action.php 54 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759
  1. <?php
  2. /**
  3. * StatusNet, the distributed open-source microblogging tool
  4. *
  5. * Base class for all actions (~views)
  6. *
  7. * PHP version 5
  8. *
  9. * LICENCE: This program is free software: you can redistribute it and/or modify
  10. * it under the terms of the GNU Affero General Public License as published by
  11. * the Free Software Foundation, either version 3 of the License, or
  12. * (at your option) any later version.
  13. *
  14. * This program is distributed in the hope that it will be useful,
  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. * GNU Affero General Public License for more details.
  18. *
  19. * You should have received a copy of the GNU Affero General Public License
  20. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  21. *
  22. * @category Action
  23. * @package StatusNet
  24. * @author Evan Prodromou <evan@status.net>
  25. * @author Sarven Capadisli <csarven@status.net>
  26. * @copyright 2008 StatusNet, Inc.
  27. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  28. * @link http://status.net/
  29. */
  30. if (!defined('GNUSOCIAL')) {
  31. exit(1);
  32. }
  33. /**
  34. * Base class for all actions
  35. *
  36. * This is the base class for all actions in the package. An action is
  37. * more or less a "view" in an MVC framework.
  38. *
  39. * Actions are responsible for extracting and validating parameters; using
  40. * model classes to read and write to the database; and doing ouput.
  41. *
  42. * @category Output
  43. * @package StatusNet
  44. * @author Evan Prodromou <evan@status.net>
  45. * @author Sarven Capadisli <csarven@status.net>
  46. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  47. * @link http://status.net/
  48. *
  49. * @see HTMLOutputter
  50. */
  51. class Action extends HTMLOutputter // lawsuit
  52. {
  53. // This should be protected/private in the future
  54. public $args = [];
  55. // Action properties, set per-class
  56. protected $action = false;
  57. protected $ajax = false;
  58. protected $menus = true;
  59. protected $needLogin = false;
  60. protected $redirectAfterLogin = false;
  61. protected $needPost = false; // implies canPost if true
  62. protected $canPost = false; // can this action handle POST method?
  63. // The currently scoped profile (normally Profile::current; from $this->auth_user for API)
  64. protected $scoped = null;
  65. // Related to front-end user representation
  66. protected $format = null;
  67. protected $error = null;
  68. protected $msg = null;
  69. /**
  70. * Constructor
  71. *
  72. * Just wraps the HTMLOutputter constructor.
  73. *
  74. * @param string $output URI to output to, default = stdout
  75. * @param boolean $indent Whether to indent output, default true
  76. *
  77. * @see XMLOutputter::__construct
  78. * @see HTMLOutputter::__construct
  79. */
  80. public function __construct($output = 'php://output', $indent = null)
  81. {
  82. parent::__construct($output, $indent);
  83. }
  84. public static function run(array $args = [], $output = 'php://output', $indent = null)
  85. {
  86. $class = get_called_class();
  87. $action = new $class($output, $indent);
  88. set_exception_handler(array($action, 'handleError'));
  89. $action->execute($args);
  90. return $action;
  91. }
  92. public function getInfo()
  93. {
  94. return $this->msg;
  95. }
  96. public function handleError($e)
  97. {
  98. if ($e instanceof ClientException) {
  99. $this->clientError($e->getMessage(), $e->getCode());
  100. } elseif ($e instanceof ServerException) {
  101. $this->serverError($e->getMessage(), $e->getCode());
  102. } else {
  103. // If it wasn't specified more closely which kind of exception it was
  104. $this->serverError($e->getMessage(), 500);
  105. }
  106. }
  107. /**
  108. * Client error
  109. *
  110. * @param string $msg error message to display
  111. * @param integer $code http error code, 400 by default
  112. * @param string $format error format (json, xml, text) for ApiAction
  113. *
  114. * @return void
  115. * @throws ClientException always
  116. */
  117. public function clientError($msg, $code = 400, $format = null)
  118. {
  119. // $format is currently only relevant for an ApiAction anyway
  120. if ($format === null) {
  121. $format = $this->format;
  122. }
  123. common_debug("User error '{$code}' on '{$this->action}': {$msg}", __FILE__);
  124. if (!array_key_exists($code, ClientErrorAction::$status)) {
  125. $code = 400;
  126. }
  127. $status_string = ClientErrorAction::$status[$code];
  128. switch ($format) {
  129. case 'xml':
  130. header("HTTP/1.1 {$code} {$status_string}");
  131. $this->initDocument('xml');
  132. $this->elementStart('hash');
  133. $this->element('error', null, $msg);
  134. $this->element('request', null, $_SERVER['REQUEST_URI']);
  135. $this->elementEnd('hash');
  136. $this->endDocument('xml');
  137. break;
  138. case 'json':
  139. if (!isset($this->callback)) {
  140. header("HTTP/1.1 {$code} {$status_string}");
  141. }
  142. $this->initDocument('json');
  143. $error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']);
  144. print(json_encode($error_array));
  145. $this->endDocument('json');
  146. break;
  147. case 'text':
  148. header("HTTP/1.1 {$code} {$status_string}");
  149. header('Content-Type: text/plain; charset=utf-8');
  150. echo $msg;
  151. break;
  152. default:
  153. common_log(LOG_ERR, 'Handled clientError (' . _ve($code) . ') but cannot output into desired format (' . _ve($this->format) . '): ' . _ve($msg));
  154. $action = new ClientErrorAction($msg, $code);
  155. $action->execute();
  156. }
  157. exit((int)$code);
  158. }
  159. public function execute(array $args = [])
  160. {
  161. // checkMirror stuff
  162. if (common_config('db', 'mirror') && $this->isReadOnly($args)) {
  163. if (is_array(common_config('db', 'mirror'))) {
  164. // "load balancing", ha ha
  165. $arr = common_config('db', 'mirror');
  166. $k = array_rand($arr);
  167. $mirror = $arr[$k];
  168. } else {
  169. $mirror = common_config('db', 'mirror');
  170. }
  171. // everyone else uses the mirror
  172. common_config_set('db', 'database', $mirror);
  173. }
  174. if (Event::handle('StartActionExecute', array($this, &$args))) {
  175. $prepared = $this->prepare($args);
  176. if ($prepared) {
  177. $this->handle();
  178. } else {
  179. common_debug('Prepare failed for Action.');
  180. }
  181. $this->flush();
  182. Event::handle('EndActionExecute', array($this));
  183. }
  184. }
  185. /**
  186. * Return true if read only.
  187. *
  188. * MAY override
  189. *
  190. * @param array $args other arguments
  191. *
  192. * @return boolean is read only action?
  193. */
  194. public function isReadOnly($args)
  195. {
  196. return false;
  197. }
  198. /**
  199. * For initializing members of the class.
  200. *
  201. * @param array $args misc. arguments
  202. *
  203. * @return boolean true
  204. * @throws ClientException
  205. */
  206. protected function prepare(array $args = [])
  207. {
  208. if ($this->needPost && !$this->isPost()) {
  209. // TRANS: Client error. POST is a HTTP command. It should not be translated.
