EGroupware /
egroupware
@@ -38,7 +38,7 @@ discard block |
||
| 38 | 38 | * @param boolean $force_download =true send content-disposition attachment header |
| 39 | 39 | * @param boolean $no_content_type =false do not send actual content-type and content-length header, just content-disposition |
| 40 | 40 | */ |
| 41 | - public static function safe(&$content, $path, &$mime='', &$length=0, $nocache=true, $force_download=true, $no_content_type=false) |
|
| 41 | + public static function safe(&$content, $path, &$mime = '', &$length = 0, $nocache = true, $force_download = true, $no_content_type = false) |
|
| 42 | 42 | { |
| 43 | 43 | // change old/aliased mime-types to new one, eg. image/pdf to application/pdf |
| 44 | 44 | $mime = Api\MimeMagic::fix_mime_type($mime); |
@@ -54,7 +54,7 @@ discard block |
||
| 54 | 54 | UserAgent::type() == 'firefox' && UserAgent::version() >= 50) |
| 55 | 55 | { |
| 56 | 56 | $mime = 'text/plain'; |
| 57 | - header('X-Content-Type-Options: nosniff'); // stop IE & Chrome from content-type sniffing |
|
| 57 | + header('X-Content-Type-Options: nosniff'); // stop IE & Chrome from content-type sniffing |
|
| 58 | 58 | } |
| 59 | 59 | // for the rest we change mime-type to text/html and let code below handle it safely |
| 60 | 60 | // this stops Safari and Firefox from using it as src attribute in a script tag |
@@ -80,12 +80,12 @@ discard block |
||
| 80 | 80 | if (UserAgent::type() == 'chrome' && UserAgent::version() >= 24 || |
| 81 | 81 | // mobile FF 24 on Android does NOT honor CSP! |
| 82 | 82 | UserAgent::type() == 'firefox' && !UserAgent::mobile() && UserAgent::version() >= 24 || |
| 83 | - UserAgent::type() == 'safari' && !UserAgent::mobile() && UserAgent::version() >= 536 || // OS X |
|
| 83 | + UserAgent::type() == 'safari' && !UserAgent::mobile() && UserAgent::version() >= 536 || // OS X |
|
| 84 | 84 | UserAgent::type() == 'safari' && UserAgent::mobile() && UserAgent::version() >= 9537) // iOS 7 |
| 85 | 85 | { |
| 86 | - $csp = "script-src 'none'"; // forbid to execute any javascript |
|
| 86 | + $csp = "script-src 'none'"; // forbid to execute any javascript |
|
| 87 | 87 | header("Content-Security-Policy: $csp"); |
| 88 | - header("X-Webkit-CSP: $csp"); // Chrome: <= 24, Safari incl. iOS |
|
| 88 | + header("X-Webkit-CSP: $csp"); // Chrome: <= 24, Safari incl. iOS |
|
| 89 | 89 | //header("X-Content-Security-Policy: $csp"); // FF <= 22 |
| 90 | 90 | //error_log(__METHOD__."('$options[path]') ".UserAgent::type().'/'.UserAgent::version().(UserAgent::mobile()?'/mobile':'').": using Content-Security-Policy: $csp"); |
| 91 | 91 | } |
@@ -121,25 +121,25 @@ discard block |
||
| 121 | 121 | * @param boolean $nocache =true send headers to disallow browser/proxies to cache the download |
| 122 | 122 | * @param boolean $forceDownload =true send headers to handle as attachment/download |
| 123 | 123 | */ |
| 124 | - public static function type($fn,$mime='',$length=0,$nocache=True,$forceDownload=true) |
|
| 124 | + public static function type($fn, $mime = '', $length = 0, $nocache = True, $forceDownload = true) |
|
| 125 | 125 | { |
| 126 | 126 | // if no mime-type is given or it's the default binary-type, guess it from the extension |
| 127 | - if(empty($mime) || $mime == 'application/octet-stream') |
|
| 127 | + if (empty($mime) || $mime == 'application/octet-stream') |
|
| 128 | 128 | { |
| 129 | 129 | $mime = Api\MimeMagic::filename2mime($fn); |
| 130 | 130 | } |
| 131 | - if($fn) |
|
| 131 | + if ($fn) |
|
| 132 | 132 | { |
| 133 | 133 | // Show this for all |
| 134 | - self::disposition($fn,$forceDownload); |
|
| 134 | + self::disposition($fn, $forceDownload); |
|
| 135 | 135 | header('Content-type: '.$mime); |
| 136 | 136 | |
| 137 | - if($length) |
|
| 137 | + if ($length) |
|
| 138 | 138 | { |
| 139 | 139 | header('Content-length: '.$length); |
| 140 | 140 | } |
| 141 | 141 | |
| 142 | - if($nocache) |
|
| 142 | + if ($nocache) |
|
| 143 | 143 | { |
| 144 | 144 | header('Pragma: no-cache'); |
| 145 | 145 | header('Pragma: public'); |
@@ -155,7 +155,7 @@ discard block |
||
| 155 | 155 | * @param string $fn filename |
| 156 | 156 | * @param boolean $forceDownload =true send headers to handle as attachment/download |
| 157 | 157 | */ |
| 158 | - public static function disposition($fn, $forceDownload=true) |
|
| 158 | + public static function disposition($fn, $forceDownload = true) |
|
| 159 | 159 | { |
| 160 | 160 | if ($forceDownload) |
| 161 | 161 | { |
@@ -81,9 +81,13 @@ discard block |
||
| 81 | 81 | // mobile FF 24 on Android does NOT honor CSP! |
| 82 | 82 | UserAgent::type() == 'firefox' && !UserAgent::mobile() && UserAgent::version() >= 24 || |
| 83 | 83 | UserAgent::type() == 'safari' && !UserAgent::mobile() && UserAgent::version() >= 536 || // OS X |
