */ |
| 21 | -class WrongParameter extends AssertionFailed { } |
|
| 21 | +class WrongParameter extends AssertionFailed |
|
| 22 | +{ |
|
| 23 | +} |
|