  210. $this->clientError(_('This method requires a POST.'), 405);
  211. }
  212. // needPost, of course, overrides canPost if true
  213. if (!$this->canPost) {
  214. $this->canPost = $this->needPost;
  215. }
  216. $this->args = common_copy_args($args);
  217. // This could be set with get_called_action and then
  218. // chop off 'Action' from the class name. In lower case.
  219. $this->action = strtolower($this->trimmed('action'));
  220. if ($this->ajax || $this->boolean('ajax')) {
  221. // check with GNUsocial::isAjax()
  222. GNUsocial::setAjax(true);
  223. }
  224. if ($this->needLogin) {
  225. $this->checkLogin(); // if not logged in, this redirs/excepts
  226. }
  227. if ($this->redirectAfterLogin) {
  228. common_set_returnto($this->selfUrl());
  229. }
  230. $this->updateScopedProfile();
  231. return true;
  232. }
  233. /**
  234. * Check if the current request is a POST
  235. *
  236. * @return boolean true if POST; otherwise false.
  237. */
  238. public function isPost()
  239. {
  240. return ($_SERVER['REQUEST_METHOD'] == 'POST');
  241. }
  242. // Must be run _after_ prepare
  243. /**
  244. * Returns trimmed query argument or default value if not found
  245. *
  246. * @param string $key requested argument
  247. * @param string $def default value to return if $key is not provided
  248. *
  249. * @return boolean is read only action?
  250. */
  251. public function trimmed($key, $def = null)
  252. {
  253. $arg = $this->arg($key, $def);
  254. return is_string($arg) ? trim($arg) : $arg;
  255. }
  256. /**
  257. * Returns query argument or default value if not found
  258. *
  259. * @param string $key requested argument
  260. * @param string $def default value to return if $key is not provided
  261. *
  262. * @return boolean is read only action?
  263. */
  264. public function arg($key, $def = null)
  265. {
  266. if (array_key_exists($key, $this->args)) {
  267. return $this->args[$key];
  268. } else {
  269. return $def;
  270. }
  271. }
  272. /**
  273. * Boolean understands english (yes, no, true, false)
  274. *
  275. * @param string $key query key we're interested in
  276. * @param string $def default value
  277. *
  278. * @return boolean interprets yes/no strings as boolean
  279. */
  280. public function boolean($key, $def = false)
  281. {
  282. $arg = strtolower($this->trimmed($key));
  283. if (is_null($arg)) {
  284. return $def;
  285. } elseif (in_array($arg, array('true', 'yes', '1', 'on'))) {
  286. return true;
  287. } elseif (in_array($arg, array('false', 'no', '0'))) {
  288. return false;
  289. } else {
  290. return $def;
  291. }
  292. }
  293. /**
  294. * If not logged in, take appropriate action (redir or exception)
  295. *
  296. * @param boolean $redir Redirect to login if not logged in
  297. *
  298. * @return boolean true if logged in (never returns if not)
  299. * @throws ClientException
  300. */
  301. public function checkLogin($redir = true)
  302. {
  303. if (common_logged_in()) {
  304. return true;
  305. }
  306. if ($redir == true) {
  307. common_set_returnto($_SERVER['REQUEST_URI']);
  308. common_redirect(common_local_url('login'));
  309. }
  310. // TRANS: Error message displayed when trying to perform an action that requires a logged in user.
  311. $this->clientError(_('Not logged in.'), 403);
  312. }
  313. public function updateScopedProfile()
  314. {
  315. $this->scoped = Profile::current();
  316. return $this->scoped;
  317. }
  318. /**
  319. * Handler method
  320. */
  321. protected function handle()
  322. {
  323. header('Vary: Accept-Encoding,Cookie');
  324. $lm = $this->lastModified();
  325. $etag = $this->etag();
  326. if ($etag) {
  327. header('ETag: ' . $etag);
  328. }
  329. if ($lm) {
  330. header('Last-Modified: ' . date(DATE_RFC1123, $lm));
  331. if ($this->isCacheable()) {
  332. header('Expires: ' . gmdate('D, d M Y H:i:s', 0) . ' GMT');
  333. header("Cache-Control: private, must-revalidate, max-age=0");
  334. header("Pragma:");
  335. }
  336. }
  337. $checked = false;
  338. if ($etag) {
  339. $if_none_match = (array_key_exists('HTTP_IF_NONE_MATCH', $_SERVER)) ?
  340. $_SERVER['HTTP_IF_NONE_MATCH'] : null;
  341. if ($if_none_match) {
  342. // If this check fails, ignore the if-modified-since below.
  343. $checked = true;
  344. if ($this->_hasEtag($etag, $if_none_match)) {
  345. header('HTTP/1.1 304 Not Modified');
  346. // Better way to do this?
  347. exit(0);
  348. }
  349. }
  350. }
  351. if (!$checked && $lm && array_key_exists('HTTP_IF_MODIFIED_SINCE', $_SERVER)) {
  352. $if_modified_since = $_SERVER['HTTP_IF_MODIFIED_SINCE'];
  353. $ims = strtotime($if_modified_since);
  354. if ($lm <= $ims) {
  355. header('HTTP/1.1 304 Not Modified');
  356. // Better way to do this?
  357. exit(0);
  358. }
  359. }
  360. }
  361. /**
  362. * Return last modified, if applicable.
  363. *
  364. * MAY override
  365. *
  366. * @return string last modified http header
  367. */
  368. public function lastModified()
  369. {
  370. // For comparison with If-Last-Modified
  371. // If not applicable, return null
  372. return null;
  373. }
  374. /**
  375. * Return etag, if applicable.
  376. *
  377. * MAY override
  378. *
  379. * @return string etag http header
  380. */
  381. public function etag()
  382. {
  383. return null;
  384. }
  385. /**
  386. * Is this action cacheable?
  387. *
  388. * If the action returns a last-modified
  389. *
  390. * @return boolean is read only action?
