X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=functions%2Foptions.php;h=997c5a48fdde8ba0e86a8065f173ab86ed516583;hp=84b8b9ae0e2d29573bd2925bf4bb8d90291bbd10;hb=6881bcbd08b766c0f234b0207279f2fcd0b34aa1;hpb=54d2374216321d61b5b1f4a87ec66cf3c5b60e2c diff --git a/functions/options.php b/functions/options.php index 84b8b9ae..997c5a48 100644 --- a/functions/options.php +++ b/functions/options.php @@ -5,7 +5,7 @@ * * Functions needed to display the options pages. * - * @copyright © 1999-2007 The SquirrelMail Project Team + * @copyright 1999-2017 The SquirrelMail Project Team * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ * @package squirrelmail @@ -34,6 +34,11 @@ class SquirrelOption { * @var string */ var $caption; + /** + * Whether or not the caption text is allowed to wrap + * @var boolean + */ + var $caption_wrap; /** * The type of INPUT element * @@ -64,6 +69,21 @@ class SquirrelOption { * @var string */ var $trailing_text; + /** + * Indicates that the widget's "trailing text" + * should be displayed in a smaller sized font + * + * @var boolean + */ + var $trailing_text_small; + /** + * Indicates that the widget's "trailing text" + * contains HTML and should not thus be + * sanitized (encoded) + * + * @var boolean + */ + var $trailing_text_is_html; /** * Text that overrides the "Yes" label for boolean * radio option widgets @@ -98,6 +118,19 @@ class SquirrelOption { * @var boolean */ var $use_delete_widget; + /** + * associative array, treated the same as $possible_values + * (see its documentation below), but usually expected to + * have its first value contain a list of IMAP folders, an + * array itself in the format as passed back by + * sqimap_mailbox_list(). Used to display folder selector + * for possible values of an associative edit list option + * widget + * + * @since 1.5.2 + * @var array + */ + var $poss_value_folders; /** * text displayed to the user * @@ -153,7 +186,10 @@ class SquirrelOption { var $htmlencoded=false; /** * Controls folder list limits in SMOPT_TYPE_FLDRLIST and - * SMOPT_TYPE_FLDRLIST_MULTI widgets. + * SMOPT_TYPE_FLDRLIST_MULTI widgets as well as the optional + * embedded folder lists provided for inputting values for + * the SMOPT_TYPE_EDIT_LIST and SMOPT_TYPE_EDIT_LIST_ASSOCIATIVE + * :idgets. * See $flag argument in sqimap_mailbox_option_list() function. * @var string * @since 1.5.1 @@ -161,7 +197,7 @@ class SquirrelOption { var $folder_filter='noselect'; /** - * Constructor function + * Constructor (PHP5 style, required in some future version of PHP) * @param array $raw_option_array * @param string $name * @param string $caption @@ -171,24 +207,28 @@ class SquirrelOption { * @param array $possible_values * @param bool $htmlencoded */ - function SquirrelOption + function __construct ($raw_option_array, $name, $caption, $type, $refresh_level, $initial_value = '', $possible_values = '', $htmlencoded = false) { /* Set the basic stuff. */ $this->raw_option_array = $raw_option_array; $this->name = $name; $this->caption = $caption; + $this->caption_wrap = TRUE; $this->type = $type; $this->refresh_level = $refresh_level; $this->possible_values = $possible_values; $this->htmlencoded = $htmlencoded; $this->size = SMOPT_SIZE_NORMAL; $this->trailing_text = ''; + $this->trailing_text_small = FALSE; + $this->trailing_text_is_html = FALSE; $this->yes_text = ''; $this->no_text = ''; $this->comment = ''; $this->layout_type = 0; $this->use_add_widget = TRUE; $this->use_delete_widget = TRUE; + $this->poss_value_folders = ''; $this->aExtraAttribs = array(); $this->post_script = ''; @@ -207,19 +247,38 @@ class SquirrelOption { } /* Set