* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
-Header( "Expires: Wed, 11 Nov 1998 11:11:11 GMT");
-Header( "Cache-Control: no-cache");
-Header( "Cache-Control: must-revalidate");
+Header( "Expires: Wed, 11 Nov 1998 11:11:11 GMT");
+Header( "Cache-Control: no-cache");
+Header( "Cache-Control: must-revalidate");
require_once('../../../www/env.inc.php');
require_once $gfcommon.'include/pre.php';
$login = getStringFromRequest('login');
$form_loginname = getStringFromRequest('form_loginname');
$form_pw = getStringFromRequest('form_pw');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
-$warning_msg = htmlspecialchars(getStringFromRequest('warning_msg'));
-$error_msg = htmlspecialchars(getStringFromRequest('error_msg'));
$triggered = getIntFromRequest('triggered');
//
} else {
$warning_msg = _('Missing Password Or Users Name');
}
-
+
}
}
$HTML->header(array('title'=>'Login'));
if ($login) {
- form_release_key(getStringFromRequest('form_key'));
+ form_release_key(getStringFromRequest('form_key'));
// Account Pending
if (!isset($userstatus)) {
if (isset ($form_loginname)) {
- $u = user_get_object_by_name($form_loginname) ||
+ $u = user_get_object_by_name($form_loginname) ||
user_get_object_by_email($form_loginname) ;
if (!$u) {
$warning_msg .= '<br /><p>'. _('Your account does not exist.').'</p>';
*/
// FIXME : WTF ?!?!?!?
-Header( "Expires: Wed, 11 Nov 1998 11:11:11 GMT");
-Header( "Cache-Control: no-cache");
-Header( "Cache-Control: must-revalidate");
+Header( "Expires: Wed, 11 Nov 1998 11:11:11 GMT");
+Header( "Cache-Control: no-cache");
+Header( "Cache-Control: must-revalidate");
require_once('../../../www/env.inc.php');
require_once $gfcommon.'include/pre.php';
$return_to = getStringFromRequest('return_to');
$login = getStringFromRequest('login');
$postcas = getStringFromRequest('postcas');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
-$warning_msg = htmlspecialchars(getStringFromRequest('warning_msg'));
-$error_msg = htmlspecialchars(getStringFromRequest('error_msg'));
$triggered = getIntFromRequest('triggered');
if (forge_get_config('use_ssl') && !session_issecure()) {
} else {
if ($login) { // The user just clicked the Login button
// Let's send them to CAS
-
+
$return_url = util_make_url('/plugins/authcas/post-login.php?postcas=true&return_to='.htmlspecialchars($return_to));
-
+
$GLOBALS['PHPCAS_CLIENT']->setURL($return_url);
-
+
phpCAS::forceAuthentication();
-
+
} elseif ($postcas) { // The user is coming back from CAS
if (phpCAS::isAuthenticated()) {
if ($plugin->isSufficient()) {
}
if ($return_to) {
validate_return_to($return_to);
-
+
session_redirect($return_to);
//header ("Location: " . util_make_url($return_to));
//exit;
//header ("Location: " . util_make_url("/my"));
//exit;
}
- }
+ }
}
}
*/
// FIXME : WTF ?!?!?!?
-Header( "Expires: Wed, 11 Nov 1998 11:11:11 GMT");
-Header( "Cache-Control: no-cache");
-Header( "Cache-Control: must-revalidate");
+Header( "Expires: Wed, 11 Nov 1998 11:11:11 GMT");
+Header( "Cache-Control: no-cache");
+Header( "Cache-Control: must-revalidate");
require_once('../../../www/env.inc.php');
require_once $gfcommon.'include/pre.php';
$return_to = getStringFromRequest('return_to');
$login = getStringFromRequest('login');
$postcas = getStringFromRequest('postcas');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
-$warning_msg = htmlspecialchars(getStringFromRequest('warning_msg'));
-$error_msg = htmlspecialchars(getStringFromRequest('error_msg'));
$triggered = getIntFromRequest('triggered');
if (forge_get_config('use_ssl') && !session_issecure()) {
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
-Header( "Expires: Wed, 11 Nov 1998 11:11:11 GMT");
-Header( "Cache-Control: no-cache");
-Header( "Cache-Control: must-revalidate");
+Header( "Expires: Wed, 11 Nov 1998 11:11:11 GMT");
+Header( "Cache-Control: no-cache");
+Header( "Cache-Control: must-revalidate");
require_once('../../../www/env.inc.php');
require_once $gfcommon.'include/pre.php';
$login = getStringFromRequest('login');
$form_loginname = getStringFromRequest('form_loginname');
$form_pw = getStringFromRequest('form_pw');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
-$warning_msg = htmlspecialchars(getStringFromRequest('warning_msg'));
-$error_msg = htmlspecialchars(getStringFromRequest('error_msg'));
$triggered = getIntFromRequest('triggered');
//
}
} else {
$warning_msg = _('LDAP server unreachable');
- }
+ }
}
$HTML->header(array('title'=>'Login'));
if ($login) {
- form_release_key(getStringFromRequest('form_key'));
+ form_release_key(getStringFromRequest('form_key'));
// Account Pending
if (!isset($userstatus)) {
if (isset ($form_loginname)) {
- $u = user_get_object_by_name($form_loginname) ||
+ $u = user_get_object_by_name($form_loginname) ||
user_get_object_by_email($form_loginname) ;
if (!$u) {
$warning_msg .= '<br /><p>'. _('Your account does not exist.').'</p>';
* You should have received a copy of the GNU General Public License
* along with FusionForge; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 US
- *
+ *
*/
// FIXME : WTF ?!?!?!?
-Header( "Expires: Wed, 11 Nov 1998 11:11:11 GMT");
-Header( "Cache-Control: no-cache");
-Header( "Cache-Control: must-revalidate");
+Header( "Expires: Wed, 11 Nov 1998 11:11:11 GMT");
+Header( "Cache-Control: no-cache");
+Header( "Cache-Control: must-revalidate");
require_once('../../../www/env.inc.php');
require_once $gfcommon.'include/pre.php';
$return_to = getStringFromRequest('return_to');
$login = getStringFromRequest('login');
$openid_identifier = getStringFromRequest('openid_identifier');
-
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
-$warning_msg = htmlspecialchars(getStringFromRequest('warning_msg'));
-$error_msg = htmlspecialchars(getStringFromRequest('error_msg'));
$triggered = getIntFromRequest('triggered');
if (forge_get_config('use_ssl') && !session_issecure()) {
}
try {
-
+
// initialize the OpenID lib handler which will read the posted args
$plugin->openid = new LightOpenID;
// check the 'openid_mode' that may be set on returning from OpenID provider
if(!$plugin->openid->mode) {
-
+
// We're just called by the login form : redirect to the OpenID provider
if(isset($_POST['openid_identifier'])) {
$openid_identifier = $_POST['openid_identifier'];
$warning_msg = _('No such OpenID identity registered yet');
}
}
-
+
// or we are called back by the OpenID provider
} elseif($plugin->openid->mode == 'cancel') {
$warning_msg .= _('User has canceled authentication');
} else {
-
+
// Authentication should have been attempted by OpenID provider
if ($plugin->openid->validate()) {
// If user successfully logged in to OpenID provider
-
+
// initiate session
if ($plugin->isSufficient()) {
$user = False;
-
+
$username = $plugin->getUserNameFromOpenIDIdentity($plugin->openid->identity);
if ($username) {
$user_tmp = user_get_object_by_name($username);
$warning_msg = _('OpenID plugin not activated for the user account');
}
}
-
+
if($user) {
// redirect to the proper place in the forge
if ($return_to) {
validate_return_to($return_to);
-
+
session_redirect($return_to);
} else {
session_redirect("/my");
}
}
}
-
+
// Otherwise, display the login form again
display_login_page($return_to, $triggered);
-
+
} catch(ErrorException $e) {
echo 'OpenID error'. $e->getMessage();
}
function getAvailableBlocks($group) {
$blocks = array(
- 'summary_description' =>
+ 'summary_description' =>
_("Block to replace the default project description with an enhanced one."),
// To be reworked to play nice with the widgets page.
-// 'summary_right' =>
+// 'summary_right' =>
// _("Block in the summary page (right)"),
- 'request_join' =>
+ 'request_join' =>
_("Block to list informations requested to ask to join a project"),
);
-
+
if ($group->usesForum()) {
// Get the blocks in the forums.
$blocks['forum index'] = _("Display block at the top of the listing");
$blocks['forum_'.$f->getName()] = _("Display block at the top");
}
}
-
+
if ($group->usesTracker()) {
// Get the blocks in the trackers.
$blocks['tracker index'] = _("Display block at the top of the listing");
}
// the header that displays for the user portion of the plugin
-function blocks_Project_Header($params) {
+function blocks_Project_Header($params) {
global $DOCUMENT_ROOT,$HTML,$id;
- $params['toptab']='blocks';
+ $params['toptab']='blocks';
$params['group']=$id;
- /*
- Show horizontal links
- */
- site_project_header($params);
+ /*
+ Show horizontal links
+ */
+ site_project_header($params);
}
$user = session_get_user(); // get the session user
$name = getStringFromRequest('name');
$body = getStringFromRequest('body');
$activate = getArrayFromRequest('activate');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
$blocks_text = array(
'forum' => _('Forums'),
session_require_perm ('project_admin', $id) ;
- blocks_Project_Header(array('title'=>$pluginname . ' Project Plugin!','pagename'=>"$pluginname",'sectionvals'=>array(group_getname($id))));
+ blocks_Project_Header(array('title'=>$pluginname . ' Project Plugin!','pagename'=>"$pluginname",'sectionvals'=>array(group_getname($id))));
// DO THE STUFF FOR THE PROJECT PART HERE
echo "We are in the Project blocks plugin <br />";
echo "Greetings from planet " . $world; // $world comes from the config file in /etc
exit_no_group();
}
if ( ! ($group->usesPlugin ( $pluginname )) ) {//check if the group has the blocks plugin active
- exit_error(sprintf(_('First activate the %s plugin through the Project\'s Admin Interface'),$pluginname),'home');
+ exit_error(sprintf(_('First activate the %s plugin through the Project\'s Admin Interface'),$pluginname),'home');
}
session_require_perm ('project_admin', $id) ;
- blocks_Project_Header(array('title'=>$pluginname . ' Project Plugin!','pagename'=>"$pluginname",'sectionvals'=>array(group_getname($id))));
+ blocks_Project_Header(array('title'=>$pluginname . ' Project Plugin!','pagename'=>"$pluginname",'sectionvals'=>array(group_getname($id))));
// DO THE STUFF FOR THE PROJECT ADMINISTRATION PART HERE
$res = db_query_params('SELECT name, status FROM plugin_blocks WHERE group_id=$1',
exit_no_group();
}
if ( ! ($group->usesPlugin ( $pluginname )) ) {//check if the group has the blocks plugin active
- exit_error(sprintf(_('First activate the %s plugin through the Project\'s Admin Interface'),$pluginname),'home');
+ exit_error(sprintf(_('First activate the %s plugin through the Project\'s Admin Interface'),$pluginname),'home');
}
session_require_perm ('project_admin', $id) ;
$status[ $row['name'] ] = $row['status'];
}
$blocks = getAvailableBlocks($group);
-
+
// Workaround when a block has a name with a & inside.
// It seems sadly converted by the form (or php?).
foreach ($activate as $k => $v) {
}
foreach ($blocks as $b => $help) {
-
+
if (!$activate[$b])
$activate[$b] = 0;
-
+
if ((!isset($status[$b]) && $activate[$b]) ||
(isset($status[$b]) && $activate[$b] !== $status[$b]))
// Must be updated.
}
session_require_perm ('project_admin', $id) ;
- blocks_Project_Header(array('title'=>$pluginname . ' Project Plugin!','pagename'=>"$pluginname",'sectionvals'=>array(group_getname($id))));
+ blocks_Project_Header(array('title'=>$pluginname . ' Project Plugin!','pagename'=>"$pluginname",'sectionvals'=>array(group_getname($id))));
// DO THE STUFF FOR THE PROJECT ADMINISTRATION PART HERE
-
+
$blocks = getAvailableBlocks($group);
$res = db_query_params('SELECT content FROM plugin_blocks WHERE group_id=$1 AND name=$2',
array($id, $name));
$body = db_result($res,0,"content");
-
+
print _("Edit the block as you want. If you activate the HTML editor, you will be able to use WYSIWYG formatting (bold, colors...)");
-
+
print "<center>";
- print "<b>$blocks[$name]</b> ($name)";
+ print "<b>$blocks[$name]</b> ($name)";
print "<form action=\"/plugins/blocks/\" method=\"post\">";
print "<input type=\"hidden\" name=\"id\" value=\"$id\" />\n";
print "<input type=\"hidden\" name=\"pluginname\" value=\"$pluginname\" />\n";
$body = $templates['*'];
}
}
-
+
$params['body'] = $body;
$params['width'] = "800";
$params['height'] = "500";
exit_no_group();
}
if ( ! ($group->usesPlugin ( $pluginname )) ) {//check if the group has the blocks plugin active
- exit_error(sprintf(_('First activate the %s plugin through the Project\'s Admin Interface'),$pluginname),'home');
+ exit_error(sprintf(_('First activate the %s plugin through the Project\'s Admin Interface'),$pluginname),'home');
}
session_require_perm ('project_admin', $id) ;
require_once $gfcommon.'include/pre.php';
require_once $gfcommon.'include/timezones.php';
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
-$error_msg = htmlspecialchars(getStringFromRequest('error_msg'));
-
session_require_login();
// get global users vars
<?php echo _('Enable tooltips. Small help texts displayed on mouse over links, images.');
?>
</td></tr>
-<?php
+<?php
// displays a "Use xxxx Plugin" checkbox
plugin_hook("userisactivecheckbox", $hookParams);
?>
require_once $gfwww.'admin/admin_utils.php';
require_once $gfwww.'include/role_utils.php';
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
-$error_msg = htmlspecialchars(getStringFromRequest('error_msg'));
-$warning_msg = htmlspecialchars(getStringFromRequest('warning_msg'));
-
site_admin_header(array('title'=>_('Site Admin')));
$abc_array = array('A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z','0','1','2','3','4','5','6','7','8','9');
$id = getIntFromRequest('id');
$for_group = getIntFromRequest('for_group');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
-
/*
-
+
News uber-user admin pages
-
+
Show all waiting news items except those already rejected.