  391. */
  392. public function isCacheable()
  393. {
  394. return true;
  395. }
  396. /**
  397. * Has etag? (private)
  398. *
  399. * @param string $etag etag http header
  400. * @param string $if_none_match ifNoneMatch http header
  401. *
  402. * @return boolean
  403. */
  404. public function _hasEtag($etag, $if_none_match)
  405. {
  406. $etags = explode(',', $if_none_match);
  407. return in_array($etag, $etags) || in_array('*', $etags);
  408. }
  409. /**
  410. * Server error
  411. *
  412. * @param string $msg error message to display
  413. * @param integer $code http error code, 500 by default
  414. *
  415. * @param string $format
  416. * @return void
  417. */
  418. public function serverError($msg, $code = 500, $format = null)
  419. {
  420. if ($format === null) {
  421. $format = $this->format;
  422. }
  423. common_debug("Server error '{$code}' on '{$this->action}': {$msg}", __FILE__);
  424. if (!array_key_exists($code, ServerErrorAction::$status)) {
  425. $code = 500;
  426. }
  427. $status_string = ServerErrorAction::$status[$code];
  428. switch ($format) {
  429. case 'xml':
  430. header("HTTP/1.1 {$code} {$status_string}");
  431. $this->initDocument('xml');
  432. $this->elementStart('hash');
  433. $this->element('error', null, $msg);
  434. $this->element('request', null, $_SERVER['REQUEST_URI']);
  435. $this->elementEnd('hash');
  436. $this->endDocument('xml');
  437. break;
  438. case 'json':
  439. if (!isset($this->callback)) {
  440. header("HTTP/1.1 {$code} {$status_string}");
  441. }
  442. $this->initDocument('json');
  443. $error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']);
  444. print(json_encode($error_array));
  445. $this->endDocument('json');
  446. break;
  447. default:
  448. common_log(LOG_ERR, 'Handled serverError (' . _ve($code) . ') but cannot output into desired format (' . _ve($this->format) . '): ' . _ve($msg));
  449. $action = new ServerErrorAction($msg, $code);
  450. $action->execute();
  451. }
  452. exit((int)$code);
  453. }
  454. public function getScoped()
  455. {
  456. return ($this->scoped instanceof Profile) ? $this->scoped : null;
  457. }
  458. public function isAction(array $names)
  459. {
  460. foreach ($names as $class) {
  461. // PHP is case insensitive, and we have stuff like ApiUpperCaseAction,
  462. // but we at least make a point out of wanting to do stuff case-sensitive.
  463. $class = ucfirst($class) . 'Action';
  464. if ($this instanceof $class) {
  465. return true;
  466. }
  467. }
  468. return false;
  469. }
  470. /**
  471. * Show page, a template method.
  472. *
  473. * @return void
  474. * @throws ClientException
  475. * @throws ReflectionException
  476. * @throws ServerException
  477. */
  478. public function showPage()
  479. {
  480. if (GNUsocial::isAjax()) {
  481. self::showAjax();
  482. return;
  483. }
  484. if (Event::handle('StartShowHTML', array($this))) {
  485. $this->startHTML();
  486. $this->flush();
  487. Event::handle('EndShowHTML', array($this));
  488. }
  489. if (Event::handle('StartShowHead', array($this))) {
  490. $this->showHead();
  491. $this->flush();
  492. Event::handle('EndShowHead', array($this));
  493. }
  494. if (Event::handle('StartShowBody', array($this))) {
  495. $this->showBody();
  496. Event::handle('EndShowBody', array($this));
  497. }
  498. if (Event::handle('StartEndHTML', array($this))) {
  499. $this->endHTML();
  500. Event::handle('EndEndHTML', array($this));
  501. }
  502. }
  503. public function showAjax()
  504. {
  505. $this->startHTML('text/xml;charset=utf-8');
  506. $this->elementStart('head');
  507. // TRANS: Title for conversation page.
  508. $this->element('title', null, $this->title());
  509. $this->elementEnd('head');
  510. $this->elementStart('body');
  511. if ($this->getError()) {
  512. $this->element('p', array('id' => 'error'), $this->getError());
  513. } else {
  514. $this->showContent();
  515. }
  516. $this->elementEnd('body');
  517. $this->endHTML();
  518. }
  519. /**
  520. * Returns the page title
  521. *
  522. * SHOULD overload
  523. *
  524. * @return string page title
  525. */
  526. public function title()
  527. {
  528. // TRANS: Page title for a page without a title set.
  529. return _('Untitled page');
  530. }
  531. public function getError()
  532. {
  533. return $this->error;
  534. }
  535. /**
  536. * Show content.
  537. *
  538. * MUST overload (unless there's not a notice)
  539. *
  540. * @return void
  541. */
  542. protected function showContent()
  543. {
  544. }
  545. public function endHTML()
  546. {
  547. global $_startTime;
  548. if (isset($_startTime)) {
  549. $endTime = microtime(true);
  550. $diff = round(($endTime - $_startTime) * 1000);
  551. $this->raw("<!-- ${diff}ms -->");
  552. }
  553. parent::endHTML();
  554. }
  555. /**
  556. * Show head, a template method.
  557. *
  558. * @return void
  559. */
  560. public function showHead()
  561. {
  562. // XXX: attributes (profile?)
  563. $this->elementStart('head');
  564. if (Event::handle('StartShowHeadElements', array($this))) {
  565. if (Event::handle('StartShowHeadTitle', array($this))) {
  566. $this->showTitle();
  567. Event::handle('EndShowHeadTitle', array($this));
  568. }
  569. $this->showShortcutIcon();
  570. $this->showStylesheets();
  571. $this->showOpenSearch();
  572. $this->showFeeds();
  573. $this->showDescription();
  574. $this->extraHead();
  575. Event::handle('EndShowHeadElements', array($this));
  576. }
  577. $this->elementEnd('head');
  578. }
  579. /**
  580. * Show title, a template method.
  581. *
  582. * @return void
  583. */
  584. public function showTitle()
  585. {
  586. $this->element(
  587. 'title',
  588. null,
  589. // TRANS: Page title. %1$s is the title, %2$s is the site name.
  590. sprintf(
  591. _('%1$s - %2$s'),
  592. $this->title(),
  593. common_config('site', 'name')
  594. )
  595. );
  596. }
  597. /**
  598. * Show themed shortcut icon
  599. *
  600. * @return void
  601. */
  602. public function showShortcutIcon()
  603. {
  604. if (is_readable(INSTALLDIR . '/theme/' . common_config('site', 'theme') . '/favicon.ico')) {
  605. $this->element('link', array('rel' => 'shortcut icon',
  606. 'href' => Theme::path('favicon.ico')));
  607. } else {
  608. // favicon.ico should be HTTPS if the rest of the page is
  609. $this->element('link', array('rel' => 'shortcut icon',
  610. 'href' => common_path('favicon.ico', GNUsocial::isHTTPS())));
  611. }
  612. if (common_config('site', 'mobile')) {
  613. if (is_readable(INSTALLDIR . '/theme/' . common_config('site', 'theme') . '/apple-touch-icon.png')) {
  614. $this->element('link', array('rel' => 'apple-touch-icon',
  615. 'href' => Theme::path('apple-touch-icon.png')));
  616. } else {
  617. $this->element('link', array('rel' => 'apple-touch-icon',
  618. 'href' => common_path('apple-touch-icon.png')));
  619. }
  620. }
  621. }
  622. /**
  623. * Show stylesheets
  624. *
  625. * @return void
  626. */
  627. public function showStylesheets()
  628. {
  629. if (Event::handle('StartShowStyles', array($this))) {
  630. // Use old name for StatusNet for compatibility on events
  631. if (Event::handle('StartShowStylesheets', array($this))) {
  632. $this->primaryCssLink(null, 'screen, projection, tv, print');
  633. Event::handle('EndShowStylesheets', array($this));
  634. }
  635. $this->cssLink('js/extlib/jquery-ui/css/smoothness/jquery-ui.css');
  636. if (Event::handle('StartShowUAStyles', array($this))) {
  637. Event::handle('EndShowUAStyles', array($this));
  638. }
  639. Event::handle('EndShowStyles', array($this));
  640. if (common_config('custom_css', 'enabled')) {
  641. $css = common_config('custom_css', 'css');
  642. if (Event::handle('StartShowCustomCss', array($this, &$css))) {
  643. if (trim($css) != '') {
  644. $this->style($css);
  645. }
  646. Event::handle('EndShowCustomCss', array($this));
  647. }
  648. }
  649. }
  650. }
  651. public function primaryCssLink($mainTheme = null, $media = null)
  652. {
  653. $theme = new Theme($mainTheme);
  654. // Some themes may have external stylesheets
  655. foreach ($theme->getExternals() as $url) {
  656. $this->cssLink($url, $mainTheme, $media);
  657. }
  658. // If the currently-selected theme has dependencies on other themes,
  659. // we'll need to load their display.css files as well in order.
