[Fusionforge-commits] r13248 - in trunk/src: common/docman/actions common/include plugins/mantisbt/www
Franck VILLAUME
nerville at fusionforge.org
Tue May 10 16:18:21 CEST 2011
Author: nerville
Date: 2011-05-10 16:18:20 +0200 (Tue, 10 May 2011)
New Revision: 13248
Modified:
trunk/src/common/docman/actions/addfile.php
trunk/src/common/include/exit.php
trunk/src/common/include/utils.php
trunk/src/plugins/mantisbt/www/getAttachment.php
trunk/src/plugins/mantisbt/www/index.php
Log:
fix exit_missing_param implementation
Modified: trunk/src/common/docman/actions/addfile.php
===================================================================
--- trunk/src/common/docman/actions/addfile.php 2011-05-10 07:18:04 UTC (rev 13247)
+++ trunk/src/common/docman/actions/addfile.php 2011-05-10 14:18:20 UTC (rev 13248)
@@ -49,7 +49,7 @@
$return_msg = _('No valid Directory was selected.');
session_redirect('/docman/?group_id='.$group_id.'&error_msg='.urlencode($return_msg));
}
-
+
if (!$title || !$description || (!$uploaded_data && !$file_url && (!$editor && !$name))) {
$missing_params = array();
if (!$title)
@@ -58,14 +58,7 @@
if (!$description)
$missing_params[] = 'description';
- if (forge_get_config('use_ssl'))
- $url = "https://";
- else
- $url = "http://";
-
- $url .= forge_get_config('web_host');
-
- exit_missing_param(substr($_SERVER['HTTP_REFERER'], strlen($url)),$missing_params,'docman');
+ exit_missing_param($_SERVER['HTTP_REFERER'], $missing_params, 'docman');
}
if (empty($gfcommon)) {
@@ -123,7 +116,7 @@
$return_msg = _('Manual uploads disabled.');
session_redirect('/docman/?group_id='.$group_id.'&error_msg='.urlencode($return_msg));
}
-
+
$incoming = forge_get_config('groupdir_prefix')."/".$g->getUnixName()."/incoming";
$filename = $incoming.'/'.$manual_path;
Modified: trunk/src/common/include/exit.php
===================================================================
--- trunk/src/common/include/exit.php 2011-05-10 07:18:04 UTC (rev 13247)
+++ trunk/src/common/include/exit.php 2011-05-10 14:18:20 UTC (rev 13248)
@@ -3,7 +3,7 @@
* FusionForge : Exit functions
*
* Copyright 1999-2001 (c) VA Linux Systems
- * Copyright 2010, Franck Villaume
+ * Copyright 2010-2011, Franck Villaume - Capgemini
*
* This file is part of FusionForge.
*
@@ -28,8 +28,8 @@
* @param string Error text
* @param string toptab for navigation bar
*/
-function exit_error($text="", $toptab='') {
- global $HTML,$group_id;
+function exit_error($text = "", $toptab = '') {
+ global $HTML, $group_id;
$HTML->header(array('title'=>_('Exiting with error'), 'group'=>$group_id, 'toptab'=>$toptab));
echo $HTML->error_msg(htmlspecialchars($text));
$HTML->footer(array());
@@ -42,7 +42,7 @@
* @param string $reason_descr
* @param string toptab needed for navigation
*/
-function exit_permission_denied($reason_descr='', $toptab='') {
+function exit_permission_denied($reason_descr = '', $toptab = '') {
if(!session_loggedin()) {
exit_not_logged_in();
} else {
@@ -66,32 +66,33 @@
* @param string toptab
*/
function exit_no_group() {
- exit_error(_('Permission denied. No project was chosen, project does not exist or you can\'t access it.'),$toptab='');
+ exit_error(_('Permission denied. No project was chosen, project does not exist or you can\'t access it.'), '');
}
/**
* exit_missing_param() - Exit with missing required parameters error
*
- * @param string URL : usually $_SERVER['HTTP_REFERER'] minus forge_get_config('web_host') + forge_get_config('use_ssl')
+ * @param string URL : usually $_SERVER['HTTP_REFERER']
* @param array array of missing parameters
* @param string toptab needed for navigation
