123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644 |
- <?php
- // This file is part of GNU social - https://www.gnu.org/software/social
- //
- // GNU social is free software: you can redistribute it and/or modify
- // it under the terms of the GNU Affero General Public License as published by
- // the Free Software Foundation, either version 3 of the License, or
- // (at your option) any later version.
- //
- // GNU social is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- // GNU Affero General Public License for more details.
- //
- // You should have received a copy of the GNU Affero General Public License
- // along with GNU social. If not, see <http://www.gnu.org/licenses/>.
- /**
- * Low-level generator for HTML
- *
- * @package GNUsocial
- * @category Output
- *
- * @author Evan Prodromou <evan@status.net>
- * @author Sarven Capadisli <csarven@status.net>
- * @copyright 2008-2019 Free Software Foundation, Inc http://www.fsf.org
- * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
- */
- defined('GNUSOCIAL') || die();
- // Can include XHTML options but these are too fragile in practice.
- define('PAGE_TYPE_PREFS', 'text/html');
- /**
- * Low-level generator for HTML
- *
- * Abstracts some of the code necessary for HTML generation. Especially
- * has methods for generating HTML form elements. Note that these have
- * been created kind of haphazardly, not with an eye to making a general
- * HTML-creation class.
- *
- * @see Action
- * @see XMLOutputter
- *
- * @copyright 2008-2019 Free Software Foundation, Inc http://www.fsf.org
- * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
- */
- class htmloutputter extends XMLOutputter
- {
- protected $DTD = ['doctype' => 'html',
- 'spec' => '-//W3C//DTD XHTML 1.0 Strict//EN',
- 'uri' => 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd', ];
- /**
- * Constructor
- *
- * Just wraps the XMLOutputter constructor.
- *
- * @param string $output URI to output to, default = stdout
- * @param bool|null $indent Whether to indent output, if null it defaults to true
- *
- * @throws ServerException
- */
- public function __construct($output = 'php://output', $indent = null)
- {
- parent::__construct($output, $indent);
- }
- /**
- * Start an HTML document
- *
- * If $type isn't specified, will attempt to do content negotiation.
- *
- * Attempts to do content negotiation for language, also.
- *
- * @param null|string $type MIME type to use; default is to do negotation.
- *
- * @throws ClientException
- * @throws ServerException
- *
- * @return void
- *
- * @todo extract content negotiation code to an HTTP module or class.
- */
- public function startHTML(?string $type = null): void
- {
- if (!$type) {
- $httpaccept = isset($_SERVER['HTTP_ACCEPT']) ?
- $_SERVER['HTTP_ACCEPT'] : null;
- // XXX: allow content negotiation for RDF, RSS, or XRDS
- $cp = common_accept_to_prefs($httpaccept);
- $sp = common_accept_to_prefs(PAGE_TYPE_PREFS);
- $type = common_negotiate_type($cp, $sp);
- if (!$type) {
- // TRANS: Client exception 406
- throw new ClientException(_('This page is not available in a ' .
- 'media type you accept'), 406);
- }
- }
- header('Content-Type: ' . $type);
- // Output anti-framing headers to prevent clickjacking (respected by newer
- // browsers).
- if (common_config('javascript', 'bustframes')) {
- header('X-XSS-Protection: 1; mode=block'); // detect XSS Reflection attacks
- header('X-Frame-Options: SAMEORIGIN'); // no rendering if origin mismatch
- }
- $this->extraHeaders();
- if (preg_match('/.*\\/.*xml/', $type)) {
- // Required for XML documents
- $this->startXML();
- }
- $this->writeDTD();
- $language = $this->getLanguage();
- $attrs = [
- 'xmlns' => 'http://www.w3.org/1999/xhtml',
- 'xml:lang' => $language,
- 'lang' => $language,
- ];
- if (Event::handle('StartHtmlElement', [$this, &$attrs])) {
- $this->elementStart('html', $attrs);
- Event::handle('EndHtmlElement', [$this, &$attrs]);
- }
- }
- /**
- * To specify additional HTTP headers for the action
- *
- * @return void
- */
- public function extraHeaders()
- {
- // Needs to be overloaded
- }
- /**
- * @return void
- */
- protected function writeDTD(): void
- {
- $this->xw->writeDTD(
- $this->DTD['doctype'],
- $this->DTD['spec'],
- $this->DTD['uri']
- );
- }
- /**
- * @return mixed (array|bool|string)
- */
- public function getLanguage()
- {
- // FIXME: correct language for interface
- return common_language();
- }
- /**
- * @param $doctype
- * @param $spec
- * @param $uri
- */
- public function setDTD($doctype, $spec, $uri): void
- {
- $this->DTD = ['doctype' => $doctype, 'spec' => $spec, 'uri' => $uri];
- }
- /**
- * Ends an HTML document
- *
- * @return void
- */
- public function endHTML(): void
- {
- $this->elementEnd('html');
- $this->endXML();
- }
- /**
- * Output an HTML text input element
- *
- * Despite the name, it is specifically for outputting a
- * text input element, not other <input> elements. It outputs
- * a cluster of elements, including a <label> and an associated
- * instructions span.
