X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=functions%2Foptions.php;h=99e26ba057e42d24dc85481c671ee1326074f10d;hp=965174c0cc9bcdffa0f6d5993b33ad195c261af3;hb=353d074afac6827c90f4bb03e846c5e453d3b5b1;hpb=701e7beed3baca980039f978c6d536dd91cae775

diff --git a/functions/options.php b/functions/options.php
index 965174c0..99e26ba0 100644
--- a/functions/options.php
+++ b/functions/options.php
@@ -5,7 +5,7 @@
  *
  * Functions needed to display the options pages.
  *
- * @copyright 1999-2014 The SquirrelMail Project Team
+ * @copyright 1999-2018 The SquirrelMail Project Team
  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package squirrelmail
@@ -69,6 +69,21 @@ class SquirrelOption {
      * @var string
      */
     var $trailing_text;
+    /**
+     * Indicates that the widget's "trailing text"
+     * should be displayed in a smaller sized font
+     *
+     * @var boolean
+     */
+    var $trailing_text_small;
+    /**
+     * Indicates that the widget's "trailing text"
+     * contains HTML and should not thus be
+     * sanitized (encoded)
+     *
+     * @var boolean
+     */
+    var $trailing_text_is_html;
     /**
      * Text that overrides the "Yes" label for boolean 
      * radio option widgets
@@ -182,7 +197,7 @@ class SquirrelOption {
     var $folder_filter='noselect';
 
     /**
-     * Constructor function
+     * Constructor (PHP5 style, required in some future version of PHP)
      * @param array $raw_option_array
      * @param string $name
      * @param string $caption
@@ -192,7 +207,7 @@ class SquirrelOption {
      * @param array $possible_values
      * @param bool $htmlencoded
      */
-    function SquirrelOption
+    function __construct
     ($raw_option_array, $name, $caption, $type, $refresh_level, $initial_value = '', $possible_values = '', $htmlencoded = false) {
         /* Set the basic stuff. */
         $this->raw_option_array = $raw_option_array;
@@ -205,6 +220,8 @@ class SquirrelOption {
         $this->htmlencoded = $htmlencoded;
         $this->size = SMOPT_SIZE_NORMAL;
         $this->trailing_text = '';
+        $this->trailing_text_small = FALSE;
+        $this->trailing_text_is_html = FALSE;
         $this->yes_text = '';
         $this->no_text = '';
         $this->comment = '';
@@ -218,6 +235,8 @@ class SquirrelOption {
         //Check for a current value.  
         if (isset($GLOBALS[$name])) {
             $this->value = $GLOBALS[$name];
+        // TODO: This code should be something more like the following, but who knows what would break if it was changed at this point
+        // } else if (initial_value !== '') {
         } else if (!empty($initial_value)) {
             $this->value = $initial_value;
         } else {
@@ -239,6 +258,22 @@ class SquirrelOption {
         }
     }
 
+    /**
+     * Constructor (PHP4 style, kept for compatibility reasons)
+     * @param array $raw_option_array
+     * @param string $name
+     * @param string $caption
+     * @param integer $type
+     * @param integer $refresh_level
+     * @param mixed $initial_value
+     * @param array $possible_values
+     * @param bool $htmlencoded
+     */
+    function SquirrelOption
+    ($raw_option_array, $name, $caption, $type, $refresh_level, $initial_value = '', $possible_values = '', $htmlencoded = false) {
+        self::__construct($raw_option_array, $name, $caption, $type, $refresh_level, $initial_value, $possible_values, $htmlencoded);
+    }
+
     /** Convenience function that identifies which types of
         widgets are stored as (serialized) array values. */
     function is_multiple_valued() {
@@ -288,6 +323,22 @@ class SquirrelOption {
         $this->trailing_text = $trailing_text;
     }
 
+    /**
+     * Set the trailing_text_small for this option.
+     * @param boolean $trailing_text_small
+     */
+    function setTrailingTextSmall($trailing_text_small) {
+        $this->trailing_text_small = $trailing_text_small;
+    }
+
+    /**
+     * Set the trailing_text_is_html for this option.
+     * @param boolean $trailing_text_is_html
+     */
+    function setTrailingTextIsHtml($trailing_text_is_html) {
+        $this->trailing_text_is_html = $trailing_text_is_html;
+    }
+
     /**
      * Set the yes_text for this option.
      * @param string $yes_text
@@ -469,7 +520,9 @@ class SquirrelOption {
      * @return string html formated output
      */
     function createWidget_Info() {
-        return sq_htmlspecialchars($this->value);
+        // return sq_htmlspecialchars($this->value);
+        // like COMMENT, allow HTML here
+        return $this->value;
     }
 