*/
-function exit_missing_param($url='', $missing_params=array(), $toptab='') {
+function exit_missing_param($url = '', $missing_params = array(), $toptab = '') {
if (!empty($missing_params)) {
$error = _('Missing required parameters : ');
foreach ($missing_params as $missing_param) {
- $error .= $missing_param.' ';
+ $error .= $missing_param.' ';
}
} else {
$error = sprintf(_('Missing required parameters.'));
}
- if (!empty($url)) {
- if (strpos($url,'?')) {
- session_redirect($url.'&error_msg='.urlencode($error));
+ $redirect_url = util_find_relative_referer($url);
+ if (!empty($redirect_url)) {
+ if (strpos($redirect_url,'?')) {
+ session_redirect($redirect_url.'&error_msg='.urlencode($error));
}
- session_redirect($url.'?error_msg='.urlencode($error));
+ session_redirect($redirect_url.'?error_msg='.urlencode($error));
} else {
- exit_error($error,$toptab);
+ exit_error($error, $toptab);
}
}
@@ -100,8 +101,8 @@
*
* @param string toptab needed for navigation
*/
-function exit_disabled($toptab='summary') {
- exit_error(_('The Site Administrator has turned off this feature.'),$toptab);
+function exit_disabled($toptab = 'summary') {
+ exit_error(_('The Site Administrator has turned off this feature.'), $toptab);
}
/**
@@ -109,8 +110,8 @@
*
* @param string toptab needed for navigation
*/
-function exit_form_double_submit($toptab='') {
- exit_error(_('You Attempted To Double-submit this item. Please avoid double-clicking.'),$toptab);
+function exit_form_double_submit($toptab = '') {
+ exit_error(_('You Attempted To Double-submit this item. Please avoid double-clicking.'), $toptab);
}
// Local Variables:
Modified: trunk/src/common/include/utils.php
===================================================================
--- trunk/src/common/include/utils.php 2011-05-10 07:18:04 UTC (rev 13247)
+++ trunk/src/common/include/utils.php 2011-05-10 14:18:20 UTC (rev 13248)
@@ -4,7 +4,7 @@
*
* Copyright 1999-2001, VA Linux Systems, Inc.
* Copyright 2009-2011, Roland Mas
- * Copyright 2009-2010, Franck Villaume - Capgemini
+ * Copyright 2009-2011, Franck Villaume - Capgemini
* Copyright 2010, Thorsten Glaser <t.glaser at tarent.de>
* Copyright 2010-2011, Alain Peyrat - Alcatel-Lucent
*
@@ -14,7 +14,7 @@
* it under the terms of the GNU General Public License as published
* by the Free Software Foundation; either version 2 of the License,
* or (at your option) any later version.
- *
+ *
* FusionForge is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
@@ -59,7 +59,7 @@
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz");
return "$"."apr1"."$".$salt."$".$tmp;
}
-
+
/**
* is_utf8($string) - utf-8 detection
*
@@ -92,11 +92,11 @@
}
/**
- * removeCRLF() - remove any Carriage Return-Line Feed from a string.
+ * removeCRLF() - remove any Carriage Return-Line Feed from a string.
* That function is useful to remove the possibility of a CRLF Injection when sending mail
* All the data that we will send should be passed through that function
*
- * @param string The string that we want to empty from any CRLF
+ * @param string The string that we want to empty from any CRLF
*/
function util_remove_CRLF($str) {
return strtr($str, "\015\012", ' ');
@@ -174,8 +174,8 @@
if (!$from) {
$from='noreply@'.forge_get_config('web_host');
}
-
+
$charset = _('UTF-8');
if (!$charset) {
$charset = 'UTF-8';
@@ -198,7 +198,7 @@
"\nContent-type: text/$type; charset=$charset".
"\n\n".
util_convert_body($body, $charset);
-
+
if (!forge_get_config('sendmail_path')){
$sys_sendmail_path="/usr/sbin/sendmail";
}
@@ -223,7 +223,7 @@
$name,$charset,"UTF-8")).
"?=";
}
-
+
return $name." <".$email."> ";
}
@@ -269,7 +269,7 @@
if (!function_exists('mb_convert_encoding') || $charset == 'UTF-8') {
return $str;
}
-
+
return mb_convert_encoding($str,$charset,"UTF-8");
}
@@ -458,7 +458,7 @@
if ($code <= 0x7F ||
$code >= 0xC0) {
//Here is single byte character
- //or head of multi byte character
+ //or head of multi byte character
return $wrap;
}
//Do not break multi byte character
@@ -518,8 +518,8 @@
*
*/
function util_make_links($data='') {
- if(empty($data)) {
- return $data;
+ if(empty($data)) {
+ return $data;
}
$lines = explode("\n", $data);
$newText = "";
@@ -763,14 +763,14 @@
$headersCellData[] = array($fieldName);
}
}
-
+
/* Create the title */
if(strlen($title) > 0) {
$titleCellData = array();
$titleCellData[] = array($title, 'colspan="'.count($headersCellData).'"');
echo $HTML->multiTableRow('', $titleCellData, TRUE);
}
-
+
/* Display the headers */
if($displayHeaders) {
echo $HTML->multiTableRow('', $headersCellData, TRUE);
@@ -835,10 +835,10 @@
*/
function validate_emails($addresses, $separator=',') {
if (strlen($addresses) == 0) return array();
-
+
$emails = explode($separator, $addresses);
$ret = array();
-
+
if (is_array($emails)) {
foreach ($emails as $email) {
$email = trim($email); // This is done so we can validate lists like "a at b.com, c at d.com"
@@ -914,7 +914,7 @@
* @version 1.0
* @param int bytes is the size
* @param bool base10 enable base 10 representation, otherwise
- * default base 2 is used
+ * default base 2 is used
* @param int round number of fractional digits
* @param array labels strings associated to each 2^10 or
* 10^3(base10==true) multiple of base units
@@ -977,12 +977,12 @@
$chunksize = 1*(1024*1024); // 1MB chunks
$buffer = '';
$byteCounter = 0;
-
+
$handle = fopen($filename, 'rb');
if ($handle === false) {
return false;
}
-
+
ob_start () ;
while (!feof($handle)) {
$buffer = fread($handle, $chunksize);
@@ -1029,7 +1029,7 @@
if (util_is_dot_or_dotdot($sub_dir))
return true;
}
-
+
return false;
}
@@ -1058,7 +1058,7 @@
/**
* Constructs the forge's URL prefix out of forge_get_config('url_prefix')
- *
+ *
* @return string
*/
function normalized_urlprefix() {
@@ -1066,38 +1066,51 @@
$prefix = preg_replace ("/^\//", "", $prefix) ;
$prefix = preg_replace ("/\/$/", "", $prefix) ;
$prefix = "/$prefix/" ;
- if ($prefix == '//')
+ if ($prefix == '//')
$prefix = '/' ;
return $prefix ;
}
/**
+ * Construct the base URL http[s]://forge_name[:port]
+ *
+ * @return string base URL
+ */
+function util_make_base_url() {
+ if (forge_get_config('use_ssl')) {
+ $url = "https://" ;
+ } else {
+ $url = "http://" ;
+ }
+ $url .= forge_get_config('web_host') ;
+ if (forge_get_config('https_port') != 443) {
+ $url .= ":".forge_get_config('https_port') ;
+ }
+ return $url;
+}
+/**
* Construct full URL from a relative path
- *
- * @param string $path
- * @return string URL
+ *
+ * @param string $path
+ * @return string URL
*/
function util_make_url($path = '') {
- if (forge_get_config('use_ssl')) {
- $url = "https://" ;
- $url .= forge_get_config('web_host') ;
- if (forge_get_config('https_port') != 443) {
- $url .= ":".forge_get_config('https_port') ;
- }
- } else {
- $url = "http://" ;
- $url .= forge_get_config('web_host') ;
- if (forge_get_config('http_port') != 80) {
- $url .= ":".forge_get_config('http_port') ;
- }
- }
- $url .= util_make_uri($path) ;
+ $url = util_make_base_url().util_make_uri($path) ;
return $url;
}
/**
+ * Find the relative URL from full URL, removing http[s]://forge_name[:port]
+ *
+ * @param string URL
+ */
+function util_find_relative_referer($url) {
+ return str_replace(util_make_base_url(), '', $url);
+}
+
+/**
* Construct proper (relative) URI (prepending prefix)
- *
+ *
* @param string $path
* @return string URI
*/
@@ -1124,7 +1137,7 @@
/**
* Create an HTML link to a user's profile page
- *
+ *
* @param string $username
* @param int $user_id
* @param string $text
@@ -1137,7 +1150,7 @@
/**
* Display username with link to a user's profile page
* and icon face if possible.
