Commit 7fb0ccf7 authored by jonnybradley's avatar jonnybradley

[MRG] Automatic merge, branches/15.x 58313 to 58322

parent 0ad93a87
......@@ -83,35 +83,25 @@ class AuthTokens
array( $token )
)->fetchRow();
global $prefs, $full; // $full defined in route.php
if ( $data['entry'] != $entry && ($prefs['feature_sefurl'] !== 'y' || $data['entry'] !== urldecode($full)) ) {
global $prefs, $full, $smarty, $tikiroot; // $full defined in route.php
$sefurl = '';
if ($prefs['feature_sefurl'] === 'y') {
$sefurl = substr($full, strlen($tikiroot)) . '?' . http_build_query($_GET);
$sefurlTypeMap = $this->getSefurlTypeMap();
$smarty->loadPlugin('smarty_modifier_sefurl');
$sefurl = $tikiroot . smarty_modifier_sefurl($sefurl, $sefurlTypeMap[$_GET[0]]);
}
// entry doesn't match "or" sefurl feature is in use but that also doesn't match
if ( $data['entry'] != $entry && $sefurl && $data['entry'] !== $sefurl ) {
return null;
}
$registered = (array) json_decode($data['parameters'], true);
if ($prefs['feature_sefurl'] === 'y') { // filter out the usual sefurl parameters that would be missing from the URI
$usedInRequest = [
'page',
'articleId',
'blogId', 'postId',
'parentId',
'fileId', 'galleryId',
'forumId',
'nlId',
'trackerId', 'itemId',
'sheetId',
'userId',
'calIds',
];
$usedInRequest = array_diff($usedInRequest, array_keys($registered)); // params that are actually used and need to be checked
$parameters = array_diff_key($parameters, array_flip($usedInRequest)); // remove params that aren't used
}
if ( ! $this->allPresent($registered, $parameters)
|| ! $this->allPresent($parameters, $registered)
) {
if ( ! $this->allPresent($registered, $parameters) || ! $this->allPresent($parameters, $registered) ) {
return null;
}
......@@ -157,6 +147,32 @@ class AuthTokens
return true;
}
/**
* Provide mapping between item key and object type
* TODO centralise this info in objectlib.php (?) and decide on one word or two for each
*
* @return array
*/
private function getSefurlTypeMap()
{
return [
'page' => 'wiki page',
'articleId' => 'article',
'blogId' => 'blog',
'postId' => 'blog post',
'parentId' => 'category',
'fileId' => 'file',
'galleryId' => 'file gallery',
'forumId' => 'forum',
'nlId' => 'newsletter',
'trackerId' => 'tracker',
'itemId' => 'trackeritem',
'sheetId' => 'sheet',
'userId' => 'user',
'calIds' => 'calendar',
];
}
function createToken( $entry, array $parameters, array $groups, array $arguments = array() )
{
if ( !empty($arguments['timeout']) ) {
......@@ -227,12 +243,45 @@ class AuthTokens
function includeToken( $url, array $groups = array(), $email = '', $timeout = 0, $hits = 0, $createUser = false, $userPrefix = 'guest')
{
$data = parse_url($url);
$longurl = '';
if ( isset($data['query']) ) {
parse_str($data['query'], $args);
unset( $args['TOKEN'] );
unset($args['TOKEN']);
} else {
$args = array();
global $prefs, $sefurl_regex_out;
include_once 'tiki-sefurl.php';
if ($prefs['feature_sefurl'] === 'y' && !empty($sefurl_regex_out)) {
global $base_url;
$short = substr($url, strlen($base_url));
$is_numeric = preg_match('/\d+/', $short);
foreach (array_reverse($sefurl_regex_out) as $regex) { // wiki is the first one and will match anything
if ($is_numeric) {
$replace = '(\d+)'; // match digits
} else {
$replace ='(.+)'; // or anything (for wiki pages)
}
$pattern = str_replace('$1', $replace, $regex['right']);
if (preg_match('/' . $pattern . '/', $short, $matches)) {
$longurl = preg_replace('/' . preg_quote($replace) . '/', $matches[1], $regex['left']);
$longurl = $base_url . stripcslashes($longurl); // add back the beginning and get rid of the \ infront of the ?
break;
}
}
if ($longurl) {
$longdata = parse_url($longurl);
parse_str($longdata['query'], $args);
} else {
$args = array();
}
} else {
$args = array();
}
}
$settings = array('email'=>$email);
......@@ -246,6 +295,9 @@ class AuthTokens
$settings['userPrefix'] = $userPrefix;
$token = $this->createToken($data['path'], $args, $groups, $settings);
if ($longurl) { // sefurl was used so the args should be reset now the token has been created
$args = array();
}
$args['TOKEN'] = $token;
$query = '?' . http_build_query($args, '', '&');
......
......@@ -676,15 +676,27 @@ syntaxHighlighter = {
if (textareaEditor.getSelection()) {
textareaEditor.replaceSelection(newString);
} else {
textareaEditor.setLine(handle.line, newString);
textareaEditor.replaceRange(
newString,
{line: handle.line, ch: 0},
{line: handle.line, ch: 0}
);
}
} else if (blockLevel) {
selection = textareaEditor.getLine(handle.line);
if (selection) {
textareaEditor.setLine(handle.line, replaceString.replace(toBeReplaced, selection));
textareaEditor.replaceRange(
replaceString.replace(toBeReplaced, selection),
{line: handle.line, ch: 0},
{line: handle.line, ch: selection.length}
);
} else {
textareaEditor.setLine(handle.line, replaceString);
textareaEditor.replaceRange(
replaceString,
{line: handle.line, ch: 0},
{line: handle.line, ch: 0}
);
}
} else if (replaceString) {
......