- *
- * If $attrs['type'] does not exist it will be set to 'text'.
- *
- * @param string $id element ID, must be unique on page
- * @param null|string $label text of label for the element
- * @param null|string $value value of the element, default null
- * @param null|string $instructions instructions for valid input
- * @param null|string $name name of the element; if null, the id will be used
- * @param bool $required HTML5 required attribute (exclude when false)
- * @param array $attrs Initial attributes manually set in an array (overwritten by previous options)
- *
- * @return void
- *
- * @todo add a $maxLength parameter
- * @todo add a $size parameter
- *
- */
- public function input(
- string $id,
- ?string $label,
- ?string $value = null,
- ?string $instructions = null,
- ?string $name = null,
- bool $required = false,
- array $attrs = []
- ): void {
- $this->element('label', ['for' => $id], $label);
- if (!array_key_exists('type', $attrs)) {
- $attrs['type'] = 'text';
- }
- $attrs['id'] = $id;
- $attrs['name'] = is_null($name) ? $id : $name;
- if (array_key_exists('placeholder', $attrs) && (is_null($attrs['placeholder']) || $attrs['placeholder'] === '')) {
- // If placeholder is type-aware equal to '' or null, unset it as we apparently don't want a placeholder value
- unset($attrs['placeholder']);
- } else {
- // If the placeholder is set use it, or use the label as fallback.
- $attrs['placeholder'] = isset($attrs['placeholder']) ? $attrs['placeholder'] : $label;
- }
- if (!is_null($value)) { // value can be 0 or ''
- $attrs['value'] = $value;
- }
- if (!empty($required)) {
- $attrs['required'] = 'required';
- }
- $this->element('input', $attrs);
- if ($instructions) {
- $this->element('p', 'form_guide', $instructions);
- }
- }
- /**
- * output an HTML checkbox and associated elements
- *
- * Note that the value is default 'true' (the string), which can
- * be used by Action::boolean()
- *
- * @param string $id element ID, must be unique on page
- * @param null|string $label text of label for the element
- * @param bool $checked if the box is checked, default false
- * @param null|string $instructions instructions for valid input
- * @param string $value value of the checkbox, default 'true'
- * @param bool $disabled show the checkbox disabled, default false
- *
- * @return void
- *
- * @todo add a $name parameter
- */
- public function checkbox(
- string $id,
- ?string $label,
- bool $checked = false,
- ?string $instructions = null,
- string $value = 'true',
- bool $disabled = false
- ): void {
- $attrs = ['name' => $id,
- 'type' => 'checkbox',
- 'class' => 'checkbox',
- 'id' => $id, ];
- if ($value) {
- $attrs['value'] = $value;
- }
- if ($checked) {
- $attrs['checked'] = 'checked';
- }
- if ($disabled) {
- $attrs['disabled'] = 'true';
- }
- $this->element('input', $attrs);
- $this->text(' ');
- $this->element(
- 'label',
- ['class' => 'checkbox',
- 'for' => $id, ],
- $label
- );
- $this->text(' ');
- if ($instructions) {
- $this->element('p', 'form_guide', $instructions);
- }
- }
- /**
- * output an HTML combobox/select and associated elements
- *
- * $content is an array of key-value pairs for the dropdown, where
- * the key is the option value attribute and the value is the option
- * text. (Careful on the overuse of 'value' here.)
