Alternc  latest
Alternc logiel libre pour l'hébergement
bro_editor.php
Go to the documentation of this file.
1 <?php
2 /*
3  ----------------------------------------------------------------------
4  LICENSE
5 
6  This program is free software; you can redistribute it and/or
7  modify it under the terms of the GNU General Public License (GPL)
8  as published by the Free Software Foundation; either version 2
9  of the License, or (at your option) any later version.
10 
11  This program is distributed in the hope that it will be useful,
12  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  GNU General Public License for more details.
15 
16  To read the license please visit http://www.gnu.org/copyleft/gpl.html
17  ----------------------------------------------------------------------
18 */
19 
20 /**
21  * File editor part of AlternC file manager / browser.
22  *
23  * @copyright AlternC-Team 2000-2017 https://alternc.com/
24  */
25 
26  require_once("../class/config.php");
27 
28 // We check it ourself : not fatal
29 define("NOCSRF",true);
30 
31 $fields = array (
32  "editfile" => array ("request", "string", ""),
33  "texte" => array ("post", "string", ""),
34  "save" => array ("post", "string", ""),
35  "saveret" => array ("post", "string", ""),
36  "cancel" => array ("post", "string", ""),
37  "R" => array ("request", "string", ""),
38 );
39 getFields($fields);
40 
41 $editing=false;
42 $editfile=ssla($editfile);
43 $texte=ssla($texte);
44 
45 $R=$bro->convertabsolute($R,1);
46 $p=$bro->GetPrefs();
47 
48 if (isset($cancel) && $cancel) {
49  include("bro_main.php");
50  exit();
51 }
52 
53 if (isset($saveret) && $saveret) {
54  $editing=true;
55 
56  // Thanks to this, we bring you back to the EDIT form if the CSRF is invalid.
57  // Allows you to re-submit
58  // FIXME - doesn't work
59 /* $csrf_check=false;
60  if (count($_POST) && !defined("NOCSRF")) {
61  if (csrf_check()<=0) {
62  $csrf_check = true;
63  }
64  }*/
65 
66  if ($bro->save($editfile,$R,$texte)) {
67  $msg->raise("INFO", "bro", _("Your file %s has been saved")." (".format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'),date("Y-m-d H:i:s")).")", $editfile);
68  include("bro_main.php");
69  exit();
70  }
71 }
72 if (isset($save) && $save) {
73  if ($bro->save($editfile,$R,$texte)) {
74  $msg->raise("INFO", "bro", _("Your file %s has been saved")." (".format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'),date("Y-m-d H:i:s")).")", $editfile);
75  }
76 }
77 
78 $addhead['css'][]='<link rel="stylesheet" href="/javascript/prettify/prettify.css" type="text/css" />';
79 $addhead['js'][]='<script src="/javascript/prettify/prettify.js" type="text/javascript"></script>';
80 include_once("head.php");
81 
82 ?>
83 <p>
84 <?php
85 echo $msg->msg_html_all();
86 ?>
87 <h3><?php echo _("File editing")." <code>".ehe($R,false)."/<b>".ehe($editfile,false)."</b></code><br />"; ?></h3>
88 </p>
89 
90 <?php
91 $content=$bro->content($R,$editfile);
92 ?>
93 
94 <form action="bro_editor.php" method="post"><br />
95  <?php csrf_get(); ?>
96 <div id="tabsfile">
97  <ul>
98  <li class="view"><a href="#tabsfile-view"><?php __("View"); ?></a></li>
99  <li class="edit"><a href="#tabsfile-edit"><?php __("Edit"); ?></a></li>
100  </ul>
101 
102 <div id="tabsfile-view">
103 <?php
104 echo "<pre class='prettyprint' id='file_content_view' >$content</pre>";
105 ?>
106 </div>
107 
108 <div id="tabsfile-edit">
109 <textarea id='file_content_editor' class="int" style="font-family: <?php echo $p["editor_font"]; ?>; font-size: <?php echo $p["editor_size"]; ?>; width: 90%; height: 400px;" name="texte"><?php
110  if (empty($content)) {
111  $error=_("This file is empty");
112  } else {
113  echo $content;
114  }
115 ?></textarea>
116 </div>
117 </div><!-- tabsfile -->
118 <br/>
119 <?php if (!empty($error)) echo "<p class=\"alert alert-danger\">".$error."</p>"; ?>
120  <input type="hidden" name="editfile" value="<?php ehe($editfile); ?>" />
121  <input type="hidden" name="R" value="<?php ehe($R); ?>" />
122 
123  <input type="submit" class="inb" value="<?php __("Save"); ?>" name="save" />
124  <input type="submit" class="inb" value="<?php __("Save &amp; Quit"); ?>" name="saveret" />
125  <input type="submit" class="inb" value="<?php __("Quit"); ?>" name="cancel" />
126 <br />
127 </form>
128 
129 <script type="text/javascript">
130 $(function() {
131  prettyPrint();
132  $( "#tabsfile" ).tabs();
133 <?php if ($editing) { ?>
134  $( "#tabsfile-edit" ).tabs( "option", "active", 1 );
135 <?php } ?>
136 });
137 
138 $('#tabsfile').on('tabsbeforeactivate', function(event, ui){
139  var b = $('#file_content_editor').val();
140  $('#file_content_view').text( b );
141  $('#file_content_view').removeClass('prettyprinted');
142  PR.prettyPrint();
143 });
144 </script>
145 
146 
147 <?php include_once("foot.php"); ?>
exit
exit
Definition: adm_doadd.php:70
$msg
$msg
Definition: bootstrap.php:75
$texte
$texte
Definition: bro_editor.php:43
$editfile
$editfile
Definition: bro_editor.php:42
$content
$content
Definition: bro_editor.php:91
$addhead
if(isset($cancel) && $cancel) if(isset($saveret) && $saveret) if(isset($save) && $save) $addhead['css'][]
Definition: bro_editor.php:78
$editing
$editing
Definition: bro_editor.php:41
$p
$p
Definition: bro_editor.php:46
$fields
$fields
Definition: bro_editor.php:31
$R
$R
Definition: bro_editor.php:45
ehe
ehe($str, $display=TRUE)
Echo the HTMLSpecialChars version of a value.
Definition: functions.php:647
format_date
format_date($format, $date)
Definition: functions.php:494
ssla
ssla($str)
Strip slashes if needed :
Definition: functions.php:519
__
__($str)
Definition: functions.php:404
getFields
getFields($fields, $requestOnly=false)
Get the Fields of the posted form from $_REQUEST or POST or GET and check their type.
Definition: functions.php:688
csrf_get
csrf_get($return=false)
Give a new CSRF uniq token for a form the session must be up since the CSRF is linked to the session ...
Definition: functions.php:1159
$bro
$bro
Definition: bootstrap.php:151
$error
$error
Definition: ssl_delete.php:45