-
+
Admin members of forge_get_config('news_group') (news project) can edit/change/approve news items
-
+
*/
session_require_global_perm ('approve_news') ;
if ($post_changes) {
if ($approve) {
-
+
$result=db_query_params("SELECT * FROM news_bytes WHERE id=$1 AND group_id=$2", array($id, $for_group));
if (db_numrows($result) < 1) {
exit_error(_('Newsbyte not found'),'news');
}
-
+
$forum_id = db_result($result,0,'forum_id');
if ($status==1) {
Move msg to rejected status
*/
$news_id = getArrayFromRequest('news_id');
- $result = db_query_params("UPDATE news_bytes
-SET is_approved='2'
+ $result = db_query_params("UPDATE news_bytes
+SET is_approved='2'
WHERE id = ANY($1)",array(db_int_array_to_any_clause($news_id)));
if (!$result || db_affected_rows($result) < 1) {
$error_msg .= _('Error On Update:');
Show the submit form
*/
- $result=db_query_params("SELECT groups.unix_group_name,groups.group_id,news_bytes.*
-FROM news_bytes,groups WHERE id=$1
+ $result=db_query_params("SELECT groups.unix_group_name,groups.group_id,news_bytes.*
+FROM news_bytes,groups WHERE id=$1
AND news_bytes.group_id=groups.group_id ", array($id));
if (db_numrows($result) < 1) {
exit_error(_('Newsbyte not found'),'news');
if (db_result($result,0,'is_approved') == 4) {
exit_error(_('Newsbyte deleted'),'news');
}
-
+
$group = group_get_object(db_result($result,0,'group_id'));
$user =& user_get_object(db_result($result,0,'submitted_by'));
<strong>'._('Subject').':</strong><br />
<input type="text" name="summary" value="'.db_result($result,0,'summary').'" size="60" maxlength="60" /><br />
<strong>'._('Details').':</strong><br />';
-
+
$GLOBALS['editor_was_set_up']=false;
$params = array () ;
$params['name'] = 'details';
//if we don't have any plugin for text editor, display a simple textarea edit box
echo '<textarea name="details" rows="5" cols="50">'.db_result($result,0,'details').'</textarea><br />';
}
- unset($GLOBALS['editor_was_set_up']);
-
-
+ unset($GLOBALS['editor_was_set_up']);
+
+
echo '<br />
<input type="submit" name="submit" value="'._('Submit').'" />
</form>';
$group_id = getIntFromRequest('group_id');
$group_forum_id = getIntFromRequest('group_forum_id');
$deleteforum = getStringFromRequest('deleteforum');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
global $HTML;
html_build_select_box_from_assoc(array("0" => _('No Moderation') ,"1" => _('Moderated Level 1'),"2" => _('Moderated Level 2') ),"moderation_level",0) . '
<br />' . _('Moderated Level 1') . ': ' . _('To moderate anonymous posts (if allowed in public forum) and posts from non-member users.') . '<br />' . _('Moderated Level 2') . ': ' . _('To moderate ALL posts.') . '<p>
-
+
<strong>'._('Email All Posts To:').'</strong><br />
<input type="text" name="send_all_posts_to" value="" size="60" />
</p>
echo '<p>'._('You can adjust forum features from here. Please note that private forums can still be viewed by members of your project, not the general public.').'</p>';
$fa = new ForumAdmin($f->Group->getID());
$fa->PrintAdminPendingOption($group_forum_id);
-
+
echo '
<form action="'.getStringFromServer('PHP_SELF').'" method="post">
<p>
<input type="hidden" name="change_status" value="y" />
<input type="hidden" name="group_forum_id" value="'. $f->getID() .'" />
<input type="hidden" name="group_id" value="'.$group_id.'" />
-
+
<strong>'._('Allow Anonymous Posts?').'</strong><br />
<input type="radio" name="allow_anonymous" value="1"'.(($f->AllowAnonymous() == 1)?' checked="checked"':'').' /> '._('Yes').'<br />
<input type="radio" name="allow_anonymous" value="0"'.(($f->AllowAnonymous() == 0)?' checked="checked"':'').'/> '._('No').'