     /**
@@ -501,11 +554,11 @@ class SquirrelOption {
                 $width = 25;
         }
 
-//TODO: might be better to have a separate template file for all widgets, because then the layout of the widget and the "trailing text" can be customized - they are still hard coded here
+//TODO: might be better to have a separate template file for all widgets, because then the layout of the widget and the "trailing text" can be customized - they are still hard coded here (also, we have <small> tags here; don't want HTML here!)
         if ($password)
-            return addPwField('new_' . $this->name, $this->value, $width, 0, $this->aExtraAttribs) . ' ' . sm_encode_html_special_chars($this->trailing_text);
+            return addPwField('new_' . $this->name, $this->value, $width, 0, $this->aExtraAttribs) . ' ' . ($this->trailing_text_small ? '<small>' : '') . ($this->trailing_text_is_html ? $this->trailing_text : sm_encode_html_special_chars($this->trailing_text)) . ($this->trailing_text_small ? '</small>' : '');
         else
-            return addInput('new_' . $this->name, $this->value, $width, 0, $this->aExtraAttribs) . ' ' . sm_encode_html_special_chars($this->trailing_text);
+            return addInput('new_' . $this->name, $this->value, $width, 0, $this->aExtraAttribs) . ' ' . ($this->trailing_text_small ? '<small>' : '') . ($this->trailing_text_is_html ? $this->trailing_text : sm_encode_html_special_chars($this->trailing_text)) . ($this->trailing_text_small ? '</small>' : '');
     }
 
     /**
@@ -575,7 +628,7 @@ class SquirrelOption {
                 $height = 5;
         }
 
-        return addSelect('new_' . $this->name, $this->possible_values, $this->value, TRUE, $this->aExtraAttribs, $multiple_select, $height, !$this->htmlencoded) . sm_encode_html_special_chars($this->trailing_text);
+        return addSelect('new_' . $this->name, $this->possible_values, $this->value, TRUE, $this->aExtraAttribs, $multiple_select, $height, !$this->htmlencoded) . ($this->trailing_text_small ? '<small>' : '') . ($this->trailing_text_is_html ? $this->trailing_text : sm_encode_html_special_chars($this->trailing_text)) . ($this->trailing_text_small ? '</small>' : '');
 
     }
 
@@ -633,7 +686,7 @@ class SquirrelOption {
             $option_list = array('ignore' => _("unavailable"));
 
 
-        return addSelect('new_' . $this->name, $option_list, $this->value, TRUE, $this->aExtraAttribs, $multiple_select, $height) . sm_encode_html_special_chars($this->trailing_text);
+        return addSelect('new_' . $this->name, $option_list, $this->value, TRUE, $this->aExtraAttribs, $multiple_select, $height) . ($this->trailing_text_small ? '<small>' : '') . ($this->trailing_text_is_html ? $this->trailing_text : sm_encode_html_special_chars($this->trailing_text)) . ($this->trailing_text_small ? '</small>' : '');
 
     }
 
@@ -714,7 +767,8 @@ class SquirrelOption {
         // checkbox...
         //
         if ($checkbox) {
-            $result = addCheckbox('new_' . $this->name, ($this->value != SMPREF_NO), SMPREF_YES, array_merge(array('id' => 'new_' . $this->name), $this->aExtraAttribs)) . $nbsp . create_label($this->trailing_text, 'new_' . $this->name);
+//TODO: Why isn't trailing_text being sanitized with sm_encode_special_chars()???  If this is a bug, add that, then add the option to display unsanitized if $this->trailing_text_is_html is enabled
+            $result = addCheckbox('new_' . $this->name, ($this->value != SMPREF_NO), SMPREF_YES, array_merge(array('id' => 'new_' . $this->name), $this->aExtraAttribs)) . $nbsp . create_label(($this->trailing_text_small ? '<small>' : '') . $this->trailing_text . ($this->trailing_text_small ? '</small>' : ''), 'new_' . $this->name);
         }
 