  660. $baseThemes = $theme->getDeps();
  661. foreach ($baseThemes as $baseTheme) {
  662. $this->cssLink('css/display.css', $baseTheme, $media);
  663. }
  664. $this->cssLink('css/display.css', $mainTheme, $media);
  665. // Additional styles for RTL languages
  666. if (is_rtl(common_language())) {
  667. if (file_exists(Theme::file('css/rtl.css'))) {
  668. $this->cssLink('css/rtl.css', $mainTheme, $media);
  669. }
  670. }
  671. }
  672. /**
  673. * Show OpenSearch headers
  674. *
  675. * @return void
  676. */
  677. public function showOpenSearch()
  678. {
  679. $this->element('link', array('rel' => 'search',
  680. 'type' => 'application/opensearchdescription+xml',
  681. 'href' => common_local_url('opensearch', array('type' => 'people')),
  682. 'title' => common_config('site', 'name') . ' People Search'));
  683. $this->element('link', array('rel' => 'search', 'type' => 'application/opensearchdescription+xml',
  684. 'href' => common_local_url('opensearch', array('type' => 'notice')),
  685. 'title' => common_config('site', 'name') . ' Notice Search'));
  686. }
  687. /**
  688. * Show feed headers
  689. *
  690. * MAY overload
  691. *
  692. * @return void
  693. */
  694. public function showFeeds()
  695. {
  696. foreach ($this->getFeeds() as $feed) {
  697. $this->element('link', array('rel' => $feed->rel(),
  698. 'href' => $feed->url,
  699. 'type' => $feed->mimeType(),
  700. 'title' => $feed->title));
  701. }
  702. }
  703. /**
  704. * An array of feeds for this action.
  705. *
  706. * Returns an array of potential feeds for this action.
  707. *
  708. * @return array Feed object to show in head and links
  709. */
  710. public function getFeeds()
  711. {
  712. return [];
  713. }
  714. /**
  715. * Show description.
  716. *
  717. * SHOULD overload
  718. *
  719. * @return void
  720. */
  721. public function showDescription()
  722. {
  723. // does nothing by default
  724. }
  725. /**
  726. * Show extra stuff in <head>.
  727. *
  728. * MAY overload
  729. *
  730. * @return void
  731. */
  732. public function extraHead()
  733. {
  734. // does nothing by default
  735. }
  736. /**
  737. * Show body.
  738. *
  739. * Calls template methods
  740. *
  741. * @return void
  742. * @throws ServerException
  743. * @throws ReflectionException
  744. */
  745. public function showBody()
  746. {
  747. $params = array('id' => $this->getActionName());
  748. if ($this->scoped instanceof Profile) {
  749. $params['class'] = 'user_in';
  750. }
  751. $this->elementStart('body', $params);
  752. $this->elementStart('div', array('id' => 'wrap'));
  753. if (Event::handle('StartShowHeader', array($this))) {
  754. $this->showHeader();
  755. $this->flush();
  756. Event::handle('EndShowHeader', array($this));
  757. }
  758. $this->showCore();
  759. $this->flush();
  760. if (Event::handle('StartShowFooter', array($this))) {
  761. $this->showFooter();
  762. $this->flush();
  763. Event::handle('EndShowFooter', array($this));
  764. }
  765. $this->elementEnd('div');
  766. $this->showScripts();
  767. $this->elementEnd('body');
  768. }
  769. public function getActionName()
  770. {
  771. return $this->action;
  772. }
  773. /**
  774. * Show header of the page.
  775. *
  776. * Calls template methods
  777. *
  778. * @return void
  779. * @throws ServerException
  780. */
  781. public function showHeader()
  782. {
  783. $this->elementStart('div', array('id' => 'header'));
  784. $this->showLogo();
  785. $this->showPrimaryNav();
  786. if (Event::handle('StartShowSiteNotice', array($this))) {
  787. $this->showSiteNotice();
  788. Event::handle('EndShowSiteNotice', array($this));
  789. }
  790. $this->elementEnd('div');
  791. }
  792. /**
  793. * Show configured logo.
  794. *
  795. * @return void
  796. * @throws ServerException
  797. */
  798. public function showLogo()
  799. {
  800. $this->elementStart('address', array('id' => 'site_contact', 'class' => 'h-card'));
  801. if (Event::handle('StartAddressData', array($this))) {
  802. if (common_config('singleuser', 'enabled')) {
  803. $user = User::singleUser();
  804. $url = common_local_url(
  805. 'showstream',
  806. array('nickname' => $user->nickname)
  807. );
  808. } elseif (common_logged_in()) {
  809. $cur = common_current_user();
  810. $url = common_local_url('all', array('nickname' => $cur->nickname));
  811. } else {
  812. $url = common_local_url('public');
  813. }
  814. $this->elementStart('a', array('class' => 'home bookmark',
  815. 'href' => $url));
  816. if (GNUsocial::isHTTPS()) {
  817. $logoUrl = common_config('site', 'ssllogo');
  818. if (empty($logoUrl)) {
  819. // if logo is an uploaded file, try to fall back to HTTPS file URL
  820. $httpUrl = common_config('site', 'logo');
  821. if (!empty($httpUrl)) {
  822. try {
  823. $f = File::getByUrl($httpUrl);
  824. if (!empty($f->filename)) {
  825. // this will handle the HTTPS case
  826. $logoUrl = File::url($f->filename);
  827. }
  828. } catch (NoResultException $e) {
  829. // no match
  830. }
  831. }
  832. }
  833. } else {
  834. $logoUrl = common_config('site', 'logo');
  835. }
  836. if (empty($logoUrl) && file_exists(Theme::file('logo.png'))) {
  837. // This should handle the HTTPS case internally
  838. $logoUrl = Theme::path('logo.png');
  839. }
  840. if (!empty($logoUrl)) {
  841. $this->element('img', array('class' => 'logo u-photo p-name',
  842. 'src' => $logoUrl,
  843. 'alt' => common_config('site', 'name')));
  844. }
  845. $this->elementEnd('a');
  846. Event::handle('EndAddressData', array($this));
  847. }
  848. $this->elementEnd('address');
  849. }
  850. /**
  851. * Show primary navigation.