| 84 | - UserAgent::type() == 'safari' && UserAgent::mobile() && UserAgent::version() >= 9537) // iOS 7 |
|
| 84 | + UserAgent::type() == 'safari' && UserAgent::mobile() && UserAgent::version() >= 9537) |
|
| 85 | 85 | { |
| 86 | - $csp = "script-src 'none'"; // forbid to execute any javascript |
|
| 86 | + // iOS 7 |
|
| 87 | + { |
|
| 88 | + $csp = "script-src 'none'"; |
|
| 89 | + } |
|
| 90 | + // forbid to execute any javascript |
|
| 87 | 91 | header("Content-Security-Policy: $csp"); |
| 88 | 92 | header("X-Webkit-CSP: $csp"); // Chrome: <= 24, Safari incl. iOS |
| 89 | 93 | //header("X-Content-Security-Policy: $csp"); // FF <= 22 |
@@ -100,7 +104,10 @@ discard block |
||
| 100 | 104 | |
| 101 | 105 | if ($no_content_type) |
| 102 | 106 | { |
| 103 | - if ($force_download) self::disposition(Api\Vfs::basename($path), $force_download); |
|
| 107 | + if ($force_download) |
|
| 108 | + { |
|
| 109 | + self::disposition(Api\Vfs::basename($path), $force_download); |
|
| 110 | + } |
|
| 104 | 111 | } |
| 105 | 112 | else |
| 106 | 113 | { |
@@ -79,7 +79,10 @@ discard block |
||
| 79 | 79 | |
| 80 | 80 | $this->filename = $filename; |
| 81 | 81 | |
| 82 | - if (!$this->filenames || !in_array($filename,$this->filenames)) $this->filenames[] = $filename; |
|
| 82 | + if (!$this->filenames || !in_array($filename,$this->filenames)) |
|
| 83 | + { |
|
| 84 | + $this->filenames[] = $filename; |
|
| 85 | + } |
|
| 83 | 86 | } |
| 84 | 87 | } |
| 85 | 88 | |
@@ -96,7 +99,10 @@ discard block |
||
| 96 | 99 | { |
| 97 | 100 | throw new Api\Exception\WrongParameter("Not allowed to view '$filename'!"); |
| 98 | 101 | } |
| 99 | - if ($filename[0] != '/') $filename = $GLOBALS['egw_info']['server']['files_dir'].'/'.$filename; |
|
| 102 | + if ($filename[0] != '/') |
|
| 103 | + { |
|
| 104 | + $filename = $GLOBALS['egw_info']['server']['files_dir'].'/'.$filename; |
|
| 105 | + } |
|
| 100 | 106 | |
| 101 | 107 | if (file_exists($filename)) |
| 102 | 108 | { |
@@ -104,7 +110,10 @@ discard block |
||
| 104 | 110 | if (!$start || $start < 0 || $start > $size || $size-$start > 4*self::MAX_CHUNK_SIZE) |
| 105 | 111 | { |
| 106 | 112 | $start = $size - 4*self::MAX_CHUNK_SIZE; |
| 107 | - if ($start < 0) $start = 0; |
|
| 113 | + if ($start < 0) |
|
| 114 | + { |
|
| 115 | + $start = 0; |
|
| 116 | + } |
|
| 108 | 117 | } |
| 109 | 118 | $hsize = Api\Vfs::hsize($size); |
| 110 | 119 | $content = file_get_contents($filename, false, null, $start, self::MAX_CHUNK_SIZE); |
@@ -140,7 +149,10 @@ discard block |
||
| 140 | 149 | { |
| 141 | 150 | throw new Api\Exception\WrongParameter("Not allowed to view '$filename'!"); |
| 142 | 151 | } |
| 143 | - if ($filename[0] != '/') $filename = $GLOBALS['egw_info']['server']['files_dir'].'/'.$filename; |
|
| 152 | + if ($filename[0] != '/') |
|
| 153 | + { |
|
| 154 | + $filename = $GLOBALS['egw_info']['server']['files_dir'].'/'.$filename; |
|
| 155 | + } |
|
| 144 | 156 | if ($truncate) |
| 145 | 157 | { |
| 146 | 158 | file_put_contents($filename, ''); |
@@ -164,7 +176,10 @@ discard block |
||
| 164 | 176 | { |
| 165 | 177 | throw new Api\Exception\WrongParameter("Must be instanciated with filename!"); |
| 166 | 178 | } |
| 167 | - if (is_null($header)) $header = $this->filename; |
|
| 179 | + if (is_null($header)) |
|
| 180 | + { |
|
| 181 | + $header = $this->filename; |
|
| 182 | + } |
|
| 168 | 183 | |
| 169 | 184 | return ' |
| 170 | 185 | <p style="float: left; margin: 5px"><b>'.htmlspecialchars($header).'</b></p> |
@@ -195,7 +210,10 @@ discard block |
||
| 195 | 210 | throw new Api\Exception\WrongParameter("Not allowed to download '$filename'!"); |
| 196 | 211 | } |
| 197 | 212 | Api\Header\Content::type(basename($filename), 'text/plain'); |
| 198 | - if ($filename[0] != '/') $filename = $GLOBALS['egw_info']['server']['files_dir'].'/'.$filename; |
|
| 213 | + if ($filename[0] != '/') |
|
| 214 | + { |
|
| 215 | + $filename = $GLOBALS['egw_info']['server']['files_dir'].'/'.$filename; |
|
| 216 | + } |
|
| 199 | 217 | for($n=ob_get_level(); $n > 0; --$n) |
| 200 | 218 | { |
| 201 | 219 | ob_end_clean(); // stop all output buffering, to NOT run into memory_limit |
@@ -28,7 +28,7 @@ discard block |
||
| 28 | 28 | function __construct() |
| 29 | 29 | { |
| 30 | 30 | $this->account_id = (int)$_GET['account_id']; |
| 31 | - if (!$this->account_id || $GLOBALS['egw']->acl->check('account_access',64,'admin')) |
|
| 31 | + if (!$this->account_id || $GLOBALS['egw']->acl->check('account_access', 64, 'admin')) |
|
| 32 | 32 | { |
| 33 | 33 | $GLOBALS['egw']->redirect_link('/index.php'); |
| 34 | 34 | } |
@@ -37,8 +37,8 @@ discard block |
||
| 37 | 37 | |
| 38 | 38 | function common_header() |
| 39 | 39 | { |
| 40 | - $GLOBALS['egw_info']['flags']['app_header'] = lang('Admin') . ' - ' . lang('ACL Manager') . |
|
| 41 | - ': ' . Api\Accounts::username($this->account_id); |
|