         // radio buttons...
@@ -728,7 +782,7 @@ class SquirrelOption {
             $no_option = addRadioBox('new_' . $this->name, ($this->value == SMPREF_NO), SMPREF_NO, array_merge(array('id' => 'new_' . $this->name . '_no'), $this->aExtraAttribs)) . $nbsp . create_label((!empty($this->no_text) ? $this->no_text : _("No")), 'new_' . $this->name . '_no');
 
             /* Build the combined "boolean widget". */
-            $result = "$yes_option$nbsp$nbsp$nbsp$nbsp$no_option";
+            $result = "$yes_option$nbsp$nbsp$nbsp$nbsp$no_option " . ($this->trailing_text_small ? '<small>' : '') . ($this->trailing_text_is_html ? $this->trailing_text : sm_encode_html_special_chars($this->trailing_text)) . ($this->trailing_text_small ? '</small>' : '');
 
         }
 
@@ -796,6 +850,8 @@ class SquirrelOption {
         $oTemplate->assign('use_delete_widget', $this->use_delete_widget);
 
         $oTemplate->assign('trailing_text', $this->trailing_text);
+        $oTemplate->assign('trailing_text_small', $this->trailing_text_small);
+        $oTemplate->assign('trailing_text_is_html', $this->trailing_text_is_html);
         $oTemplate->assign('possible_values', $this->possible_values);
         $oTemplate->assign('current_value', $this->value);
         $oTemplate->assign('select_widget', addSelect('new_' . $this->name, $this->possible_values, $this->value, FALSE, !checkForJavascript() ? $this->aExtraAttribs : array_merge(array('onchange' => 'if (typeof(window.addinput_' . $this->name . ') == \'undefined\') { var f = document.forms.length; var i = 0; var pos = -1; while( pos == -1 && i < f ) { var e = document.forms[i].elements.length; var j = 0; while( pos == -1 && j < e ) { if ( document.forms[i].elements[j].type == \'text\' && document.forms[i].elements[j].name == \'add_' . $this->name . '\' ) { pos = j; i=f-1; j=e-1; } j++; } i++; } if( pos >= 0 ) { window.addinput_' . $this->name . ' = document.forms[i-1].elements[pos]; } } for (x = 0; x < this.length; x++) { if (this.options[x].selected) { window.addinput_' . $this->name . '.value = this.options[x].text; break; } }'), $this->aExtraAttribs), TRUE, $height));
@@ -876,6 +932,8 @@ class SquirrelOption {
         $oTemplate->assign('aAttribs', $this->aExtraAttribs);
 
         $oTemplate->assign('trailing_text', $this->trailing_text);
+        $oTemplate->assign('trailing_text_small', $this->trailing_text_small);
+        $oTemplate->assign('trailing_text_is_html', $this->trailing_text_is_html);
 
         switch ($this->layout_type) {
             case SMOPT_EDIT_LIST_LAYOUT_SELECT:
@@ -896,7 +954,7 @@ class SquirrelOption {
      */
     function createWidget_Submit() {
 
-        return addSubmit($this->comment, $this->name, $this->aExtraAttribs) . sm_encode_html_special_chars($this->trailing_text);
+        return addSubmit($this->comment, $this->name, $this->aExtraAttribs) . ($this->trailing_text_small ? '<small>' : '') . ($this->trailing_text_is_html ? $this->trailing_text : sm_encode_html_special_chars($this->trailing_text)) . ($this->trailing_text_small ? '</small>' : '');
 
     }
 
@@ -1140,6 +1198,16 @@ function create_option_groups($optgrps, $optvals) {
                 $next_option->setTrailingText($optset['trailing_text']);
             }
 
+            /* If provided, set the trailing_text_small for this option. */
+            if (isset($optset['trailing_text_small'])) {
+                $next_option->setTrailingTextSmall($optset['trailing_text_small']);
+            }
+
+            /* If provided, set the trailing_text_is_html for this option. */
+            if (isset($optset['trailing_text_is_html'])) {
+                $next_option->setTrailingTextIsHtml($optset['trailing_text_is_html']);
+            }
+
             /* If provided, set the yes_text for this option. */
             if (isset($optset['yes_text'])) {
                 $next_option->setYesText($optset['yes_text']);