- *
- * @param string $id element ID, must be unique on page
- * @param null|string $label text of label for the element
- * @param array $content options array, value => text
- * @param null|string $instructions instructions for valid input
- * @param bool $blank_select whether to have a blank entry, default false
- * @param null|string $selected selected value, default null
- *
- * @return void
- *
- * @todo add a $name parameter
- */
- public function dropdown(
- string $id,
- ?string $label,
- array $content,
- ?string $instructions = null,
- bool $blank_select = false,
- ?string $selected = null
- ): void {
- $this->element('label', ['for' => $id], $label);
- $this->elementStart('select', ['id' => $id, 'name' => $id]);
- if ($blank_select) {
- $this->element('option', ['value' => '']);
- }
- foreach ($content as $value => $option) {
- if ($value == $selected) {
- $this->element(
- 'option',
- ['value' => $value,
- 'selected' => 'selected', ],
- $option
- );
- } else {
- $this->element('option', ['value' => $value], $option);
- }
- }
- $this->elementEnd('select');
- if ($instructions) {
- $this->element('p', 'form_guide', $instructions);
- }
- }
- /**
- * output an HTML hidden element
- *
- * $id is re-used as name
- *
- * @param string $id element ID, must be unique on page
- * @param null|string $value hidden element value, default null
- * @param null|string $name name, if different than ID
- *
- * @return void
- */
- public function hidden(string $id, ?string $value = null, ?string $name = null)
- {
- $this->element('input', ['name' => $name ?: $id,
- 'type' => 'hidden',
- 'id' => $id,
- 'value' => $value, ]);
- }
- /**
- * output an HTML password input and associated elements
- *
- * @param string $id element ID, must be unique on page
- * @param null|string $label text of label for the element
- * @param null|string $instructions instructions for valid input
- *
- * @return void
- *
- * @todo add a $name parameter
- */
- public function password(string $id, ?string $label, ?string $instructions = null): void
- {
- $this->element('label', ['for' => $id], $label);
- $attrs = ['name' => $id,
- 'type' => 'password',
- 'class' => 'password',
- 'id' => $id, ];
- $this->element('input', $attrs);
- if ($instructions) {
- $this->element('p', 'form_guide', $instructions);
- }
- }
- /**
- * output an HTML submit input and associated elements
- *
- * @param string $id element ID, must be unique on page
- * @param null|string $label text of the button
- * @param string $cls class of the button, default 'submit'
- * @param null|string $name name, if different than ID
- * @param null|string $title title text for the submit button
- *
- * @return void
- *
- * @todo add a $name parameter
- */
- public function submit(
- string $id,
- ?string $label,
- string $cls = 'submit',
- ?string $name = null,
- ?string $title = null
- ): void {
- $this->element('input', ['type' => 'submit',
- 'id' => $id,
- 'name' => $name ?: $id,
- 'class' => $cls,
- 'value' => $label,
- 'title' => $title, ]);
- }
- /**
- * output a script (almost always javascript) tag
- *
- * @param string $src relative or absolute script path
- * @param string $type 'type' attribute value of the tag
- *
- * @throws ServerException
- *
- * @return void
- */
- public function script(string $src, string $type = 'text/javascript'): void
- {
- if (Event::handle('StartScriptElement', [$this, &$src, &$type])) {
- $url = parse_url($src);
- if (empty($url['scheme']) && empty($url['host']) && empty($url['query']) && empty($url['fragment'])) {
- // XXX: this seems like a big assumption
- if (strpos($src, 'plugins/') === 0 || strpos($src, 'local/') === 0) {
- $src = common_path($src, GNUsocial::isHTTPS()) . '?version=' . GNUSOCIAL_VERSION;
- } else {
- if (GNUsocial::isHTTPS()) {
- $server = common_config('javascript', 'sslserver');
- if (empty($server)) {
- if (is_string(common_config('site', 'sslserver')) && mb_strlen(common_config('site', 'sslserver')) > 0) {
- $server = common_config('site', 'sslserver');
- } elseif (common_config('site', 'server')) {
- $server = common_config('site', 'server');
- }
- $path = common_config('site', 'path') . '/js/';
- } else {
- $path = common_config('javascript', 'sslpath');
- if (empty($path)) {
- $path = common_config('javascript', 'path');
- }
- }
- $protocol = 'https';
- } else {
- $path = common_config('javascript', 'path');
- if (empty($path)) {
- $path = common_config('site', 'path') . '/js/';
- }
- $server = common_config('javascript', 'server');
- if (empty($server)) {
- $server = common_config('site', 'server');
- }
- $protocol = 'http';
- }
- if ($path[strlen($path) - 1] != '/') {
- $path .= '/';
- }
- if ($path[0] != '/') {
- $path = '/' . $path;
- }
- $src = $protocol . '://' . $server . $path . $src . '?version=' . GNUSOCIAL_VERSION;
- }
- }
- $this->element(
- 'script',
- ['type' => $type,
- 'src' => $src, ],
- ' '
- );
- Event::handle('EndScriptElement', [$this, $src, $type]);
- }
- }
- /**
- * output a css link
- *
- * @param string $src relative path within the theme directory, or an absolute path
- * @param string $theme 'theme' that contains the stylesheet
- * @param null|string $media
- *
- * @throws ServerException
- *
- * @return void
- */
- public function cssLink(string $src, ?string $theme = null, ?string $media = null): void
- {
- if (Event::handle('StartCssLinkElement', [$this, &$src, &$theme, &$media])) {
- $url = parse_url($src);
- if (empty($url['scheme']) && empty($url['host']) && empty($url['query']) && empty($url['fragment'])) {
- if (file_exists(Theme::file($src, $theme))) {
- $src = Theme::path($src, $theme);
- } else {
- $src = common_path($src, GNUsocial::isHTTPS());
- }
- $src .= '?version=' . GNUSOCIAL_VERSION;
- }
- $this->element('link', ['rel' => 'stylesheet',
- 'type' => 'text/css',
- 'href' => $src,
- 'media' => $media, ]);
- Event::handle('EndCssLinkElement', [$this, $src, $theme, $media]);
- }
- }
- /**
- * output a style (almost always css) tag with inline
- * code.
- *
- * @param string $code code to put in the style tag
- * @param string $type 'type' attribute value of the tag
- * @param null|string $media 'media' attribute value of the tag
- *
- * @return void
- */
- public function style(string $code, string $type = 'text/css', ?string $media = null)
- {
- if (Event::handle('StartStyleElement', [$this, &$code, &$type, &$media])) {
- $this->elementStart('style', ['type' => $type, 'media' => $media]);
- $this->raw($code);
- $this->elementEnd('style');
- Event::handle('EndStyleElement', [$this, $code, $type, $media]);
- }
- }
- /**
- * output an HTML textarea and associated elements
- *
- * @param string $id element ID, must be unique on page
- * @param null|string $label text of label for the element
- * @param null|string $content content of the textarea, default none
- * @param null|string $instructions instructions for valid input
- * @param null|string $name name of textarea; if null, $id will be used
- * @param null|int $cols number of columns
- * @param null|int $rows number of rows
- * @param bool $required HTML5 required attribute (exclude when false)
- *
- * @return void
- */
- public function textarea(
- string $id,
- ?string $label,
- ?string $content = null,
- ?string $instructions = null,
- ?string $name = null,
- ?int $cols = null,
- ?int $rows = null,
- bool $required = false
- ): void {
- $this->element('label', ['for' => $id], $label);
- $attrs = [
- 'rows' => 3,
- 'cols' => 40,
- 'id' => $id,
- ];
- $attrs['name'] = is_null($name) ? $id : $name;
- if ($cols != null) {
- $attrs['cols'] = $cols;
- }
- if ($rows != null) {
- $attrs['rows'] = $rows;
- }
- if (!empty($required)) {
- $attrs['required'] = 'required';
- }
- $this->element(
- 'textarea',
- $attrs,
- $content
- );
- if ($instructions) {
- $this->element('p', 'form_guide', $instructions);
- }
- }
- /**
- * Internal script to autofocus the given element on page onload.
- *
- * @param string $id element ID, must refer to an existing element
- *
- * @return void
- *
- */
- public function autofocus(string $id): void
- {
- $this->inlineScript(
- ' $(document).ready(function() {' .
- ' var el = $("#' . $id . '");' .
- ' if (el.length) { el.focus(); }' .
- ' });'
- );
- }
- /**
- * output a script (almost always javascript) tag with inline
- * code.
- *
- * @param string $code code to put in the script tag
- * @param string $type 'type' attribute value of the tag
- *
- * @return void
- */
- public function inlineScript(string $code, string $type = 'text/javascript'): void
- {
- if (Event::handle('StartInlineScriptElement', [$this, &$code, &$type])) {
- $this->elementStart('script', ['type' => $type]);
- if ($type == 'text/javascript') {
- $this->raw('/*<![CDATA[*/ '); // XHTML compat
- }
- $this->raw($code);
- if ($type == 'text/javascript') {
- $this->raw(' /*]]>*/'); // XHTML compat
- }
- $this->elementEnd('script');
- Event::handle('EndInlineScriptElement', [$this, $code, $type]);
- }
- }
- }
|