| 40 | + $GLOBALS['egw_info']['flags']['app_header'] = lang('Admin').' - '.lang('ACL Manager'). |
|
| 41 | + ': '.Api\Accounts::username($this->account_id); |
|
| 42 | 42 | echo $GLOBALS['egw']->framework->header(); |
| 43 | 43 | } |
| 44 | 44 | |
@@ -46,39 +46,39 @@ discard block |
||
| 46 | 46 | { |
| 47 | 47 | $this->common_header(); |
| 48 | 48 | |
| 49 | - Api\Hooks::process('acl_manager',array('preferences')); |
|
| 49 | + Api\Hooks::process('acl_manager', array('preferences')); |
|
| 50 | 50 | |
| 51 | 51 | $this->template->set_file(array( |
| 52 | 52 | 'app_list' => 'acl_applist.tpl' |
| 53 | 53 | )); |
| 54 | - $this->template->set_block('app_list','list'); |
|
| 55 | - $this->template->set_block('app_list','app_row'); |
|
| 56 | - $this->template->set_block('app_list','app_row_noicon'); |
|
| 57 | - $this->template->set_block('app_list','link_row'); |
|
| 58 | - $this->template->set_block('app_list','spacer_row'); |
|
| 54 | + $this->template->set_block('app_list', 'list'); |
|
| 55 | + $this->template->set_block('app_list', 'app_row'); |
|
| 56 | + $this->template->set_block('app_list', 'app_row_noicon'); |
|
| 57 | + $this->template->set_block('app_list', 'link_row'); |
|
| 58 | + $this->template->set_block('app_list', 'spacer_row'); |
|
| 59 | 59 | |
| 60 | 60 | if (is_array($GLOBALS['acl_manager'])) |
| 61 | 61 | { |
| 62 | - foreach($GLOBALS['acl_manager'] as $app => $locations) |
|
| 62 | + foreach ($GLOBALS['acl_manager'] as $app => $locations) |
|
| 63 | 63 | { |
| 64 | - $icon = Api\Image::find($app,array('navbar.png',$app.'png','navbar.gif',$app.'.gif')); |
|
| 65 | - $this->template->set_var('icon_backcolor',$GLOBALS['egw_info']['theme']['row_off']); |
|
| 66 | - $this->template->set_var('link_backcolor',$GLOBALS['egw_info']['theme']['row_off']); |
|
| 67 | - $this->template->set_var('app_name',$GLOBALS['egw_info']['apps'][$app]['title']); |
|
| 68 | - $this->template->set_var('app_icon',$icon); |
|
| 64 | + $icon = Api\Image::find($app, array('navbar.png', $app.'png', 'navbar.gif', $app.'.gif')); |
|
| 65 | + $this->template->set_var('icon_backcolor', $GLOBALS['egw_info']['theme']['row_off']); |
|
| 66 | + $this->template->set_var('link_backcolor', $GLOBALS['egw_info']['theme']['row_off']); |
|
| 67 | + $this->template->set_var('app_name', $GLOBALS['egw_info']['apps'][$app]['title']); |
|
| 68 | + $this->template->set_var('app_icon', $icon); |
|
| 69 | 69 | |
| 70 | 70 | if ($icon) |
| 71 | 71 | { |
| 72 | - $this->template->fp('rows','app_row',True); |
|
| 72 | + $this->template->fp('rows', 'app_row', True); |
|
| 73 | 73 | } |
| 74 | 74 | else |
| 75 | 75 | { |
| 76 | - $this->template->fp('rows','app_row_noicon',True); |
|
| 76 | + $this->template->fp('rows', 'app_row_noicon', True); |
|
| 77 | 77 | } |
| 78 | 78 | |
| 79 | 79 | if (is_array($locations)) |
| 80 | 80 | { |
| 81 | - foreach($locations as $loc => $value) |
|
| 81 | + foreach ($locations as $loc => $value) |
|
| 82 | 82 | { |
| 83 | 83 | $link_values = array( |
| 84 | 84 | 'menuaction' => 'admin.admin_denyaccess.access_form', |
@@ -87,20 +87,20 @@ discard block |
||
| 87 | 87 | 'account_id' => $this->account_id |
| 88 | 88 | ); |
| 89 | 89 | |
| 90 | - $this->template->set_var('link_location',$GLOBALS['egw']->link('/index.php',$link_values)); |
|
| 91 | - $this->template->set_var('lang_location',lang($value['name'])); |
|
| 92 | - $this->template->fp('rows','link_row',True); |
|
| 90 | + $this->template->set_var('link_location', $GLOBALS['egw']->link('/index.php', $link_values)); |
|
| 91 | + $this->template->set_var('lang_location', lang($value['name'])); |
|
| 92 | + $this->template->fp('rows', 'link_row', True); |
|
| 93 | 93 | } |
| 94 | 94 | } |
| 95 | 95 | |
| 96 | - $this->template->parse('rows','spacer_row',True); |
|
| 96 | + $this->template->parse('rows', 'spacer_row', True); |
|
| 97 | 97 | } |
| 98 | 98 | } |
| 99 | 99 | $this->template->set_var(array( |
| 100 | 100 | 'cancel_action' => $GLOBALS['egw']->link('/admin/index.php'), |
| 101 | 101 | 'lang_cancel' => lang('Cancel') |
| 102 | 102 | )); |
| 103 | - $this->template->pfp('out','list'); |
|
| 103 | + $this->template->pfp('out', 'list'); |
|
| 104 | 104 | echo $GLOBALS['egw']->framework->footer(); |
| 105 | 105 | } |
| 106 | 106 | |
@@ -120,7 +120,7 @@ discard block |
||
| 120 | 120 | $total_rights = 0; |
| 121 | 121 | if (is_array($_POST['acl_rights'])) |
| 122 | 122 | { |
| 123 | - foreach($_POST['acl_rights'] as $rights) |
|
| 123 | + foreach ($_POST['acl_rights'] as $rights) |
|
| 124 | 124 | { |
| 125 | 125 | $total_rights += $rights; |
| 126 | 126 | } |
@@ -137,16 +137,16 @@ discard block |
||
| 137 | 137 | $this->list_apps(); |
| 138 | 138 | return; |
| 139 | 139 | } |
| 140 | - Api\Hooks::single('acl_manager',$_GET['acl_app']); |
|
| 140 | + Api\Hooks::single('acl_manager', $_GET['acl_app']); |
|
| 141 | 141 | $acl_manager = $GLOBALS['acl_manager'][$_GET['acl_app']][$location]; |
| 142 | 142 | |
| 143 | 143 | $this->common_header(); |
| 144 | - $this->template->set_file('form','acl_manager_form.tpl'); |
|
| 144 | + $this->template->set_file('form', 'acl_manager_form.tpl'); |
|
| 145 | 145 | $this->template->set_var('csrf_token', Api\Csrf::token(__FILE__)); |
| 146 | 146 | |
| 147 | 147 | $afn = Api\Accounts::username($this->account_id); |
| 148 | 148 | |
| 149 | - $this->template->set_var('lang_message',lang('Check items to <b>%1</b> to %2 for %3',lang($acl_manager['name']),$GLOBALS['egw_info']['apps'][$_GET['acl_app']]['title'],$afn)); |
|
| 149 | + $this->template->set_var('lang_message', lang('Check items to <b>%1</b> to %2 for %3', lang($acl_manager['name']), $GLOBALS['egw_info']['apps'][$_GET['acl_app']]['title'], $afn)); |
|
| 150 | 150 | $link_values = array( |
| 151 | 151 | 'menuaction' => 'admin.admin_denyaccess.access_form', |
| 152 | 152 | 'acl_app' => $_GET['acl_app'], |
@@ -156,19 +156,19 @@ discard block |
||
| 156 | 156 | |
| 157 | 157 | $acl = new Api\Acl($this->account_id); |
| 158 | 158 | $acl->read_repository(); |
| 159 | - $grants = $acl->get_rights($location,$_GET['acl_app']); |
|
| 159 | + $grants = $acl->get_rights($location, $_GET['acl_app']); |
|
| 160 | 160 | |
| 161 | - $this->template->set_var('form_action',$GLOBALS['egw']->link('/index.php',$link_values)); |
|
| 161 | + $this->template->set_var('form_action', $GLOBALS['egw']->link('/index.php', $link_values)); |
|
| 162 | 162 | |
| 163 | - foreach($acl_manager['rights'] as $name => $value) |
|
| 163 | + foreach ($acl_manager['rights'] as $name => $value) |
|
| 164 | 164 | { |
| 165 | - $cb .= '<input type="checkbox" name="acl_rights[]" value="'.$value.'"'.($grants & $value ? ' checked' : '').'> '.lang($name)."<br>\n"; |
|
| 165 | + $cb .= '<input type="checkbox" name="acl_rights[]" value="'.$value.'"'.($grants&$value ? ' checked' : '').'> '.lang($name)."<br>\n"; |
|
| 166 | 166 | } |
| 167 | - $this->template->set_var('select_values',$cb); |
|
| 168 | - $this->template->set_var('lang_submit',lang('Save')); |
|
| 169 | - $this->template->set_var('lang_cancel',lang('Cancel')); |
|
| 167 | + $this->template->set_var('select_values', $cb); |
|
| 168 | + $this->template->set_var('lang_submit', lang('Save')); |
|
| 169 | + $this->template->set_var('lang_cancel', lang('Cancel')); |
|
| 170 | 170 | |
| 171 | - $this->template->pfp('out','form'); |
|
| 171 | + $this->template->pfp('out', 'form'); |
|
| 172 | 172 | echo $GLOBALS['egw']->framework->footer(); |
| 173 | 173 | } |
| 174 | 174 | } |
@@ -44,29 +44,29 @@ discard block |
||
| 44 | 44 | * @param string $extra_vars for login url |
| 45 | 45 | * @param string $change_passwd =null string with message to render input fields for password change |
| 46 | 46 | */ |
| 47 | - function screen($extra_vars, $change_passwd=null) |
|
| 47 | + function screen($extra_vars, $change_passwd = null) |
|
| 48 | 48 | { |
| 49 | - Api\Header\ContentSecurityPolicy::add('frame-src', array()); // array() no external frame-sources |
|
| 49 | + Api\Header\ContentSecurityPolicy::add('frame-src', array()); // array() no external frame-sources |
|
| 50 | 50 | |
| 51 | 51 | //error_log(__METHOD__."() this->template=$this->framework->template, this->template_dir=$this->framework->template_dir, get_class(this)=".get_class($this)); |
| 52 | 52 | try { |
| 53 | 53 | $tmpl = new Template(EGW_SERVER_ROOT.$this->framework->template_dir); |
| 54 | - $tmpl->set_file(array('login_form' => Api\Header\UserAgent::mobile()?'login_mobile.tpl':'login.tpl')); |
|
| 54 | + $tmpl->set_file(array('login_form' => Api\Header\UserAgent::mobile() ? 'login_mobile.tpl' : 'login.tpl')); |
|
| 55 | 55 | } |
| 56 | - catch(Api\Exception\WrongParameter $e) { |
|
| 56 | + catch (Api\Exception\WrongParameter $e) { |
|
| 57 | 57 | unset($e); |
| 58 | 58 | $tmpl = new Template(EGW_SERVER_ROOT.'/api/templates/default'); |
| 59 | - $tmpl->set_file(array('login_form' => Api\Header\UserAgent::mobile()?'login_mobile.tpl':'login.tpl')); |
|
| 59 | + $tmpl->set_file(array('login_form' => Api\Header\UserAgent::mobile() ? 'login_mobile.tpl' : 'login.tpl')); |
|
| 60 | 60 | } |
| 61 | 61 | |
| 62 | - $tmpl->set_var('lang_message',$GLOBALS['loginscreenmessage']); |
|
| 62 | + $tmpl->set_var('lang_message', $GLOBALS['loginscreenmessage']); |
|
| 63 | 63 | |
| 64 | 64 | // hide change-password fields, if not requested |
| 65 | 65 | if (!$change_passwd) |
| 66 | 66 | { |
| 67 | - $tmpl->set_block('login_form','change_password'); |
|
| 67 | + $tmpl->set_block('login_form', 'change_password'); |
|
| 68 | 68 | $tmpl->set_var('change_password', ''); |
| 69 | - $tmpl->set_var('lang_password',lang('password')); |
|
| 69 | + $tmpl->set_var('lang_password', lang('password')); |
|
| 70 | 70 | |