the default save function. */ - if (($type != SMOPT_TYPE_HIDDEN) && ($type != SMOPT_TYPE_COMMENT)) { + if ($type != SMOPT_TYPE_HIDDEN + && $type != SMOPT_TYPE_INFO + && $type != SMOPT_TYPE_COMMENT) { $this->save_function = SMOPT_SAVE_DEFAULT; } else { $this->save_function = SMOPT_SAVE_NOOP; } } + /** + * Constructor (PHP4 style, kept for compatibility reasons) + * @param array $raw_option_array + * @param string $name + * @param string $caption + * @param integer $type + * @param integer $refresh_level + * @param mixed $initial_value + * @param array $possible_values + * @param bool $htmlencoded + */ + function SquirrelOption + ($raw_option_array, $name, $caption, $type, $refresh_level, $initial_value = '', $possible_values = '', $htmlencoded = false) { + self::__construct($raw_option_array, $name, $caption, $type, $refresh_level, $initial_value, $possible_values, $htmlencoded); + } + /** Convenience function that identifies which types of widgets are stored as (serialized) array values. */ function is_multiple_valued() { return ($this->type == SMOPT_TYPE_FLDRLIST_MULTI || $this->type == SMOPT_TYPE_STRLIST_MULTI - || $this->type == SMOPT_TYPE_EDIT_LIST); + || $this->type == SMOPT_TYPE_EDIT_LIST + || $this->type == SMOPT_TYPE_EDIT_LIST_ASSOCIATIVE); } /** @@ -238,6 +297,14 @@ class SquirrelOption { $this->new_value = $new_value; } + /** + * Set whether the caption is allowed to wrap for this option. + * @param boolean $caption_wrap + */ + function setCaptionWrap($caption_wrap) { + $this->caption_wrap = $caption_wrap; + } + /** * Set the size for this option. * @param integer $size @@ -254,6 +321,22 @@ class SquirrelOption { $this->trailing_text = $trailing_text; } + /** + * Set the trailing_text_small for this option. + * @param boolean $trailing_text_small + */ + function setTrailingTextSmall($trailing_text_small) { + $this->trailing_text_small = $trailing_text_small; + } + + /** + * Set the trailing_text_is_html for this option. + * @param boolean $trailing_text_is_html + */ + function setTrailingTextIsHtml($trailing_text_is_html) { + $this->trailing_text_is_html = $trailing_text_is_html; + } + /** * Set the yes_text for this option. * @param string $yes_text @@ -280,6 +363,13 @@ class SquirrelOption { $this->use_delete_widget = $use_delete_widget; } + /* Set the "poss value folders" value for this option. + See the associative edit list widget, which uses this + to offer folder list selection for the values */ + function setPossValueFolders($poss_value_folders) { + $this->poss_value_folders = $poss_value_folders; + } + /** * Set the layout type for this option. * @param int $layout_type @@ -348,6 +438,9 @@ class SquirrelOption { /* Get the widget for this option type. */ switch ($this->type) { + case SMOPT_TYPE_PASSWORD: + $result = $this->createWidget_String(TRUE); + break; case SMOPT_TYPE_STRING: $result = $this->createWidget_String(); break; @@ -387,6 +480,9 @@ class SquirrelOption { case SMOPT_TYPE_EDIT_LIST: $result = $this->createWidget_EditList(); break; + case SMOPT_TYPE_EDIT_LIST_ASSOCIATIVE: + $result = $this->createWidget_EditListAssociative(); + break; case SMOPT_TYPE_STRLIST_MULTI: $result = $this->createWidget_StrList(TRUE); break; @@ -396,6 +492,9 @@ class SquirrelOption { case SMOPT_TYPE_SUBMIT: $result = $this->createWidget_Submit(); break; + case SMOPT_TYPE_INFO: + $result = $this->createWidget_Info(); + break; default: error_box ( sprintf(_("Option Type '%s' Not Found"), $this->type) @@ -414,11 +513,27 @@ class SquirrelOption { return $result; } + /** + * Creates info block + * @return string html formated output + */ + function