  852. *
  853. * @return void
  854. */
  855. public function showPrimaryNav()
  856. {
  857. $this->elementStart('div', array('id' => 'site_nav_global_primary'));
  858. $user = common_current_user();
  859. if (!empty($user) || !common_config('site', 'private')) {
  860. $form = new SearchForm($this);
  861. $form->show();
  862. }
  863. $pn = new PrimaryNav($this);
  864. $pn->show();
  865. $this->elementEnd('div');
  866. }
  867. /**
  868. * Show site notice.
  869. *
  870. * @return void
  871. */
  872. public function showSiteNotice()
  873. {
  874. // Revist. Should probably do an hAtom pattern here
  875. $text = common_config('site', 'notice');
  876. if ($text) {
  877. $this->elementStart('div', array('id' => 'site_notice',
  878. 'class' => 'system_notice'));
  879. $this->raw($text);
  880. $this->elementEnd('div');
  881. }
  882. }
  883. /**
  884. * Show core.
  885. *
  886. * Shows local navigation, content block and aside.
  887. *
  888. * @return void
  889. * @throws ReflectionException
  890. */
  891. public function showCore()
  892. {
  893. $this->elementStart('div', array('id' => 'core'));
  894. $this->elementStart('div', array('id' => 'aside_primary_wrapper'));
  895. $this->elementStart('div', array('id' => 'content_wrapper'));
  896. $this->elementStart('div', array('id' => 'site_nav_local_views_wrapper'));
  897. if (Event::handle('StartShowLocalNavBlock', array($this))) {
  898. $this->showLocalNavBlock();
  899. $this->flush();
  900. Event::handle('EndShowLocalNavBlock', array($this));
  901. }
  902. if (Event::handle('StartShowContentBlock', array($this))) {
  903. $this->showContentBlock();
  904. $this->flush();
  905. Event::handle('EndShowContentBlock', array($this));
  906. }
  907. if (Event::handle('StartShowAside', array($this))) {
  908. $this->showAside();
  909. $this->flush();
  910. Event::handle('EndShowAside', array($this));
  911. }
  912. $this->elementEnd('div');
  913. $this->elementEnd('div');
  914. $this->elementEnd('div');
  915. $this->elementEnd('div');
  916. }
  917. /**
  918. * Show local navigation block.
  919. *
  920. * @return void
  921. */
  922. public function showLocalNavBlock()
  923. {
  924. // Need to have this ID for CSS; I'm too lazy to add it to
  925. // all menus
  926. $this->elementStart('div', array('id' => 'site_nav_local_views'));
  927. // Cheat cheat cheat!
  928. $this->showLocalNav();
  929. $this->elementEnd('div');
  930. }
  931. /**
  932. * Show local navigation.
  933. *
  934. * SHOULD overload
  935. *
  936. * @return void
  937. */
  938. public function showLocalNav()
  939. {
  940. $nav = new DefaultLocalNav($this);
  941. $nav->show();
  942. }
  943. /**
  944. * Show content block.
  945. *
  946. * @return void
  947. * @throws ReflectionException
  948. */
  949. public function showContentBlock()
  950. {
  951. $this->elementStart('div', array('id' => 'content'));
  952. if (common_logged_in()) {
  953. if (Event::handle('StartShowNoticeForm', array($this))) {
  954. $this->showNoticeForm();
  955. Event::handle('EndShowNoticeForm', array($this));
  956. }
  957. }
  958. if (Event::handle('StartShowPageTitle', array($this))) {
  959. $this->showPageTitle();
  960. Event::handle('EndShowPageTitle', array($this));
  961. }
  962. $this->showPageNoticeBlock();
  963. $this->elementStart('div', array('id' => 'content_inner'));
  964. // show the actual content (forms, lists, whatever)
  965. $this->showContent();
  966. $this->elementEnd('div');
  967. $this->elementEnd('div');
  968. }
  969. /**
  970. * Show notice form.
  971. *
  972. * MAY overload if no notice form needed... or direct message box????
  973. *
  974. * @return void
  975. */
  976. public function showNoticeForm()
  977. {
  978. // TRANS: Tab on the notice form.
  979. $tabs = array('status' => array('title' => _m('TAB', 'Status'),
  980. 'href' => common_local_url('newnotice')));
  981. $this->elementStart('div', 'input_forms');
  982. $this->element('label', array('for' => 'input_form_nav'), _m('TAB', 'Share your:'));
  983. if (Event::handle('StartShowEntryForms', array(&$tabs))) {
  984. $this->elementStart('ul', array('class' => 'nav',
  985. 'id' => 'input_form_nav'));
  986. foreach ($tabs as $tag => $data) {
  987. $tag = htmlspecialchars($tag);
  988. $attrs = array('id' => 'input_form_nav_' . $tag,
  989. 'class' => 'input_form_nav_tab');
  990. if ($tag == 'status') {
  991. $attrs['class'] .= ' current';
  992. }
  993. $this->elementStart('li', $attrs);
  994. $this->element(
  995. 'a',
  996. array('onclick' => 'return SN.U.switchInputFormTab("' . $tag . '");',
  997. 'href' => $data['href']),
  998. $data['title']
  999. );
  1000. $this->elementEnd('li');
  1001. }
  1002. $this->elementEnd('ul');
  1003. foreach ($tabs as $tag => $data) {
  1004. $attrs = array('class' => 'input_form',
  1005. 'id' => 'input_form_' . $tag);
  1006. if ($tag == 'status') {
  1007. $attrs['class'] .= ' current';
  1008. }
  1009. $this->elementStart('div', $attrs);
  1010. $form = null;
  1011. if (Event::handle('StartMakeEntryForm', array($tag, $this, &$form))) {
  1012. if ($tag == 'status') {
  1013. $options = $this->noticeFormOptions();
  1014. $form = new NoticeForm($this, $options);
  1015. }
  1016. Event::handle('EndMakeEntryForm', array($tag, $this, $form));
  1017. }
  1018. if (!empty($form)) {
  1019. $form->show();
  1020. }
  1021. $this->elementEnd('div');
  1022. }
  1023. }
  1024. $this->elementEnd('div');
  1025. }
  1026. public function noticeFormOptions()
  1027. {
  1028. return [];
  1029. }
  1030. /**
  1031. * Show page title.
  1032. *
  1033. * @return void
  1034. */
  1035. public function showPageTitle()
  1036. {
  1037. $this->element('h1', null, $this->title());
  1038. }
  1039. /**
  1040. * Show page notice block.
  1041. *
  1042. * Only show the block if a subclassed action has overrided
  1043. * Action::showPageNotice(), or an event handler is registered for
  1044. * the StartShowPageNotice event, in which case we assume the
  1045. * 'page_notice' definition list is desired. This is to prevent
  1046. * empty 'page_notice' definition lists from being output everywhere.
  1047. *
  1048. * @return void
  1049. * @throws ReflectionException
  1050. */
  1051. public function showPageNoticeBlock()
  1052. {
  1053. $rmethod = new ReflectionMethod($this, 'showPageNotice');
  1054. $dclass = $rmethod->getDeclaringClass()->getName();
  1055. if ($dclass != 'Action' || Event::hasHandler('StartShowPageNotice')) {
  1056. $this->elementStart('div', array('id' => 'page_notice',
  1057. 'class' => 'system_notice'));
  1058. if (Event::handle('StartShowPageNotice', array($this))) {
  1059. $this->showPageNotice();
  1060. Event::handle('EndShowPageNotice', array($this));
  1061. }
  1062. $this->elementEnd('div');
  1063. }
  1064. }
  1065. /**
  1066. * Show page notice.
  1067. *
  1068. * SHOULD overload (unless there's not a notice)
  1069. *
  1070. * @return void
  1071. */
  1072. public function showPageNotice()
  1073. {
  1074. }
  1075. /**
  1076. * Show Aside.
  1077. *
  1078. * @return void
  1079. * @throws ReflectionException
  1080. */
  1081. public function showAside()
  1082. {
  1083. $this->elementStart('div', array('id' => 'aside_primary',
  1084. 'class' => 'aside'));
  1085. $this->showProfileBlock();
  1086. if (Event::handle('StartShowObjectNavBlock', array($this))) {
  1087. $this->showObjectNavBlock();
  1088. Event::handle('EndShowObjectNavBlock', array($this));
  1089. }
  1090. if (Event::handle('StartShowSections', array($this))) {
  1091. $this->showSections();
  1092. Event::handle('EndShowSections', array($this));
  1093. }
  1094. if (Event::handle('StartShowExportData', array($this))) {
  1095. $this->showExportData();
  1096. Event::handle('EndShowExportData', array($this));
  1097. }
  1098. $this->elementEnd('div');
  1099. }
  1100. /**
  1101. * If there's a logged-in user, show a bit of login context
  1102. *
  1103. * @return void
  1104. * @throws Exception
  1105. */
  1106. public function showProfileBlock()
  1107. {
  1108. if (common_logged_in()) {
  1109. $block = new DefaultProfileBlock($this);
  1110. $block->show();
  1111. }
  1112. }
  1113. /**
  1114. * Show menu for an object (group, profile)
  1115. *
  1116. * This block will only show if a subclass has overridden
  1117. * the showObjectNav() method.
  1118. *
  1119. * @return void
  1120. * @throws ReflectionException
  1121. */
  1122. public function showObjectNavBlock()
  1123. {
  1124. $rmethod = new ReflectionMethod($this, 'showObjectNav');
  1125. $dclass = $rmethod->getDeclaringClass()->getName();
  1126. if ($dclass != 'Action') {
  1127. // Need to have this ID for CSS; I'm too lazy to add it to
  1128. // all menus
  1129. $this->elementStart('div', array('id' => 'site_nav_object',
  1130. 'class' => 'section'));
  1131. $this->showObjectNav();
  1132. $this->elementEnd('div');
  1133. }
  1134. }
  1135. /**
  1136. * Show object navigation.
  1137. *
  1138. * If there are things to do with this object, show it here.
  1139. *
  1140. * @return void
  1141. */
  1142. public function showObjectNav()
  1143. {
  1144. /* Nothing here. */
  1145. }
  1146. /**
  1147. * Show sections.
  1148. *
  1149. * SHOULD overload
  1150. *
  1151. * @return void
  1152. */
  1153. public function showSections()
  1154. {
  1155. // for each section, show it
  1156. }
  1157. /**
  1158. * Show export data feeds.
  1159. *
  1160. * @return void
  1161. */
  1162. public function showExportData()
  1163. {
  1164. $feeds = $this->getFeeds();
  1165. if (!empty($feeds)) {
  1166. $fl = new FeedList($this, $feeds);
  1167. $fl->show();
  1168. }
  1169. }
  1170. /**
  1171. * Show footer.
  1172. *
  1173. * @return void
  1174. */
  1175. public function showFooter()
  1176. {
  1177. $this->elementStart('div', array('id' => 'footer'));
  1178. if (Event::handle('StartShowInsideFooter', array($this))) {
  1179. $this->showSecondaryNav();
  1180. $this->showLicenses();
  1181. Event::handle('EndShowInsideFooter', array($this));
  1182. }
  1183. $this->elementEnd('div');
  1184. }
  1185. /**
  1186. * Show secondary navigation.
  1187. *
  1188. * @return void
  1189. */
  1190. public function showSecondaryNav()
  1191. {
  1192. $sn = new SecondaryNav($this);
  1193. $sn->show();
  1194. }
  1195. /**
  1196. * Show licenses.
  1197. *
  1198. * @return void
  1199. */
  1200. public function showLicenses()
  1201. {
  1202. $this->showGNUsocialLicense();
  1203. $this->showContentLicense();
  1204. }
  1205. /**
  1206. * Show GNU social license.
  1207. *
  1208. * @return void
  1209. */
  1210. public function showGNUsocialLicense()
  1211. {
  1212. if (common_config('site', 'broughtby')) {
  1213. // TRANS: First sentence of the GNU social site license. Used if 'broughtby' is set.
  1214. // TRANS: Text between [] is a link description, text between () is the link itself.
  1215. // TRANS: Make sure there is no whitespace between "]" and "(".
  1216. // TRANS: "%%site.broughtby%%" is the value of the variable site.broughtby
  1217. $instr = _('**%%site.name%%** is a social network, courtesy of [%%site.broughtby%%](%%site.broughtbyurl%%).');
  1218. } else {
  1219. // TRANS: First sentence of the GNU social site license. Used if 'broughtby' is not set.
  1220. $instr = _('**%%site.name%%** is a social network.');
  1221. }
  1222. $instr .= ' ';
  1223. // TRANS: Second sentence of the GNU social site license. Mentions the GNU social source code license.
  1224. // TRANS: Make sure there is no whitespace between "]" and "(".
  1225. // TRANS: [%1$s](%2$s) is a link description followed by the link itself
  1226. // TRANS: %3$s is the version of GNU social that is being used.
  1227. $instr .= sprintf(_('It runs on [%1$s](%2$s), version %3$s, available under the [GNU Affero General Public License](http://www.fsf.org/licensing/licenses/agpl-3.0.html).'), GNUSOCIAL_ENGINE, GNUSOCIAL_ENGINE_URL, GNUSOCIAL_VERSION);
  1228. $output = common_markup_to_html($instr);
  1229. $this->raw($output);
  1230. // do it
  1231. }
  1232. /**
  1233. * Show content license.