| 71 | 71 | // display login-message depending on $_GET[cd] and what's in database/header for "login_message" |
| 72 | 72 | $cd_msg = self::check_logoutcode($_GET['cd']); |
@@ -87,9 +87,9 @@ discard block |
||
| 87 | 87 | } |
| 88 | 88 | else |
| 89 | 89 | { |
| 90 | - $tmpl->set_var('lang_password',lang('Old password')); |
|
| 91 | - $tmpl->set_var('lang_new_password',lang('New password')); |
|
| 92 | - $tmpl->set_var('lang_repeat_password',lang('Repeat password')); |
|
| 90 | + $tmpl->set_var('lang_password', lang('Old password')); |
|
| 91 | + $tmpl->set_var('lang_new_password', lang('New password')); |
|
| 92 | + $tmpl->set_var('lang_repeat_password', lang('Repeat password')); |
|
| 93 | 93 | $tmpl->set_var('cd', $change_passwd); |
| 94 | 94 | $tmpl->set_var('cd_class', 'error'); |
| 95 | 95 | $last_loginid = $_POST['login']; |
@@ -98,55 +98,55 @@ discard block |
||
| 98 | 98 | $tmpl->set_var('autofocus_login', ''); |
| 99 | 99 | $tmpl->set_var('autofocus_new_passwd', 'autofocus'); |
| 100 | 100 | } |
| 101 | - if($GLOBALS['egw_info']['server']['show_domain_selectbox']) |
|
| 101 | + if ($GLOBALS['egw_info']['server']['show_domain_selectbox']) |
|
| 102 | 102 | { |
| 103 | - foreach(array_keys($GLOBALS['egw_domain']) as $domain) |
|
| 103 | + foreach (array_keys($GLOBALS['egw_domain']) as $domain) |
|
| 104 | 104 | { |
| 105 | 105 | $domains[$domain] = $domain; |
| 106 | 106 | } |
| 107 | 107 | $tmpl->set_var(array( |
| 108 | 108 | 'lang_domain' => lang('domain'), |
| 109 | - 'select_domain' => Api\Html::select('logindomain',$last_domain,$domains,true,'tabindex="2"',0,false), |
|
| 109 | + 'select_domain' => Api\Html::select('logindomain', $last_domain, $domains, true, 'tabindex="2"', 0, false), |
|
| 110 | 110 | )); |
| 111 | 111 | } |
| 112 | 112 | else |
| 113 | 113 | { |
| 114 | 114 | /* trick to make domain section disapear */ |
| 115 | - $tmpl->set_block('login_form','domain_selection'); |
|
| 116 | - $tmpl->set_var('domain_selection',$GLOBALS['egw_info']['user']['domain'] ? |
|
| 117 | - Api\Html::input_hidden('logindomain',$GLOBALS['egw_info']['user']['domain']) : ''); |
|
| 115 | + $tmpl->set_block('login_form', 'domain_selection'); |
|
| 116 | + $tmpl->set_var('domain_selection', $GLOBALS['egw_info']['user']['domain'] ? |
|
| 117 | + Api\Html::input_hidden('logindomain', $GLOBALS['egw_info']['user']['domain']) : ''); |
|
| 118 | 118 | |
| 119 | - if($last_loginid !== '') |
|
| 119 | + if ($last_loginid !== '') |
|
| 120 | 120 | { |
| 121 | 121 | reset($GLOBALS['egw_domain']); |
| 122 | 122 | list($default_domain) = each($GLOBALS['egw_domain']); |
| 123 | 123 | |
| 124 | - if(!empty ($last_domain) && $last_domain != $default_domain) |
|
| 124 | + if (!empty ($last_domain) && $last_domain != $default_domain) |
|
| 125 | 125 | { |
| 126 | - $last_loginid .= '@' . $last_domain; |
|
| 126 | + $last_loginid .= '@'.$last_domain; |
|
| 127 | 127 | } |
| 128 | 128 | } |
| 129 | 129 | } |
| 130 | 130 | |
| 131 | 131 | $config_reg = Api\Config::read('registration'); |
| 132 | 132 | |
| 133 | - if($config_reg['enable_registration']) |
|
| 133 | + if ($config_reg['enable_registration']) |
|
| 134 | 134 | { |
| 135 | 135 | if ($config_reg['register_link']) |
| 136 | 136 | { |
| 137 | - $reg_link=' <a href="'. $this->framework->link('/registration/index.php','lang_code='.$_GET['lang']). '">'.lang('Not a user yet? Register now').'</a><br/>'; |
|
| 137 | + $reg_link = ' <a href="'.$this->framework->link('/registration/index.php', 'lang_code='.$_GET['lang']).'">'.lang('Not a user yet? Register now').'</a><br/>'; |
|
| 138 | 138 | } |
| 139 | 139 | if ($config_reg['lostpassword_link']) |
| 140 | 140 | { |
| 141 | - $lostpw_link=' <a href="'. $this->framework->link('/registration/index.php','menuaction=registration.registration_ui.lost_password&lang_code='.$_GET['lang']). '">'.lang('Lost password').'</a><br/>'; |
|
| 141 | + $lostpw_link = ' <a href="'.$this->framework->link('/registration/index.php', 'menuaction=registration.registration_ui.lost_password&lang_code='.$_GET['lang']).'">'.lang('Lost password').'</a><br/>'; |
|
| 142 | 142 | } |
| 143 | 143 | if ($config_reg['lostid_link']) |
| 144 | 144 | { |
| 145 | - $lostid_link=' <a href="'. $this->framework->link('/registration/index.php','menuaction=registration.registration_ui.lost_username&lang_code='.$_GET['lang']). '">'.lang('Lost Login Id').'</a><br/>'; |
|
| 145 | + $lostid_link = ' <a href="'.$this->framework->link('/registration/index.php', 'menuaction=registration.registration_ui.lost_username&lang_code='.$_GET['lang']).'">'.lang('Lost Login Id').'</a><br/>'; |
|
| 146 | 146 | } |
| 147 | 147 | |
| 148 | 148 | /* if at least one option of "registration" is activated display the registration section */ |
| 149 | - if($config_reg['register_link'] || $config_reg['lostpassword_link'] || $config_reg['lostid_link'] ) |
|
| 149 | + if ($config_reg['register_link'] || $config_reg['lostpassword_link'] || $config_reg['lostid_link']) |
|
| 150 | 150 | { |
| 151 | 151 | $tmpl->set_var(array( |
| 152 | 152 | 'register_link' => $reg_link, |
@@ -157,20 +157,20 @@ discard block |
||
| 157 | 157 | else |
| 158 | 158 | { |
| 159 | 159 | /* trick to make registration section disapear */ |
| 160 | - $tmpl->set_block('login_form','registration'); |
|
| 161 | - $tmpl->set_var('registration',''); |
|
| 160 | + $tmpl->set_block('login_form', 'registration'); |
|
| 161 | + $tmpl->set_var('registration', ''); |
|
| 162 | 162 | } |
| 163 | 163 | } |
| 164 | 164 | |
| 165 | - $tmpl->set_var('login_url', $GLOBALS['egw_info']['server']['webserver_url'] . '/login.php' . $extra_vars); |
|
| 165 | + $tmpl->set_var('login_url', $GLOBALS['egw_info']['server']['webserver_url'].'/login.php'.$extra_vars); |
|
| 166 | 166 | $tmpl->set_var('version', $GLOBALS['egw_info']['server']['versions']['phpgwapi']); |
| 167 | 167 | $tmpl->set_var('login', htmlspecialchars($last_loginid)); |
| 168 | 168 | |
| 169 | - $tmpl->set_var('lang_username',lang('username')); |
|
| 170 | - $tmpl->set_var('lang_login',lang('login')); |
|
| 169 | + $tmpl->set_var('lang_username', lang('username')); |
|
| 170 | + $tmpl->set_var('lang_login', lang('login')); |
|
| 171 | 171 | |
| 172 | 172 | $tmpl->set_var('website_title', $GLOBALS['egw_info']['server']['site_title']); |
| 173 | - $tmpl->set_var('template_set',$this->framework->template); |
|
| 173 | + $tmpl->set_var('template_set', $this->framework->template); |
|
| 174 | 174 | |
| 175 | 175 | if (substr($GLOBALS['egw_info']['server']['login_logo_file'], 0, 4) == 'http' || |
| 176 | 176 | $GLOBALS['egw_info']['server']['login_logo_file'][0] == '/') |
@@ -179,14 +179,14 @@ discard block |
||
| 179 | 179 | } |
| 180 | 180 | else |
| 181 | 181 | { |
| 182 | - $var['logo_file'] = Api\Image::find('api',$GLOBALS['egw_info']['server']['login_logo_file']?$GLOBALS['egw_info']['server']['login_logo_file']:'logo', '', null); // null=explicit allow svg |
|
| 182 | + $var['logo_file'] = Api\Image::find('api', $GLOBALS['egw_info']['server']['login_logo_file'] ? $GLOBALS['egw_info']['server']['login_logo_file'] : 'logo', '', null); // null=explicit allow svg |
|
| 183 | 183 | } |
| 184 | - $var['logo_url'] = $GLOBALS['egw_info']['server']['login_logo_url']?$GLOBALS['egw_info']['server']['login_logo_url']:'http://www.egroupware.org'; |
|
| 185 | - if (substr($var['logo_url'],0,4) != 'http') |
|
| 184 | + $var['logo_url'] = $GLOBALS['egw_info']['server']['login_logo_url'] ? $GLOBALS['egw_info']['server']['login_logo_url'] : 'http://www.egroupware.org'; |
|
| 185 | + if (substr($var['logo_url'], 0, 4) != 'http') |
|
| 186 | 186 | { |
| 187 | 187 | $var['logo_url'] = 'http://'.$var['logo_url']; |
| 188 | 188 | } |
| 189 | - $var['logo_title'] = $GLOBALS['egw_info']['server']['login_logo_title']?$GLOBALS['egw_info']['server']['login_logo_title']:'www.eGroupWare.org'; |
|
| 189 | + $var['logo_title'] = $GLOBALS['egw_info']['server']['login_logo_title'] ? $GLOBALS['egw_info']['server']['login_logo_title'] : 'www.eGroupWare.org'; |
|
| 190 | 190 | $tmpl->set_var($var); |
| 191 | 191 | |
| 192 | 192 | /* language section if activated in site Config */ |
@@ -194,14 +194,14 @@ discard block |
||
| 194 | 194 | { |
| 195 | 195 | $tmpl->set_var(array( |
| 196 | 196 | 'lang_language' => lang('Language'), |
| 197 | - 'select_language' => Api\Html::select('lang',$GLOBALS['egw_info']['user']['preferences']['common']['lang'], |
|
| 198 | - Api\Translation::get_installed_langs(),true,'tabindex="1"',0,false), |
|
| 197 | + 'select_language' => Api\Html::select('lang', $GLOBALS['egw_info']['user']['preferences']['common']['lang'], |
|
| 198 | + Api\Translation::get_installed_langs(), true, 'tabindex="1"', 0, false), |
|
| 199 | 199 | )); |
| 200 | 200 | } |
| 201 | 201 | else |
| 202 | 202 | { |
| 203 | - $tmpl->set_block('login_form','language_select'); |
|
| 204 | - $tmpl->set_var('language_select',''); |
|
| 203 | + $tmpl->set_block('login_form', 'language_select'); |
|
| 204 | + $tmpl->set_var('language_select', ''); |
|
| 205 | 205 | } |
| 206 | 206 | |
| 207 | 207 | /********************************************************\ |
@@ -209,31 +209,31 @@ discard block |
||
| 209 | 209 | * and place a time selectbox, how long cookie is valid * |
| 210 | 210 | \********************************************************/ |
| 211 | 211 | |
| 212 | - if($GLOBALS['egw_info']['server']['allow_cookie_auth']) |
|
| 212 | + if ($GLOBALS['egw_info']['server']['allow_cookie_auth']) |
|
| 213 | 213 | { |
| 214 | - $tmpl->set_block('login_form','remember_me_selection'); |
|
| 215 | - $tmpl->set_var('lang_remember_me',lang('Remember me')); |
|