- *
+ *
* @param string $username
* @param int $user_id
* @param string $text
@@ -1153,11 +1166,11 @@
}
// If no plugin replaced it, then back to default standard link
-
+
// Invoke user_logo plugin (see gravatar plugin for instance)
$params = array('user_id' => $user_id, 'size' => $size, 'content' => '');
plugin_hook_by_reference('user_logo', $params);
-
+
$url = '<a href="' . util_make_url_u ($username, $user_id) . '">' . $text . '</a>';
if ($params['content']) {
return $params['content'].$url.'<div class="new_line"></div>';
@@ -1167,7 +1180,7 @@
/**
* Create URL for user's profile page
- *
+ *
* @param string $username
* @param int $user_id
* @return string URL
@@ -1204,7 +1217,7 @@
/**
* Create URL for a project's page
- *
+ *
* @param string $groupame
* @param int $group_id
* @return string
@@ -1244,7 +1257,7 @@
return false;
}
}
-
+
// Check if a forum with same name already exists
$ff = new ForumFactory($group);
if (!$ff || !is_object($ff) || $ff->isError()) {
@@ -1261,7 +1274,7 @@
}
}
}
-
+
// Email is available
return true;
}
@@ -1282,9 +1295,9 @@
if (!function_exists('array_replace_recursive')) {
/**
* Replaces elements from passed arrays into the first array recursively
- * @param array $a1 The array in which elements are replaced.
- * @param array $a2 The array from which elements will be extracted.
- * @return Returns an array, or NULL if an error occurs.
+ * @param array $a1 The array in which elements are replaced.
+ * @param array $a2 The array from which elements will be extracted.
+ * @return Returns an array, or NULL if an error occurs.
*/
function array_replace_recursive ($a1, $a2) {
$result = $a1 ;
@@ -1298,7 +1311,7 @@
!isset ($result[$k]) || !is_array ($result[$k])) {
$result[$k] = $v ;
}
-
+
$result[$k] = array_replace_recursive ($result[$k],
$v) ;
}
Modified: trunk/src/plugins/mantisbt/www/getAttachment.php
===================================================================
--- trunk/src/plugins/mantisbt/www/getAttachment.php 2011-05-10 07:18:04 UTC (rev 13247)
+++ trunk/src/plugins/mantisbt/www/getAttachment.php 2011-05-10 14:18:20 UTC (rev 13248)
@@ -90,12 +90,6 @@
header('Content-type: application/binary');
echo base64_decode($content);
} else {
- if (forge_get_config('use_ssl'))
- $url = "https://";
- else
- $url = "http://";
-
- $url .= forge_get_config('web_host');
- exit_missing_param(substr($_SERVER['HTTP_REFERER'], strlen($url)), array(_('No idAttachment')), 'mantisbt');
+ exit_missing_param($_SERVER['HTTP_REFERER'], array(_('No idAttachment')), 'mantisbt');
}
?>
Modified: trunk/src/plugins/mantisbt/www/index.php
===================================================================
--- trunk/src/plugins/mantisbt/www/index.php 2011-05-10 07:18:04 UTC (rev 13247)
+++ trunk/src/plugins/mantisbt/www/index.php 2011-05-10 14:18:20 UTC (rev 13248)
@@ -32,13 +32,7 @@
$type = getStringFromRequest('type');
if (!$type) {
- if (forge_get_config('use_ssl'))
- $url = "https://";
- else
- $url = "http://";
-
- $url .= forge_get_config('web_host');
- exit_missing_param(substr($_SERVER['HTTP_REFERER'], strlen($url)), array('No TYPE specified'), 'mantisbt');
+ exit_missing_param($_SERVER['HTTP_REFERER']), array('No TYPE specified'), 'mantisbt');
}
$use_tooltips = 1;
@@ -49,13 +43,7 @@
case 'group': {
$group_id = getIntFromRequest('group_id');
if (!$group_id) {
- if (forge_get_config('use_ssl'))
- $url = "https://";
- else
- $url = "http://";
-
- $url .= forge_get_config('web_host');
- exit_missing_param(substr($_SERVER['HTTP_REFERER'], strlen($url)), array('No GROUP_ID specified'), 'mantisbt');
+ exit_missing_param($_SERVER['HTTP_REFERER']), array('No GROUP_ID specified'), 'mantisbt');
}
$group = group_get_object($group_id);
if (!$group) {
@@ -228,13 +216,7 @@
}
$group_id = getIntFromRequest('group_id');
if (!$group_id) {
- if (forge_get_config('use_ssl'))
- $url = "https://";
- else
- $url = "http://";
-
- $url .= forge_get_config('web_host');
- exit_missing_param(substr($_SERVER['HTTP_REFERER'], strlen($url)), array('No GROUP_ID specified'), 'mantisbt');
+ exit_missing_param($_SERVER['HTTP_REFERER']), array('No GROUP_ID specified'), 'mantisbt');
}
$group = group_get_object($group_id);
More information about the Fusionforge-commits
mailing list