  1234. *
  1235. * @return void
  1236. */
  1237. public function showContentLicense()
  1238. {
  1239. if (Event::handle('StartShowContentLicense', array($this))) {
  1240. switch (common_config('license', 'type')) {
  1241. case 'private':
  1242. // TRANS: Content license displayed when license is set to 'private'.
  1243. // TRANS: %1$s is the site name.
  1244. $this->element('p', null, sprintf(
  1245. _('Content and data of %1$s are private and confidential.'),
  1246. common_config('site', 'name')
  1247. ));
  1248. // fall through
  1249. // no break
  1250. case 'allrightsreserved':
  1251. if (common_config('license', 'owner')) {
  1252. // TRANS: Content license displayed when license is set to 'allrightsreserved'.
  1253. // TRANS: %1$s is the copyright owner.
  1254. $this->element('p', null, sprintf(
  1255. _('Content and data copyright by %1$s. All rights reserved.'),
  1256. common_config('license', 'owner')
  1257. ));
  1258. } else {
  1259. // TRANS: Content license displayed when license is set to 'allrightsreserved' and no owner is set.
  1260. $this->element('p', null, _('Content and data copyright by contributors. All rights reserved.'));
  1261. }
  1262. break;
  1263. case 'cc': // fall through
  1264. default:
  1265. $this->elementStart('p');
  1266. $image = common_config('license', 'image');
  1267. $sslimage = common_config('license', 'sslimage');
  1268. if (GNUsocial::isHTTPS()) {
  1269. if (!empty($sslimage)) {
  1270. $url = $sslimage;
  1271. } elseif (preg_match('#^http://i.creativecommons.org/#', $image)) {
  1272. // CC support HTTPS on their images
  1273. $url = preg_replace('/^http/', 'https', $image, 1);
  1274. } else {
  1275. // Better to show mixed content than no content
  1276. $url = $image;
  1277. }
  1278. } else {
  1279. $url = $image;
  1280. }
  1281. $this->element('img', array('id' => 'license_cc',
  1282. 'src' => $url,
  1283. 'alt' => common_config('license', 'title'),
  1284. 'width' => '80',
  1285. 'height' => '15'));
  1286. $this->text(' ');
  1287. // TRANS: license message in footer.
  1288. // TRANS: %1$s is the site name, %2$s is a link to the license URL, with a licence name set in configuration.
  1289. $notice = _('All %1$s content and data are available under the %2$s license.');
  1290. $link = sprintf(
  1291. '<a class="license" rel="external license" href="%1$s">%2$s</a>',
  1292. htmlspecialchars(common_config('license', 'url')),
  1293. htmlspecialchars(common_config('license', 'title'))
  1294. );
  1295. $this->raw(@sprintf(
  1296. htmlspecialchars($notice),
  1297. htmlspecialchars(common_config('site', 'name')),
  1298. $link
  1299. ));
  1300. $this->elementEnd('p');
  1301. break;
  1302. }
  1303. Event::handle('EndShowContentLicense', array($this));
  1304. }
  1305. }
  1306. /**
  1307. * Show javascript headers
  1308. *
  1309. * @return void
  1310. */
  1311. public function showScripts()
  1312. {
  1313. if (Event::handle('StartShowScripts', array($this))) {
  1314. if (Event::handle('StartShowJQueryScripts', array($this))) {
  1315. $this->script('extlib/jquery.js');
  1316. $this->script('extlib/jquery.form.js');
  1317. $this->script('extlib/jquery-ui/jquery-ui.js');
  1318. $this->script('extlib/jquery.cookie.js');
  1319. Event::handle('EndShowJQueryScripts', array($this));
  1320. }
  1321. if (Event::handle('StartShowStatusNetScripts', array($this))) {
  1322. $this->script('util.js');
  1323. $this->script('xbImportNode.js');
  1324. // This route isn't available in single-user mode.
  1325. // Not sure why, but it causes errors here.
  1326. $this->inlineScript('var _peopletagAC = "' .
  1327. common_local_url('peopletagautocomplete') . '";');
  1328. $this->showScriptMessages();
  1329. $this->showScriptVariables();
  1330. // Anti-framing code to avoid clickjacking attacks in older browsers.
  1331. // This will show a blank page if the page is being framed, which is
  1332. // consistent with the behavior of the 'X-Frame-Options: SAMEORIGIN'
  1333. // header, which prevents framing in newer browser.
  1334. if (common_config('javascript', 'bustframes')) {
  1335. $this->inlineScript('if (window.top !== window.self) { document.write = ""; window.top.location = window.self.location; setTimeout(function () { document.body.innerHTML = ""; }, 1); window.self.onload = function () { document.body.innerHTML = ""; }; }');
  1336. }
  1337. Event::handle('EndShowStatusNetScripts', array($this));
  1338. }
  1339. Event::handle('EndShowScripts', array($this));
  1340. }
  1341. }
  1342. /**
  1343. * Exports a map of localized text strings to JavaScript code.
  1344. *
  1345. * Plugins can add to what's exported by hooking the StartScriptMessages or EndScriptMessages
  1346. * events and appending to the array. Try to avoid adding strings that won't be used, as
  1347. * they'll be added to HTML output.
  1348. */
  1349. public function showScriptMessages()
  1350. {
  1351. $messages = [];
  1352. if (Event::handle('StartScriptMessages', array($this, &$messages))) {
  1353. // Common messages needed for timeline views etc...
  1354. // TRANS: Localized tooltip for '...' expansion button on overlong remote messages.
  1355. $messages['showmore_tooltip'] = _m('TOOLTIP', 'Show more');
  1356. $messages['popup_close_button'] = _m('TOOLTIP', 'Close popup');
  1357. $messages = array_merge($messages, $this->getScriptMessages());
  1358. Event::handle('EndScriptMessages', array($this, &$messages));
  1359. }
  1360. if (!empty($messages)) {
  1361. $this->inlineScript('SN.messages=' . json_encode($messages));
  1362. }
  1363. return $messages;
  1364. }
  1365. /**
  1366. * If the action will need localizable text strings, export them here like so:
  1367. *
  1368. * return array('pool_deepend' => _('Deep end'),
  1369. * 'pool_shallow' => _('Shallow end'));
  1370. *
  1371. * The exported map will be available via SN.msg() to JS code:
  1372. *
  1373. * $('#pool').html('<div class="deepend"></div><div class="shallow"></div>');
  1374. * $('#pool .deepend').text(SN.msg('pool_deepend'));
  1375. * $('#pool .shallow').text(SN.msg('pool_shallow'));
  1376. *
  1377. * Exports a map of localized text strings to JavaScript code.
  1378. *
  1379. * Plugins can add to what's exported on any action by hooking the StartScriptMessages or
  1380. * EndScriptMessages events and appending to the array. Try to avoid adding strings that won't
  1381. * be used, as they'll be added to HTML output.