| 216 | - $tmpl->set_var('select_remember_me',Api\Html::select('remember_me', '', array( |
|
| 214 | + $tmpl->set_block('login_form', 'remember_me_selection'); |
|
| 215 | + $tmpl->set_var('lang_remember_me', lang('Remember me')); |
|
| 216 | + $tmpl->set_var('select_remember_me', Api\Html::select('remember_me', '', array( |
|
| 217 | 217 | '' => lang('not'), |
| 218 | 218 | '1hour' => lang('1 Hour'), |
| 219 | 219 | '1day' => lang('1 Day'), |
| 220 | 220 | '1week'=> lang('1 Week'), |
| 221 | 221 | '1month' => lang('1 Month'), |
| 222 | 222 | 'forever' => lang('Forever'), |
| 223 | - ),true,'tabindex="3"',0,false)); |
|
| 223 | + ), true, 'tabindex="3"', 0, false)); |
|
| 224 | 224 | } |
| 225 | 225 | else |
| 226 | 226 | { |
| 227 | 227 | /* trick to make remember_me section disapear */ |
| 228 | - $tmpl->set_block('login_form','remember_me_selection'); |
|
| 229 | - $tmpl->set_var('remember_me_selection',''); |
|
| 228 | + $tmpl->set_block('login_form', 'remember_me_selection'); |
|
| 229 | + $tmpl->set_var('remember_me_selection', ''); |
|
| 230 | 230 | } |
| 231 | 231 | $tmpl->set_var('autocomplete', ($GLOBALS['egw_info']['server']['autocomplete_login'] ? 'autocomplete="off"' : '')); |
| 232 | 232 | |
| 233 | 233 | // load jquery for login screen too |
| 234 | 234 | Api\Framework::includeJS('jquery', 'jquery'); |
| 235 | 235 | |
| 236 | - $this->framework->render($tmpl->fp('loginout','login_form'),false,false); |
|
| 236 | + $this->framework->render($tmpl->fp('loginout', 'login_form'), false, false); |
|
| 237 | 237 | } |
| 238 | 238 | |
| 239 | 239 | /** |
@@ -245,7 +245,7 @@ discard block |
||
| 245 | 245 | $tmpl = new Template(EGW_SERVER_ROOT.$this->framework->template_dir); |
| 246 | 246 | $tmpl->set_file(array('login_form' => 'login_denylogin.tpl')); |
| 247 | 247 | } |
| 248 | - catch(Api\Exception\WrongParameter $e) { |
|
| 248 | + catch (Api\Exception\WrongParameter $e) { |
|
| 249 | 249 | unset($e); |
| 250 | 250 | $tmpl = new Template(EGW_SERVER_ROOT.'/api/templates/default'); |
| 251 | 251 | $tmpl->set_file(array('login_form' => 'login_denylogin.tpl')); |
@@ -260,7 +260,7 @@ discard block |
||
| 260 | 260 | // load jquery for deny-login screen too |
| 261 | 261 | Api\Framework::includeJS('jquery', 'jquery'); |
| 262 | 262 | |
| 263 | - $this->framework->render($tmpl->fp('loginout','login_form'),false,false); |
|
| 263 | + $this->framework->render($tmpl->fp('loginout', 'login_form'), false, false); |
|
| 264 | 264 | } |
| 265 | 265 | |
| 266 | 266 | /** |
@@ -271,7 +271,7 @@ discard block |
||
| 271 | 271 | */ |
| 272 | 272 | static function check_logoutcode($code) |
| 273 | 273 | { |
| 274 | - switch($code) |
|
| 274 | + switch ($code) |
|
| 275 | 275 | { |
| 276 | 276 | case 1: |
| 277 | 277 | return lang('You have been successfully logged out'); |
@@ -20,9 +20,9 @@ discard block |
||
| 20 | 20 | * @param array &$var reference of array to check |
| 21 | 21 | * @param string $name ='' name of the array |
| 22 | 22 | */ |
| 23 | -function _check_script_tag(&$var,$name='') |
|
| 23 | +function _check_script_tag(&$var, $name = '') |
|
| 24 | 24 | { |
| 25 | - static $preg=null; |
|
| 25 | + static $preg = null; |
|
| 26 | 26 | //old: '/<\/?[^>]*\b(iframe|script|javascript|on(before)?(abort|blur|change|click|dblclick|error|focus|keydown|keypress|keyup|load|mousedown|mousemove|mouseout|mouseover|mouseup|reset|select|submit|unload))\b[^>]*>/i'; |
| 27 | 27 | if (!isset($preg)) $preg = |
| 28 | 28 | // forbidden tags like iframe or script |
@@ -39,15 +39,15 @@ discard block |
||
| 39 | 39 | '<[^>]+style\s*=\s*("|\')[^>]*(behavior\s*:\s*url|expression)\s*\()/i'; |
| 40 | 40 | if (is_array($var)) |
| 41 | 41 | { |
| 42 | - foreach($var as $key => $val) |
|
| 42 | + foreach ($var as $key => $val) |
|
| 43 | 43 | { |
| 44 | 44 | if (is_array($val)) |
| 45 | 45 | { |
| 46 | - _check_script_tag($var[$key],$name.'['.$key.']'); |
|
| 46 | + _check_script_tag($var[$key], $name.'['.$key.']'); |
|
| 47 | 47 | } |
| 48 | - elseif(strpos($val, '<') !== false) // speedup: ignore everything without < |
|
| 48 | + elseif (strpos($val, '<') !== false) // speedup: ignore everything without < |
|
| 49 | 49 | { |
| 50 | - if (preg_match($preg,$val)) |
|
| 50 | + if (preg_match($preg, $val)) |
|
| 51 | 51 | { |
| 52 | 52 | // special handling for $_POST[json_data], to decend into it's decoded content, fixing json direct might break json syntax |
| 53 | 53 | if ($name == '_POST' && $key == 'json_data' && ($json_data = json_decode($val, true))) |
@@ -61,7 +61,7 @@ discard block |
||
| 61 | 61 | // attempt to clean the thing |
| 62 | 62 | $var[$key] = $val = Api\Html\HtmLawed::purify($val); |
| 63 | 63 | // check if we succeeded, if not drop the var anyway, keep the egw_unset_var in any case |
| 64 | - if (preg_match($preg,$val)) |
|
| 64 | + if (preg_match($preg, $val)) |
|
| 65 | 65 | { |
| 66 | 66 | error_log("*** _check_script_tag($name): unset(${name}[$key]) with value $val***"); |
| 67 | 67 | unset($var[$key]); |
@@ -173,15 +173,15 @@ discard block |
||
| 173 | 173 | die("<p style='color: ".($num_failed?'red':'black')."'>Tests finished: $num_failed / $total failed</p>"); |
| 174 | 174 | }*/ |
| 175 | 175 | |
| 176 | -foreach(array('_COOKIE','_GET','_POST','_REQUEST','HTTP_GET_VARS','HTTP_POST_VARS') as $n => $where) |
|
| 176 | +foreach (array('_COOKIE', '_GET', '_POST', '_REQUEST', 'HTTP_GET_VARS', 'HTTP_POST_VARS') as $n => $where) |
|
| 177 | 177 | { |
| 178 | 178 | $pregs = array( |
| 179 | 179 | 'order' => '/^[a-zA-Z0-9_,]*$/', |
| 180 | 180 | 'sort' => '/^(ASC|DESC|asc|desc|0|1|2|3|4|5|6|7){0,1}$/', |
| 181 | 181 | ); |
| 182 | - foreach(array('order','sort') as $name) |
|
| 182 | + foreach (array('order', 'sort') as $name) |
|
| 183 | 183 | { |
| 184 | - if (isset($GLOBALS[$where][$name]) && !is_array($GLOBALS[$where][$name]) && !preg_match($pregs[$name],$GLOBALS[$where][$name])) |
|
| 184 | + if (isset($GLOBALS[$where][$name]) && !is_array($GLOBALS[$where][$name]) && !preg_match($pregs[$name], $GLOBALS[$where][$name])) |
|
| 185 | 185 | { |
| 186 | 186 | $GLOBALS[$where][$name] = ''; |
| 187 | 187 | } |
@@ -190,14 +190,14 @@ discard block |
||
| 190 | 190 | // speeds up the execusion a bit |
| 191 | 191 | if (isset($GLOBALS[$where]) && is_array($GLOBALS[$where]) && ($n < 3 || isset($GLOBALS['egw_unset_vars']))) |
| 192 | 192 | { |
| 193 | - _check_script_tag($GLOBALS[$where],$where); |
|
| 193 | + _check_script_tag($GLOBALS[$where], $where); |
|
| 194 | 194 | } |
| 195 | 195 | } |
| 196 | 196 | //if (is_array($GLOBALS['egw_unset_vars'])) { echo "egw_unset_vars=<pre>".htmlspecialchars(print_r($GLOBALS['egw_unset_vars'],true))."</pre>"; exit; } |
| 197 | 197 | |
| 198 | 198 | // $GLOBALS[egw_info][flags][currentapp] and die if it contains something nasty or unexpected |
| 199 | 199 | if (isset($GLOBALS['egw_info']) && isset($GLOBALS['egw_info']['flags']) && |
| 200 | - isset($GLOBALS['egw_info']['flags']['currentapp']) && !preg_match('/^[A-Za-z0-9_-]+$/',$GLOBALS['egw_info']['flags']['currentapp'])) |
|
| 200 | + isset($GLOBALS['egw_info']['flags']['currentapp']) && !preg_match('/^[A-Za-z0-9_-]+$/', $GLOBALS['egw_info']['flags']['currentapp'])) |
|
| 201 | 201 | { |
| 202 | 202 | error_log(__FILE__.': '.__LINE__.' Invalid $GLOBALS[egw_info][flags][currentapp]='.array2string($GLOBALS['egw_info']['flags']['currentapp']).', $_SERVER[REQUEST_URI]='.array2string($_SERVER[REQUEST_URI])); |
| 203 | 203 | die('Invalid $GLOBALS[egw_info][flags][currentapp]!'); |
@@ -215,12 +215,12 @@ discard block |
||
| 215 | 215 | die('GLOBALS overwrite detected!!!'); |
| 216 | 216 | } |
| 217 | 217 | // unregister all globals |
| 218 | - $noUnset = array('GLOBALS','_GET','_POST','_COOKIE','_SERVER','_ENV','_FILES','xajax'); |
|
| 219 | - foreach(array_unique(array_merge( |
|
| 220 | - array_keys($_GET),array_keys($_POST),array_keys($_COOKIE),array_keys($_SERVER),array_keys($_ENV),array_keys($_FILES), |
|
| 218 | + $noUnset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_SERVER', '_ENV', '_FILES', 'xajax'); |
|
| 219 | + foreach (array_unique(array_merge( |
|
| 220 | + array_keys($_GET), array_keys($_POST), array_keys($_COOKIE), array_keys($_SERVER), array_keys($_ENV), array_keys($_FILES), |
|
| 221 | 221 | isset($_SESSION) && is_array($_SESSION) ? array_keys($_SESSION) : array())) as $k) |
| 222 | 222 | { |
| 223 | - if (!in_array($k,$noUnset) && isset($GLOBALS[$k])) |
|
| 223 | + if (!in_array($k, $noUnset) && isset($GLOBALS[$k])) |
|
| 224 | 224 | { |
| 225 | 225 | unset($GLOBALS[$k]); |
| 226 | 226 | } |
@@ -250,7 +250,7 @@ discard block |
||
| 250 | 250 | preg_match('/(^|;|{)[OC]:\d+:"/', $str)) |
| 251 | 251 | { |
| 252 | 252 | error_log(__METHOD__."('$str') contains objects --> return NULL"); |
| 253 | - return null; // null, not false, to not trigger behavior of returning string itself to app code |
|
| 253 | + return null; // null, not false, to not trigger behavior of returning string itself to app code |
|
| 254 | 254 | } |
| 255 | 255 | return unserialize($str); |
| 256 | 256 | } |
@@ -321,7 +321,7 @@ discard block |
||
| 321 | 321 | * @param boolean $allow_not_serialized =false true: return $str as is, if it is no serialized array |
| 322 | 322 | * @return array|str|false false if content can not be unserialized (not null like json_decode!) |
| 323 | 323 | */ |
| 324 | -function json_php_unserialize($str, $allow_not_serialized=false) |
|
| 324 | +function json_php_unserialize($str, $allow_not_serialized = false) |
|
| 325 | 325 | { |
| 326 | 326 | if ((in_array($str[0], array('a', 'i', 's', 'b', 'O', 'C')) && $str[1] == ':' || $str === 'N;') && |
| 327 | 327 | ($arr = php_safe_unserialize($str)) !== false || $str === 'b:0;') |