createWidget_Info() { + // return sq_htmlspecialchars($this->value); + // like COMMENT, allow HTML here + return $this->value; + } + /** * Create string field + * + * @param boolean $password When TRUE, the text in the input + * widget will be obscured (OPTIONAL; + * default = FALSE). + * * @return string html formated option field + * */ - function createWidget_String() { + function createWidget_String($password=FALSE) { switch ($this->size) { case SMOPT_SIZE_TINY: $width = 5; @@ -437,7 +552,11 @@ class SquirrelOption { $width = 25; } - return addInput('new_' . $this->name, $this->value, $width, 0, $this->aExtraAttribs) . htmlspecialchars($this->trailing_text); +//TODO: might be better to have a separate template file for all widgets, because then the layout of the widget and the "trailing text" can be customized - they are still hard coded here (also, we have tags here; don't want HTML here!) + if ($password) + return addPwField('new_' . $this->name, $this->value, $width, 0, $this->aExtraAttribs) . ' ' . ($this->trailing_text_small ? '' : '') . ($this->trailing_text_is_html ? $this->trailing_text : sm_encode_html_special_chars($this->trailing_text)) . ($this->trailing_text_small ? '' : ''); + else + return addInput('new_' . $this->name, $this->value, $width, 0, $this->aExtraAttribs) . ' ' . ($this->trailing_text_small ? '' : '') . ($this->trailing_text_is_html ? $this->trailing_text : sm_encode_html_special_chars($this->trailing_text)) . ($this->trailing_text_small ? '' : ''); } /** @@ -507,7 +626,7 @@ class SquirrelOption { $height = 5; } - return addSelect('new_' . $this->name, $this->possible_values, $this->value, TRUE, $this->aExtraAttribs, $multiple_select, $height, !$this->htmlencoded) . htmlspecialchars($this->trailing_text); + return addSelect('new_' . $this->name, $this->possible_values, $this->value, TRUE, $this->aExtraAttribs, $multiple_select, $height, !$this->htmlencoded) . ($this->trailing_text_small ? '' : '') . ($this->trailing_text_is_html ? $this->trailing_text : sm_encode_html_special_chars($this->trailing_text)) . ($this->trailing_text_small ? '' : ''); } @@ -565,7 +684,7 @@ class SquirrelOption { $option_list = array('ignore' => _("unavailable")); - return addSelect('new_' . $this->name, $option_list, $this->value, TRUE, $this->aExtraAttribs, $multiple_select, $height) . htmlspecialchars($this->trailing_text); + return addSelect('new_' . $this->name, $option_list, $this->value, TRUE, $this->aExtraAttribs, $multiple_select, $height) . ($this->trailing_text_small ? '' : '') . ($this->trailing_text_is_html ? $this->trailing_text : sm_encode_html_special_chars($this->trailing_text)) . ($this->trailing_text_small ? '' : ''); } @@ -646,7 +765,8 @@ class SquirrelOption { // checkbox... // if ($checkbox) { - $result = addCheckbox('new_' . $this->name, ($this->value != SMPREF_NO), SMPREF_YES, array_merge(array('id' => 'new_' . $this->name), $this->aExtraAttribs)) . $nbsp . create_label($this->trailing_text, 'new_' . $this->name); +//TODO: Why isn't trailing_text being sanitized with sm_encode_special_chars()??? If this is a bug, add that, then add the option to display unsanitized if $this->trailing_text_is_html is enabled + $result = addCheckbox('new_' . $this->name, ($this->value != SMPREF_NO), SMPREF_YES, array_merge(array('id' => 'new_' . $this->name), $this->aExtraAttribs)) . $nbsp . create_label(($this->trailing_text_small ? '' : '') . $this->trailing_text . ($this->trailing_text_small ? '' : ''), 'new_' . $this->name); } // radio buttons... @@ -685,7 +805,7 @@ class SquirrelOption { } /** - * Creates an edit list + * Creates a (non-associative) edit list * * Note that multiple layout types are supported for this widget. * $this->layout_type must be one of the SMOPT_EDIT_LIST_LAYOUT_* @@ -728,8 +848,12 @@ class SquirrelOption { $oTemplate->assign('use_delete_widget', $this->use_delete_widget); $oTemplate->assign('trailing_text', $this->trailing_text); + $oTemplate->assign('trailing_text_small', $this->trailing_text_small); + $oTemplate->assign('trailing_text_is_html', $this->trailing_text_is_html); $oTemplate->assign('possible_values', $this->possible_values); - $oTemplate->assign('select_widget', addSelect('new_' . $this->name, $this->possible_values, $this->value, FALSE, !checkForJavascript() ? $this->aExtraAttribs : array_merge(array('onchange' => 'if (typeof(window.addinput_' . $this->name . ') == \'undefined\') { var f = document.forms.length; var i = 0; var pos = -1; while( pos == -1 && i < f ) { var e = document.forms[i].elements.length; var j = 0; while( pos == -1 && j < e ) { if ( document.forms[i].elements[j].type == \'text\' && document.forms[i].elements[j].name == \'add_' . $this->name . '\' ) { pos = j; } j++; } i++; } if( pos >= 0 ) { window.addinput_' . $this->name . ' = document.forms[i-1].elements[pos]; } } for (x = 0; x < this.length; x++) { if (this.options[x].selected) { window.addinput_' . $this->name . '.value = this.options[x].value; break; } }'), $this->aExtraAttribs), TRUE, $height)); + $oTemplate->assign('current_value', $this->value); + $oTemplate->assign('select_widget', addSelect('new_' . $this->name, $this->possible_values, $this->value, FALSE, !checkForJavascript() ? $this->aExtraAttribs : array_merge(array('onchange' => 'if (typeof(window.addinput_' . $this->name . ') == \'undefined\') { var f = document.forms.length; var i = 0; var pos = -1; while( pos == -1 && i < f ) { var e = document.forms[i].elements.length; var j = 0; while( pos == -1 && j < e ) { if ( document.forms[i].elements[j].type == \'text\' && document.forms[i].elements[j].name == \'add_' . $this->name . '\' ) { pos = j; i=f-1; j=e-1; } j++; } i++; } if( pos >= 0 ) { window.addinput_' . $this->name . ' = document.forms[i-1].elements[pos]; } } for (x = 0; x < this.length; x++) { if (this.options[x].selected) { window.addinput_' . $this->name . '.value = this.options[x].text; break; } }'), $this->aExtraAttribs), TRUE, $height)); +// NOTE: i=f-1; j=e-1 is in lieu of break 2 $oTemplate->assign('checkbox_widget', addCheckBox('delete_' . $this->name, FALSE, SMPREF_YES, array_merge(array('id' => 'delete_' . $this->name), $this->aExtraAttribs))); $oTemplate->assign('name', $this->name); @@ -739,7 +863,83 @@ class SquirrelOption { case SMOPT_EDIT_LIST_LAYOUT_LIST: return $oTemplate->fetch('edit_list_widget_list_style.tpl'); default: - error_box(sprintf(_("Edit List Layout Type '%s' Not Found"), $layout_type)); + error_box(sprintf(_("Edit List Layout Type '%s' Not Found"), $this->layout_type)); + } + + } + + /** + * Creates an associative edit list + * + * Note that multiple layout types are supported for this widget. + * $this->layout_type must be one of the SMOPT_EDIT_LIST_LAYOUT_* + * constants. + * + * @return string html formated list of edit fields and + * their associated controls + */ + function createWidget_EditListAssociative() { + + global $oTemplate; + + switch ($this->size) { + case SMOPT_SIZE_TINY: + $height = 3; + break; + case SMOPT_SIZE_SMALL: + $height = 8; + break; + case SMOPT_SIZE_MEDIUM: + $height = 15; + break; + case SMOPT_SIZE_LARGE: + $height = 25; + break; + case SMOPT_SIZE_HUGE: + $height = 40; + break; + case SMOPT_SIZE_NORMAL: + default: + $height = 5; + } + + + // ensure correct format of current