<p>' .
html_build_select_box_from_assoc(array("0" => _('No Moderation') ,"1" => _('Moderated Level 1'),"2" => _('Moderated Level 2') ),"moderation_level",$f->getModerationLevel()) . '
<br />' . _('Moderated Level 1') . ': ' . _('To moderate anonymous posts (if allowed in public forum) and posts from non-member users.') . '<br />' . _('Moderated Level 2') . ': ' . _('To moderate ALL posts.') . '<p>
-
+
<strong>'._('Forum Name').':</strong><br />
<input type="text" name="forum_name" value="'. $f->getName() .'" size="20" maxlength="30" />
} elseif ( getStringFromRequest("deletemsg") ) {
// delete message handling
-
+
$forum_id = getIntFromRequest("forum_id");
$thread_id = getIntFromRequest("thread_id");
$msg_id = getIntFromRequest("deletemsg");
<h3>' . _('WARNING! You are about to permanently delete a message and all of its followups!!') . '</h3>
<p>
<input type="submit" name="ok" value="' . _('Yes') . '" />
- <input type="submit" name="cancel" value="' . _('No') . '" />
+ <input type="submit" name="cancel" value="' . _('No') . '" />
<input type="hidden" name="deletemsg" value="'.$msg_id.'" />
<input type="hidden" name="group_id" value="'.$group_id.'" />
<input type="hidden" name="forum_id" value="'.$forum_id.'" />
}
$subject = getStringFromRequest('subject');
$body = getStringFromRequest('body');
-
+
$sanitizer = new TextSanitizer();
$body = $sanitizer->SanitizeHtml($body);
-
+
$is_followup_to = getStringFromRequest('is_followup_to');
$form_key = getStringFromRequest('form_key');
$posted_by = getStringFromRequest('posted_by');
} elseif (getStringFromRequest("cancel")) {
// the user cancelled the request, go back to forum
session_redirect('/forum/message.php?msg_id='.$msg_id);
- } else {
+ } else {
//print the edit message confirmation
-
+
$f = new Forum ($fa->GetGroupObject(),$forum_id);
if (!$f || !is_object($f)) {
exit_error(_('Error Getting Forum'),'forums');
} elseif ($f->isError()) {
exit_error($f->getErrorMessage(),'forums');
}
-
+
$fm=new ForumMessage($f,$msg_id,false,false);
if (!$fm || !is_object($fm)) {
exit_error(_('Error Getting ForumMessage'),'forums');
} elseif ($fm->isError()) {
exit_error($fm->getErrorMessage(),'forums');
}
-
+
$fh = new ForumHTML($f);
if (!$fh || !is_object($fh)) {
exit_error(_('Error Getting ForumHTML'),'forums');
} elseif ($fh->isError()) {
exit_error($fh->getErrorMessage(),'forums');
}
-
+
forum_header(array('title'=>_('Edit a Message')));
$fh->showEditForm($fm);
forum_footer(array());
session_redirect('/forum/forum.php?thread_id='.$thread_id.'&forum_id='.$forum_id);
}
exit;
- } else {
+ } else {
// Display select box to select new forum
forum_header(array('title'=>_('Move Thread')));
-
+
$ff = new ForumFactory($g);
if (!$ff || !is_object($ff) || $ff->isError()) {
exit_error($ff->getErrorMessage(),'forums');
$forums[$farr[$j]->getID()] = $farr[$j]->getName();
}
}
-
+
$f_from = new Forum ($fa->GetGroupObject(),$forum_id);
if (!$f_from || !is_object($f_from)) {
exit_error(_('Could Not Get Forum Object'),'forums');
} elseif ($f_from->isError()) {
exit_error($f_from->getErrorMessage(),'forums');
}
-
+
echo '<center>
<form action="'.getStringFromServer('PHP_SELF').'" method="post">
<p><strong>' . sprintf(_('Move thread from %s forum to the following forum:'), $f_from->getName()) . '</strong></p>
html_build_select_box_from_assoc($forums,'new_forum_id',$forum_id) .
'<br /><br />
<input type="submit" name="ok" value="' . _("Submit") . '" />
- <input type="submit" name="cancel" value="' . _("Cancel") . '" />
+ <input type="submit" name="cancel" value="' . _("Cancel") . '" />
</p>
</form>
</center>';
$offset = getIntFromRequest('offset');
$max_rows = getIntFromRequest('max_rows');
$set = getStringFromRequest('set');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
if ($forum_id) {
$title_arr[]=_('Topic Starter');
$title_arr[]=_('Replies');
$title_arr[]=_('Last Post');
-
+
$ret_val .= $GLOBALS['HTML']->listTableTop ($title_arr);
$i=0;
while (($row=db_fetch_array($result)) && ($i < $max_rows)) {
use_javascript('/tabber/tabber.js');
-function validate_return_to(&$return_to='/') {
- $newrt = '/' ;
+function validate_return_to(&$return_to = '/') {
+ $newrt = '/';
if ($return_to) {
$tmpreturn=explode('?',$return_to);
$rtpath = $tmpreturn[0] ;
-
+
if (@is_file(forge_get_config('url_root').$rtpath)
|| @is_dir(forge_get_config('url_root').$rtpath)
|| (strpos($rtpath,'/projects') == 0)
|| (strpos($rtpath,'/plugins/mediawiki') == 0)) {
- $newrt = $return_to ;
+ $newrt = $return_to;
}
}
$return_to = $newrt;
}
-function display_login_page($return_to='/', $triggered=false) {
+function display_login_page($return_to = '/', $triggered = false) {
display_login_form($return_to, $triggered, true);
}
-function display_login_form($return_to='/', $triggered=false, $full_page=false) {
+function display_login_form($return_to = '/', $triggered = false, $full_page = false) {
global $HTML;
validate_return_to($return_to);
$urls = array_values($params['transparent_redirect_urls']);
session_redirect_external($urls[0]);
}
-
+
$HTML->header(array('title'=>'Login'));
}
echo '</p>';
}
-
+
if (count ($params['html_snippets']) > 1) {
$use_tabber = true;
echo '<div id="tabber" class="tabber">';
echo '</div>';
}
}
-
+
if ($use_tabber) {
echo '</div>';
}
$group_id = getIntFromRequest('group_id');
-$feedback = getStringFromRequest('feedback');
-
if ($group_id) {
$group = group_get_object($group_id);
if (!$group || !is_object($group) || $group->isError()) {
exit_no_group();
}
-
+
session_require_perm ('project_admin', $group->getID()) ;
-
+
//
// Post Changes to database
//
if (check_email_available($group, $group->getUnixName() . '-' . getStringFromPost('list_name'), $error_msg)) {
$mailingList = new MailingList($group);
-
+
if (!form_key_is_valid(getStringFromRequest('form_key'))) {
exit_form_double_submit('mail');
}
form_release_key(getStringFromRequest("form_key"));
exit_error($mailingList->getErrorMessage(),'mail');
}
-
+
if(!$mailingList->create(
getStringFromPost('list_name'),
getStringFromPost('description'),
//
} elseif (getStringFromPost('change_status') == 'y') {
$mailingList = new MailingList($group, getIntFromGet('group_list_id'));
-
+
if(!$mailingList || !is_object($mailingList)) {
exit_error(_('Error getting the list'),'mail');
} elseif($mailingList->isError()) {
exit_error($mailingList->getErrorMessage(),'mail');
}
-
+
if(!$mailingList->update(
unInputSpecialChars(getStringFromPost('description')),
getIntFromPost('is_public', MAIL__MAILING_LIST_IS_PUBLIC)
//
if (getIntFromRequest('reset_pw') == 1) {
$mailingList = new MailingList($group, getIntFromGet('group_list_id'));
-
+
if(!$mailingList || !is_object($mailingList)) {
exit_error(_('Error getting the list'),'mail');
} elseif($mailingList->isError()) {
exit_error($mailingList->getErrorMessage(),'mail');
}
-
+
if($mailingList->getStatus() == MAIL__MAILING_LIST_IS_CONFIGURED) {
if(!$mailingList->update(
$mailingList->getDescription(),
print '<p>';
print _('It will take <span class="important">6-24 Hours</span> for your list to be created.');
print '</p>';
-
+
$mlFactory = new MailingListFactory($group);
if (!$mlFactory || !is_object($mlFactory) || $mlFactory->isError()) {
exit_error($mlFactory->getErrorMessage(),'mail');
}
-
+
$mlArray =& $mlFactory->getMailingLists();
if ($mlFactory->isError()) {
mail_footer(array());
exit;
}
-
+
$tableHeaders = array(
_('Existing mailing lists')
);
//
} elseif(getIntFromGet('change_status') && getIntFromGet('group_list_id')) {
$mailingList = new MailingList($group, getIntFromGet('group_list_id'));
-
+
if(!$mailingList || !is_object($mailingList)) {
exit_error(_('Error getting the list'),'mail');
} elseif($mailingList->isError()) {
exit_error($mailingList->getErrorMessage(),'mail');
}
-
+
mail_header(array(
'title' => _('Mail admin')));
?>
$id = getIntFromRequest('id');
$for_group = getIntFromRequest('for_group');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
-
if ($group_id && $group_id != forge_get_config('news_group')) {
session_require_perm ('project_admin', $group_id) ;
if (db_numrows($result) < 1) {
exit_error(_('Newsbyte not found'),'news');
}
-
+
$forum_id = db_result($result,0,'forum_id');
$old_group_id = db_result($result,0,'group_id');
-
+
if ($approve) {
/*
Update the db so the item shows on the home page
if (!$details) {
$details='(none)';
}
-
+
if (getStringFromRequest('_details_content_type') == 'html') {
$details = TextSanitizer::purify($details);
} else {
$details = htmlspecialchars($details);
}
- $result = db_query_params("UPDATE news_bytes SET is_approved=$1, summary=$2,
+ $result = db_query_params("UPDATE news_bytes SET is_approved=$1, summary=$2,
details=$3 WHERE id=$4 AND group_id=$5", array($status, htmlspecialchars($summary), $details, $id, $group_id));
-
+
if (!$result || db_affected_rows($result) < 1) {
$error_msg .= _('Error On Update:');
$error_msg .= db_error();
if (db_numrows($result) < 1) {
exit_error(_('Newsbyte not found'),'news');
}
-
+
$group = group_get_object($group_id);
-
+
echo notepad_func();
echo '
<p />
<strong>'._('Subject').'</strong><br />
<input type="text" name="summary" value="'.db_result($result,0,'summary').'" size="60" maxlength="60" /><br />
<strong>'._('Details').'</strong>'.notepad_button('document.forms.newsadminform.details').'<br />';
-
+
$GLOBALS['editor_was_set_up']=false;
$params = array () ;
$params['name'] = 'details';
echo '<textarea name="details" rows="5" cols="50">'.db_result($result,0,'details').'</textarea><br />';
}
unset($GLOBALS['editor_was_set_up']);
-
+
echo '<p>
<strong>'.sprintf(_('If this item is on the %1$s home page and you edit it, it will be removed from the home page.'), forge_get_config ('forge_name')).'</strong><br /></p>
<input type="submit" name="submit" value="'._('Submit').'" />
$result=db_query_params("SELECT * FROM news_bytes WHERE is_approved <> 4 AND group_id=$1", array($group_id));
$rows=db_numrows($result);
$group = group_get_object($group_id);
-
+
if ($rows < 1) {
echo '
<p class="warning_msg">'._('No Queued Items Found').'</p>';
$group_id = getIntFromRequest('group_id');
$limit = getIntFromRequest('limit');
$offset = getIntFromRequest('offset');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
news_header(array('title'=>_('News')));
* it under the terms of the GNU General Public License as published
* by the Free Software Foundation; either version 2 of the License,
* or (at your option) any later version.
- *
+ *
* FusionForge is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
$related_artifact_id = getIntFromRequest('related_artifact_id');
$related_artifact_summary = getStringFromRequest('related_artifact_summary');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
-$warning_msg = htmlspecialchars(getStringFromRequest('warning_msg'));
-$error_msg = htmlspecialchars(getStringFromRequest('error_msg'));
pm_header(array('title'=>_('Add a new Task'),'group_project_id'=>$group_project_id));
echo notepad_func();
<td>
<strong><?php echo _('Category') ?></strong><br />
<?php
- echo $pg->categoryBox('category_id');
+ echo $pg->categoryBox('category_id');
echo util_make_link ('/pm/admin/?group_id='.$group_id.'&add_cat=1&group_project_id='.$group_project_id,'('._('admin').')');
?>
</td>
require_once $gfcommon.'include/GroupJoinRequest.class.php';
$group_id = getIntFromRequest('group_id');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
session_require_perm ('project_admin', $group_id) ;
$addTags = getArrayFromRequest('addTags');
$new_doc_address = getStringFromRequest('new_doc_address');
$send_all_docs = getStringFromRequest('send_all_docs');
-
+
if (trim($tags) != "") {
$tags .= ",";
}
$tags,
0
);
-
+
//100 $logo_image_id
if (!$res) {
<?php echo $HTML->boxTop(_('Misc. Project Information'));
if (forge_get_config('use_shell')) {
-?>
+?>