......@@ -7962,7 +7962,7 @@ class UsersLib extends TikiLib
}
/**
* @param $uname The username of the temporary user to remove (or disable depending on the pref)
* @param string $uname The username of the temporary user to remove (or disable depending on the pref)
*
*/
function remove_temporary_user($uname) {
......
......@@ -5,7 +5,7 @@
{/self_link}
</div>
{/if}
<div id="thumbnails" style="float:left">
<div id="thumbnails"{* style="float:left"*}>
{section name=changes loop=$files}
......@@ -160,7 +160,7 @@
</div> {* thumbactions *}
{/if}
{/capture}
<div id="{$checkname}_{$files[changes].id}" class="clearfix thumbnailcontener{if $is_checked eq 'y'} thumbnailcontenerchecked{/if}{if $files[changes].isgal eq 1} subgallery{/if}" {if $view eq 'page'}style="float:left"{else}style="width:{$thumbnailcontener_size}px"{/if}>
<div id="{$checkname}_{$files[changes].id}" class="clearfix thumbnailcontener{if $is_checked eq 'y'} thumbnailcontenerchecked{/if}{if $files[changes].isgal eq 1} subgallery{/if}" style="{if $view eq 'browse'}float:left;{/if}{if $view neq 'page'}width:{$thumbnailcontener_size}px{/if}">
<div class="thumbnail" style="float:left; {if $view neq 'page'}width:{$thumbnailcontener_size}px{/if}">
<div class="thumbnailframe" style="width:100%;height:{if $view != 'page'}{$thumbnailcontener_size}px{else}100%{/if}{if $show_infos neq 'y'};margin-bottom:4px{/if}">
<div class="thumbimage">
......@@ -198,7 +198,7 @@
{if $key_type neq 'image/svg' and $key_type neq 'image/svg+xml'}
{if $imagetypes eq 'y' or $prefs.theme_iconset eq 'legacy'}
{if $view eq 'page'}
<img src="tiki-download_file.php?fileId={$files[changes].id}&preview" alt="" style="max-width:{$maxWidth}">
<img src="tiki-download_file.php?fileId={$files[changes].id}&preview" alt="" style="width:{$maxWidth};max-width: 100%;">
{else}
<img src="{$files[changes].id|sefurl:thumbnail}" alt="" style="max-height:{$thumbnailcontener_size}px">
{/if}
......
......@@ -7,31 +7,37 @@
<div class="table-responsive">
<table class="table table-striped table-hover">
<tr>
<th></th>
<th>{tr}Id{/tr}</th>
<th>{tr}Entry{/tr}</th>
<th>{tr}Email{/tr}</th>
<th>{tr}Timeout{/tr}</th>
<th>{tr}Token{/tr}</th>
<th>{tr}Creation{/tr}</th>
<th>{tr}Timeout{/tr}</th>
<th>{tr}Hits{/tr}</th>
<th>{tr}Max hits{/tr}</th>
<th>{tr}Email{/tr}</th>
<th>{tr}Parameters{/tr}</th>
<th>{tr}Groups{/tr}</th>
<th>{tr}Create Temp User{/tr}</th>
<th>{tr}Temp User Prefix{/tr}</th>
<th></th>
</tr>
{foreach $tokens as $token}
<tr>
<td>
{self_link tokenId=$token.tokenId action='delete' _menu_text='n' _menu_icon='y' _icon_name='remove' _title='{tr}Delete{/tr}'}
{/self_link}
</td>
<td>{$token.tokenId}</td>
<td>{$token.entry}</td>
<td>{$token.token}</td>
<td>{$token.creation}</td>
<td>{$token.timeout}</td>
<td>{$token.email}</td>
<td>{if $token.expires}{$token.expires|tiki_short_datetime}{else}{tr}none{/tr}{/if}</td>
<td style="max-width: 6em; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;" title="{$token.token}">
{$token.token}
</td>
<td>{$token.creation|tiki_short_datetime}</td>
<td>{$token.hits}</td>
<td>{$token.maxhits}</td>
<td>{$token.email}</td>
<td>
{foreach $token.parameters as $key => $value}
{$key}={$value}<br>
......@@ -40,11 +46,6 @@
<td>{$token.groups}</td>
<td>{$token.createUser}</td>
<td>{$token.userPrefix}</td>
<td>
{self_link tokenId=$token.tokenId action='delete' _menu_text='y' _menu_icon='y' _icon_name='remove'}
{tr}Delete{/tr}
{/self_link}
</td>
</tr>
{foreachelse}
{norecords _colspan=10}
......
......@@ -70,6 +70,12 @@ $tokens = $tokenlib->getTokens();
foreach ($tokens as $key => $token) {
$tokens[$key]['groups'] = join(', ', json_decode($token['groups']));
$tokens[$key]['parameters'] = (array) json_decode($token['parameters']);
if ($token['timeout'] == -1) {
$tokens[$key]['expires'] = '';
} else {
$tokens[$key]['expires'] = date('c', strtotime($token['creation']) + $token['timeout']);
}
$tokens[$key]['entry'] = preg_replace('#^' . preg_quote($tikiroot) . '#', '', $token['entry']);
}
$smarty->assign('tokens', $tokens);
......
......@@ -535,7 +535,7 @@ if ($prefs['jquery_timeago'] === 'y') {
if (is_readable($timeago_locale)) {
$headerlib->add_jsfile($timeago_locale); // TODO handle zh-CN and zh-TW
}
$headerlib->add_jq_onready('$("time.timeago").timeago();');
$headerlib->add_jq_onready('$("time.timeago").timeago(); jQuery.timeago.settings.allowFuture = true;');
}
if ( $prefs['feature_jquery_validation'] == 'y' ) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment