From 2e961201be67cc348e7da22ad7c32c87c9f3d30d Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 11 May 2010 07:00:08 -0400
Subject: [PATCH] Fixed: FS#1186 - Error in Installer r1728
---
interface/lib/classes/listform.inc.php | 142 +++++++++++++++++++++++++++++++++++------------
1 files changed, 106 insertions(+), 36 deletions(-)
diff --git a/interface/lib/classes/listform.inc.php b/interface/lib/classes/listform.inc.php
index 27d1c8a..c97e39d 100644
--- a/interface/lib/classes/listform.inc.php
+++ b/interface/lib/classes/listform.inc.php
@@ -1,7 +1,7 @@
<?php
/*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
@@ -28,14 +28,6 @@
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/**
-* Listenbehandlung
-*
-* @package listform
-* @author Till Brehm
-* @version 1.1
-*/
-
class listform {
private $debug = 0;
@@ -46,12 +38,14 @@
private $pagingValues;
private $searchChanged = 0;
private $module;
- private $dateformat = 'd.m.Y';
+ public $wordbook;
- public function loadListDef($file,$module = '')
+ public function loadListDef($file, $module = '')
{
global $app,$conf;
- if(!is_file($file)) die("List-Definition: $file not found.");
+ if(!is_file($file)){
+ die("List-Definition: $file not found.");
+ }
require_once($file);
$this->listDef = $liste;
$this->module = $module;
@@ -62,6 +56,14 @@
$this->listDef['item'][$key]['value'] = $this->getDatasourceData($field);
}
}
+
+ //* Set local Language File
+ $lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_'.$this->listDef['name'].'_list.lng';
+ if(!file_exists($lng_file)) $lng_file = 'lib/lang/en_'.$this->listDef['name'].'_list.lng';
+ include($lng_file);
+
+ $this->wordbook = $wb;
+
return true;
}
@@ -112,7 +114,7 @@
$record = array();
$values = $app->$datasource_class->$datasource_function($field, $record);
} else {
- $this->errorMessage .= "Custom datasource class or function is empty<br>\r\n";
+ $this->errorMessage .= "Custom datasource class or function is empty<br />\r\n";
}
}
return $values;
@@ -131,8 +133,11 @@
$field = $i['field'];
//*TODO: comment = hat sich die suche ge�ndert
- if(isset($_REQUEST[$search_prefix.$field]) and $_REQUEST[$search_prefix.$field] != $_SESSION['search'][$list_name][$search_prefix.$field]){
+ if(isset($_REQUEST[$search_prefix.$field]) && isset($_SESSION['search'][$list_name][$search_prefix.$field]) && $_REQUEST[$search_prefix.$field] != $_SESSION['search'][$list_name][$search_prefix.$field]){
$this->searchChanged = 1;
+
+ //* Jump back to page 1 of the list when search has changed.
+ $_SESSION['search'][$list_name]['page'] = 0;
}
//* Store field in session
@@ -155,7 +160,7 @@
$this->searchValues[$search_prefix.$field] = $out;
} else {
if(isset($_SESSION['search'][$list_name][$search_prefix.$field])){
- $this->searchValues[$search_prefix.$field] = $_SESSION['search'][$list_name][$search_prefix.$field];
+ $this->searchValues[$search_prefix.$field] = htmlspecialchars($_SESSION['search'][$list_name][$search_prefix.$field]);
}
}
}
@@ -222,20 +227,20 @@
{
global $app;
$content = '<a href="'."javascript:loadContent('".$vars['list_file'].'?page=0'.$vars['page_params']."');".'">'
- .'<img src="themes/grey/images/btn_left.png" border="0"></a> ';
+ .'<img src="themes/'.$_SESSION['s']['theme'].'/icons/x16/arrow_stop_180.png"></a> ';
//* Show Back
if(isset($vars['show_page_back']) && $vars['show_page_back'] == 1){
$content .= '<a href="'."javascript:loadContent('".$vars['list_file'].'?page='.$vars['last_page'].$vars['page_params']."');".'">'
- .'<img src="themes/grey/images/btn_back.png" border="0"></a> ';
+ .'<img src="themes/'.$_SESSION['s']['theme'].'/icons/x16/arrow_180.png"></a> ';
}
- $content .= ' '.$app->lng('Page').' '.$vars['next_page'].' '.$app->lng('of').' '.$vars['max_pages'].' ';
+ $content .= ' '.$this->lng('page_txt').' '.$vars['next_page'].' '.$this->lng('page_of_txt').' '.$vars['max_pages'].' ';
//* Show Next
if(isset($vars['show_page_next']) && $vars['show_page_next'] == 1){
$content .= '<a href="'."javascript:loadContent('".$vars['list_file'].'?page='.$vars['next_page'].$vars['page_params']."');".'">'
- .'<img src="themes/grey/images/btn_next.png" border="0"></a> ';
+ .'<img src="themes/'.$_SESSION['s']['theme'].'/icons/x16/arrow.png"></a> ';
}
$content .= '<a href="'."javascript:loadContent('".$vars['list_file'].'?page='.$vars['pages'].$vars['page_params']."');".'">'
- .'<img src="themes/grey/images/btn_right.png" border="0"></a>';
+ .'<img src="themes/'.$_SESSION['s']['theme'].'/icons/x16/arrow_stop.png"></a>';
return $content;
}
@@ -244,11 +249,11 @@
global $app;
$content = '[<a href="'.$vars['list_file'].'?page=0'.$vars['page_params'].'">|<< </a>]';
if($vars['show_page_back'] == 1){
- $content .= '[<< <a href="'.$vars['list_file'].'?page='.$vars['last_page'].$vars['page_params'].'">'.$app->lng('Back').'</a>] ';
+ $content .= '[<< <a href="'.$vars['list_file'].'?page='.$vars['last_page'].$vars['page_params'].'">'.$app->lng('page_back_txt').'</a>] ';
}
- $content .= ' '.$app->lng('Page').' '.$vars['next_page'].' '.$app->lng('of').' '.$vars['max_pages'].' ';
+ $content .= ' '.$this->lng('page_txt').' '.$vars['next_page'].' '.$this->lng('page_of_txt').' '.$vars['max_pages'].' ';
if($vars['show_page_next'] == 1){
- $content .= '[<a href="'.$vars['list_file'].'?page='.$vars['next_page'].$vars['page_params'].'">'.$app->lng('Next').' >></a>] ';
+ $content .= '[<a href="'.$vars['list_file'].'?page='.$vars['next_page'].$vars['page_params'].'">'.$app->lng('page_next_txt').' >></a>] ';
}
$content .= '[<a href="'.$vars['list_file'].'?page='.$vars['pages'].$vars['page_params'].'"> >>|</a>]';
return $content;
@@ -265,18 +270,47 @@
public function decode($record)
{
+ global $conf;
if(is_array($record)) {
foreach($this->listDef['item'] as $field){
$key = $field['field'];
- switch ($field['datatype']){
-
+ if(isset($record[$key])) {
+ switch ($field['datatype']){
case 'VARCHAR':
case 'TEXT':
- $record[$key] = stripslashes($record[$key]);
+ $record[$key] = htmlentities(stripslashes($record[$key]),ENT_QUOTES,$conf["html_content_encoding"]);
break;
- case 'DATE':
- $record[$key] = ($record[$key] > 0) ? date($this->dateformat,$record[$key]) : '';
+ case 'DATETSTAMP':
+ if ($record[$key] > 0) {
+ // is value int?
+ if (ereg("^[0-9]+[.]?[0-9]*$", $record[$key], $p)) {
+ $record[$key] = date($this->lng('conf_format_dateshort'), $record[$key]);
+ } else {
+ $record[$key] = date($this->lng('conf_format_dateshort'), strtotime($record[$key]));
+ }
+ }
+ break;
+ case 'DATE':
+ if ($record[$key] > 0) {
+ // is value int?
+ if (ereg("^[0-9]+[.]?[0-9]*$", $record[$key], $p)) {
+ $record[$key] = date($this->lng('conf_format_dateshort'), $record[$key]);
+ } else {
+ $record[$key] = date($this->lng('conf_format_dateshort'), strtotime($record[$key]));
+ }
+ }
+ break;
+
+ case 'DATETIME':
+ if ($record[$key] > 0) {
+ // is value int?
+ if (ereg("^[0-9]+[.]?[0-9]*$", $record[$key], $p)) {
+ $record[$key] = date($this->lng('conf_format_datetime'), $record[$key]);
+ } else {
+ $record[$key] = date($this->lng('conf_format_datetime'), strtotime($record[$key]));
+ }
+ }
break;
case 'INTEGER':
@@ -284,7 +318,7 @@
break;
case 'DOUBLE':
- $record[$key] = $record[$key];
+ $record[$key] = htmlentities($record[$key],ENT_QUOTES,$conf["html_content_encoding"]);
break;
case 'CURRENCY':
@@ -292,8 +326,9 @@
break;
default:
- $record[$key] = stripslashes($record[$key]);
- }
+ $record[$key] = htmlentities(stripslashes($record[$key]),ENT_QUOTES,$conf["html_content_encoding"]);
+ }
+ }
}
}
return $record;
@@ -309,16 +344,27 @@
case 'VARCHAR':
case 'TEXT':
if(!is_array($record[$key])) {
- $record[$key] = addslashes($record[$key]);
+ $record[$key] = mysql_real_escape_string($record[$key]);
} else {
$record[$key] = implode($this->tableDef[$key]['separator'],$record[$key]);
}
break;
- case 'DATE':
+ case 'DATETSTAMP':
if($record[$key] > 0) {
- list($tag,$monat,$jahr) = explode('.',$record[$key]);
- $record[$key] = mktime(0,0,0,$monat,$tag,$jahr);
+ $record[$key] = date('Y-m-d',strtotime($record[$key]));
+ }
+ break;
+
+ case 'DATE':
+ if($record[$key] != '' && $record[$key] != '0000-00-00') {
+ $record[$key] = $record[$key];
+ }
+ break;
+
+ case 'DATETIME':
+ if($record[$key] > 0) {
+ $record[$key] = date('Y-m-d H:i:s',strtotime($record[$key]));
}
break;
@@ -327,7 +373,7 @@
break;
case 'DOUBLE':
- $record[$key] = addslashes($record[$key]);
+ $record[$key] = mysql_real_escape_string($record[$key]);
break;
case 'CURRENCY':
@@ -338,6 +384,30 @@
}
return $record;
}
+
+ function lng($msg) {
+ global $app;
+
+ if(isset($this->wordbook[$msg])) {
+ return $this->wordbook[$msg];
+ } else {
+ return $app->lng($msg);
+ }
+ }
+
+ function escapeArrayValues($search_values) {
+ global $conf;
+
+ $out = array();
+ if(is_array($search_values)) {
+ foreach($search_values as $key => $val) {
+ $out[$key] = htmlentities($val,ENT_QUOTES,$conf["html_content_encoding"]);
+ }
+ }
+
+ return $out;
+
+ }
}
--
Gitblit v1.9.1