<p><?php echo _('Group shell (SSH) server: ') ?><strong><?php echo $group->getUnixName().'.'.forge_get_config('web_host'); ?></strong></p>
<p><?php echo _('Group directory on shell server: ') ?><br/><strong><?php echo account_group_homedir($group->getUnixName()); ?></strong></p>
<p><?php echo _('Project WWW directory on shell server: ') ?><br /><strong><?php echo account_group_homedir($group->getUnixName()).'/htdocs'; ?></strong></p>
<?php
} //end of use_shell condition
-?>
+?>
<form action="<?php echo getStringFromServer('PHP_SELF'); ?>" method="post">
<?php echo _('Add tags (use comma as separator): ') ?><br />
<input type="text" name="form_tags" size="100" value="<?php echo $group->getTags(); ?>" />
</p>
-<?php
+<?php
$infos = getAllProjectTags();
if ($infos) {
echo '<br />';
?>
<input type="hidden" name="use_mail" value="<?php echo ($group->usesMail() ? '1' : '0'); ?>" />
<?php
-}
+}
if(forge_get_config('use_survey')) {
?>
require_once $gfcommon.'include/GroupJoinRequest.class.php';
$group_id = getIntFromRequest('group_id');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
-$warnig_msg = htmlspecialchars(getStringFromRequest('warnig_msg'));
-$error_msg = htmlspecialchars(getStringFromRequest('error_msg'));
session_require_perm ('project_admin', $group_id) ;
<table width="100%" cellpadding="2" cellspacing="2">
<tr valign="top">
- <td width="50%"><?php
+ <td width="50%"><?php
//
// Pending requests
//
}
echo '</a></td>';
$seen = true ;
- }
-
+ }
+
echo '
<form action="'.getStringFromServer('PHP_SELF').'" method="post">
<input type="hidden" name="submit" value="y" />
<input type="hidden" name="user_id" value="'.$user->getID().'" />
<input type="hidden" name="group_id" value="'. $group_id .'" />' ;
-
+
echo '<td style="white-space: nowrap;">';
echo $role->getName() ;
echo '<input type="hidden" name="role_id" value="'.$role->getID().'" />' ;
<input type="hidden" name="submit" value="y" />
<input type="hidden" name="form_unix_name" value="'.$user->getUnixName().'" />
<input type="hidden" name="group_id" value="'. $group_id .'" />' ;
-
+
echo '<tr><td style="white-space: nowrap;">';
echo role_box($group_id,'role_id',$role->getID());
echo '</td><td><input type="submit" name="adduser" value="'._("Grant extra role").'" />
echo '</tbody></table>';
echo $HTML->boxBottom();
-
+
?></td>
<td><?php
-
+
foreach ($unused_external_roles as $r) {
$ids[] = $r->getID() ;
$names[] = $r->getDisplayableName($group) ;
-}
+}
echo '<tr><form action="'.getStringFromServer('PHP_SELF').'" method="post">' ;
echo '<input type="hidden" name="submit" value="y" />' ;
echo '<input type="hidden" name="group_id" value="'.$group_id.'" />' ;
}
}
-echo $HTML->boxBottom();
+echo $HTML->boxBottom();
?></td>
</tr>
session_require_global_perm ('forge_stats', 'read') ;
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
-$warning_msg = htmlspecialchars(getStringFromRequest('warning_msg'));
-$error_msg = htmlspecialchars(getStringFromRequest('error_msg'));
-
report_header('Main Page');
?>
$group_id = getIntFromRequest('group_id');
$atid = getIntFromRequest('atid');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
$add_extrafield = '';
} else {
$actions = array('add_extrafield', 'customize_list', 'workflow', 'workflow_roles', 'add_opt',
'updownorder_opt', 'post_changes_order', 'post_changes_alphaorder', 'copy_opt', 'add_canned',
- 'clone_tracker', 'uploadtemplate', 'downloadtemplate', 'downloadcurrenttemplate',
+ 'clone_tracker', 'uploadtemplate', 'downloadtemplate', 'downloadcurrenttemplate',
'update_canned', 'update_box', 'update_opt', 'delete', 'delete_opt', 'deleteextrafield','update_type');
$action = '';
foreach ($actions as $a) {
}
}
- if ($action == 'add_extrafield') {
+ if ($action == 'add_extrafield') {
include $gfwww.'tracker/admin/form-addextrafield.php';
$group_id = getIntFromRequest('group_id');
$atid = getIntFromRequest('atid');
-$feedback = htmlspecialchars(getStringFromRequest('feedback'));
-$warning_msg = htmlspecialchars(getStringFromRequest('warning_msg'));
-$error_msg = htmlspecialchars(getStringFromRequest('error_msg'));
-
//if the ATID and GID are not provided, but
//the artifact_id is, then fetch the other vars
if ($aid && (!$group_id && !$atid)) {