value(s) + // + if (empty($this->possible_values)) $this->possible_values = array(); + if (!is_array($this->possible_values)) $this->possible_values = array($this->possible_values); + + + $oTemplate->assign('name', $this->name); + $oTemplate->assign('current_value', $this->value); + $oTemplate->assign('possible_values', $this->possible_values); + $oTemplate->assign('poss_value_folders', $this->poss_value_folders); + $oTemplate->assign('folder_filter', $this->folder_filter); + + $oTemplate->assign('use_input_widget', $this->use_add_widget); + $oTemplate->assign('use_delete_widget', $this->use_delete_widget); + + $oTemplate->assign('checkbox_widget', addCheckBox('delete_' . $this->name, FALSE, SMPREF_YES, array_merge(array('id' => 'delete_' . $this->name), $this->aExtraAttribs))); + +//FIXME: $this->aExtraAttribs probably should only be used in one place + $oTemplate->assign('input_key_widget', addInput('add_' . $this->name . '_key', '', 22, 0, $this->aExtraAttribs)); + $oTemplate->assign('input_value_widget', addInput('add_' . $this->name . '_value', '', 12, 0, $this->aExtraAttribs)); + + $oTemplate->assign('select_height', $height); + + $oTemplate->assign('aAttribs', $this->aExtraAttribs); + + $oTemplate->assign('trailing_text', $this->trailing_text); + $oTemplate->assign('trailing_text_small', $this->trailing_text_small); + $oTemplate->assign('trailing_text_is_html', $this->trailing_text_is_html); + + switch ($this->layout_type) { + case SMOPT_EDIT_LIST_LAYOUT_SELECT: + return $oTemplate->fetch('edit_list_associative_widget.tpl'); + case SMOPT_EDIT_LIST_LAYOUT_LIST: + return $oTemplate->fetch('edit_list_associative_widget_list_style.tpl'); + default: + error_box(sprintf(_("Associative Edit List Layout Type '%s' Not Found"), $this->layout_type)); } } @@ -752,7 +952,7 @@ class SquirrelOption { */ function createWidget_Submit() { - return addSubmit($this->comment, $this->name, $this->aExtraAttribs) . htmlspecialchars($this->trailing_text); + return addSubmit($this->comment, $this->name, $this->aExtraAttribs) . ($this->trailing_text_small ? '' : '') . ($this->trailing_text_is_html ? $this->trailing_text : sm_encode_html_special_chars($this->trailing_text)) . ($this->trailing_text_small ? '' : ''); } @@ -771,7 +971,9 @@ class SquirrelOption { // edit lists have a lot going on, so we'll always process them // - if ($this->type == SMOPT_TYPE_EDIT_LIST) return TRUE; + if ($this->type == SMOPT_TYPE_EDIT_LIST + || $this->type == SMOPT_TYPE_EDIT_LIST_ASSOCIATIVE) + return TRUE; return ($this->value != $this->new_value); } @@ -791,6 +993,21 @@ function save_option($option) { return; } + // if the widget is a selection list, make sure the new + // value is actually in the selection list and is not an + // injection attack + // + if ($option->type == SMOPT_TYPE_STRLIST + && !array_key_exists($option->new_value, $option->possible_values)) + return; + + + // all other widgets except TEXTAREAs should never be allowed to have newlines + // + else if ($option->type != SMOPT_TYPE_TEXTAREA) + $option->new_value = str_replace(array("\r", "\n"), '', $option->new_value); + + global $data_dir; // edit lists: first add new elements to list, then @@ -825,6 +1042,51 @@ function save_option($option) { // setPref($data_dir, $username, $option->name, serialize($option->possible_values)); + // associative edit lists are handled similar to + // non-associative ones + // + } else if ($option->type == SMOPT_TYPE_EDIT_LIST_ASSOCIATIVE) { + + if (empty($option->possible_values)) $option->possible_values = array(); + if (!is_array($option->possible_values)) $option->possible_values = array($option->possible_values); + + // add element if given + // + $new_element_key = ''; + $new_element_value = ''; + $retrieve_key = sqGetGlobalVar('add_' . $option->name . '_key', $new_element_key, SQ_POST); + $retrieve_value = sqGetGlobalVar('add_' . $option->name . '_value', $new_element_value, SQ_POST); + + if ((isset($option->use_add_widget) && $option->use_add_widget) + && ($retrieve_key || $retrieve_value)) { + $new_element_key = trim($new_element_key); + $new_element_value = trim($new_element_value); + if ($option->poss_value_folders && empty($new_element_key)) + $new_element_value = ''; + if (!empty($new_element_key) || !empty($new_element_value)) { + if (empty($new_element_key)) $new_element_key = '0'; + $option->possible_values[$new_element_key] = $new_element_value; + } + } + + // delete selected elements if needed + // + if ((isset($option->use_delete_widget) && $option->use_delete_widget) + && is_array($option->new_value) + && sqGetGlobalVar('delete_' . $option->name, $ignore, SQ_POST)) { + + if ($option->layout_type == SMOPT_EDIT_LIST_LAYOUT_SELECT) { + foreach ($option->new_value as $key) + unset($option->possible_values[urldecode($key)]); + } + else + $option->possible_values = array_diff($option->possible_values, $option->new_value); + } + + // save full list (stored in "possible_values") + // + setPref($data_dir, $username, $option->name, serialize($option->possible_values)); + // Certain option types need to be serialized because // they are not scalar // @@ -839,6 +1101,15 @@ function save_option($option) { && empty($option->new_value)) setPref($data_dir, $username, $option->name, SMPREF_OFF); + // For integer fields, make sure we only have digits... + // We'll be nice and instead of just converting to an integer, + // we'll physically remove each non-digit in the string. + // + else if ($option->type == SMOPT_TYPE_INTEGER) { + $option->new_value = preg_replace('/[^0-9]/', '', $option->new_value); + setPref($data_dir, $username, $option->name, $option->new_value); + } + else setPref($data_dir, $username, $option->name, $option->new_value); @@ -910,6 +1181,11 @@ function create_option_groups($optgrps, $optvals) { (isset($optset['htmlencoded']) ? $optset['htmlencoded'] : false) ); + /* If provided, set if the caption is allowed to wrap for this option. */ + if (isset($optset['caption_wrap'])) { + $next_option->setCaptionWrap($optset['caption_wrap']); + } + /* If provided, set the size for this option. */ if (isset($optset['size'])) { $next_option->setSize($optset['size']); @@ -920,6 +1196,16 @@ function create_option_groups($optgrps, $optvals) { $next_option->setTrailingText($optset['trailing_text']); } + /* If provided, set the trailing_text_small for this option. */ + if (isset($optset['trailing_text_small'])) { + $next_option->setTrailingTextSmall($optset['trailing_text_small']); + } + + /* If provided, set the trailing_text_is_html for this option. */ + if (isset($optset['trailing_text_is_html'])) { + $next_option->setTrailingTextIsHtml($optset['trailing_text_is_html']); + } + /* If provided, set the yes_text for this option. */ if (isset($optset['yes_text'])) { $next_option->setYesText($optset['yes_text']); @@ -930,6 +1216,11 @@ function create_option_groups($optgrps, $optvals) { $next_option->setNoText($optset['no_text']); } + /* If provided, set the poss_value_folders value for this option. */ + if (isset($optset['poss_value_folders'])) { + $next_option->setPossValueFolders($optset['poss_value_folders']); + } + /* If provided, set the layout type for this option. */ if (isset($optset['layout_type'])) { $next_option->setLayoutType($optset['layout_type']);