  1382. */
  1383. public function getScriptMessages()
  1384. {
  1385. return [];
  1386. }
  1387. protected function showScriptVariables()
  1388. {
  1389. $vars = [];
  1390. if (Event::handle('StartScriptVariables', array($this, &$vars))) {
  1391. $vars['urlNewNotice'] = common_local_url('newnotice');
  1392. $vars['xhrTimeout'] = ini_get('max_execution_time') * 1000; // milliseconds
  1393. Event::handle('EndScriptVariables', array($this, &$vars));
  1394. }
  1395. $this->inlineScript('SN.V = ' . json_encode($vars) . ';');
  1396. return $vars;
  1397. }
  1398. /**
  1399. * Show anonymous message.
  1400. *
  1401. * SHOULD overload
  1402. *
  1403. * @return void
  1404. */
  1405. public function showAnonymousMessage()
  1406. {
  1407. // needs to be defined by the class
  1408. }
  1409. /**
  1410. * This is a cheap hack to avoid a bug in DB_DataObject
  1411. * where '' is non-type-aware compared to 0, which means it
  1412. * will always be true for values like false and 0 too...
  1413. *
  1414. * Upstream bug is::
  1415. * https://pear.php.net/bugs/bug.php?id=20291
  1416. */
  1417. public function booleanintstring($key, $def = false)
  1418. {
  1419. return $this->boolean($key, $def) ? '1' : '0';
  1420. }
  1421. /**
  1422. * Integer value of an argument
  1423. *
  1424. * @param string $key query key we're interested in
  1425. * @param string $defValue optional default value (default null)
  1426. * @param string $maxValue optional max value (default null)
  1427. * @param string $minValue optional min value (default null)
  1428. *
  1429. * @return integer integer value
  1430. */
  1431. public function int($key, $defValue = null, $maxValue = null, $minValue = null)
  1432. {
  1433. $arg = intval($this->arg($key));
  1434. if (!is_numeric($this->arg($key)) || $arg != $this->arg($key)) {
  1435. return $defValue;
  1436. }
  1437. if (!is_null($maxValue)) {
  1438. $arg = min($arg, $maxValue);
  1439. }
  1440. if (!is_null($minValue)) {
  1441. $arg = max($arg, $minValue);
  1442. }
  1443. return $arg;
  1444. }
  1445. /**
  1446. * Returns the current URL
  1447. *
  1448. * @return string current URL
  1449. */
  1450. public function selfUrl()
  1451. {
  1452. list($action, $args) = $this->returnToArgs();
  1453. return common_local_url($action, $args);
  1454. }
  1455. /**
  1456. * Generate pagination links
  1457. *
  1458. * @param boolean $have_before is there something before?
  1459. * @param boolean $have_after is there something after?
  1460. * @param integer $page current page
  1461. * @param string $action current action
  1462. * @param array $args rest of query arguments
  1463. *
  1464. * @return void
  1465. */
  1466. // XXX: The messages in this pagination method only tailor to navigating
  1467. // notices. In other lists, "Previous"/"Next" type navigation is
  1468. // desirable, but not available.
  1469. /**
  1470. * Returns arguments sufficient for re-constructing URL
  1471. *
  1472. * @return array two elements: action, other args
  1473. */
  1474. public function returnToArgs()
  1475. {
  1476. $action = $this->getActionName();
  1477. $args = $this->args;
  1478. unset($args['action']);
  1479. if (common_config('site', 'fancy')) {
  1480. unset($args['p']);
  1481. }
  1482. if (array_key_exists('submit', $args)) {
  1483. unset($args['submit']);
  1484. }
  1485. foreach (array_keys($_COOKIE) as $cookie) {
  1486. unset($args[$cookie]);
  1487. }
  1488. return array($action, $args);
  1489. }
  1490. /**
  1491. * Generate a menu item
  1492. *
  1493. * @param string $url menu URL
  1494. * @param string $text menu name
  1495. * @param string $title title attribute, null by default
  1496. * @param boolean $is_selected current menu item, false by default
  1497. * @param string $id element id, null by default
  1498. *
  1499. * @return void
  1500. */
  1501. public function menuItem($url, $text, $title = null, $is_selected = false, $id = null, $class = null)
  1502. {
  1503. // Added @id to li for some control.
  1504. // XXX: We might want to move this to htmloutputter.php
  1505. $lattrs = [];
  1506. $classes = [];
  1507. if ($class !== null) {
  1508. $classes[] = trim($class);
  1509. }
  1510. if ($is_selected) {
  1511. $classes[] = 'current';
  1512. }
  1513. if (!empty($classes)) {
  1514. $lattrs['class'] = implode(' ', $classes);
  1515. }
  1516. if (!is_null($id)) {
  1517. $lattrs['id'] = $id;
  1518. }
  1519. $this->elementStart('li', $lattrs);
  1520. $attrs['href'] = $url;
  1521. if ($title) {
  1522. $attrs['title'] = $title;
  1523. }
  1524. $this->element('a', $attrs, $text);
  1525. $this->elementEnd('li');
  1526. }
  1527. /**
  1528. * Check the session token.
  1529. *
  1530. * Checks that the current form has the correct session token,
  1531. * and throw an exception if it does not.
  1532. *
  1533. * @return void
  1534. */
  1535. // XXX: Finding this type of check with the same message about 50 times.
  1536. // Possible to refactor?
  1537. public function pagination($have_before, $have_after, $page, $action, $args = null)
  1538. {
  1539. // Does a little before-after block for next/prev page
  1540. if ($have_before || $have_after) {
  1541. $this->elementStart('ul', array('class' => 'nav',
  1542. 'id' => 'pagination'));
  1543. }
  1544. if ($have_before) {
  1545. $pargs = array('page' => $page - 1);
  1546. $this->elementStart('li', array('class' => 'nav_prev'));
  1547. $this->element(
  1548. 'a',
  1549. array('href' => common_local_url($action, $args, $pargs),
  1550. 'rel' => 'prev'),
  1551. // TRANS: Pagination message to go to a page displaying information more in the
  1552. // TRANS: present than the currently displayed information.
  1553. _('After')
  1554. );
  1555. $this->elementEnd('li');
  1556. }
  1557. if ($have_after) {
  1558. $pargs = array('page' => $page + 1);
  1559. $this->elementStart('li', array('class' => 'nav_next'));
  1560. $this->element(
  1561. 'a',
  1562. array('href' => common_local_url($action, $args, $pargs),
  1563. 'rel' => 'next'),
  1564. // TRANS: Pagination message to go to a page displaying information more in the
  1565. // TRANS: past than the currently displayed information.
  1566. _('Before')
  1567. );
  1568. $this->elementEnd('li');
  1569. }
  1570. if ($have_before || $have_after) {
  1571. $this->elementEnd('ul');
  1572. }
  1573. }
  1574. public function checkSessionToken()
  1575. {
  1576. // CSRF protection
  1577. $token = $this->trimmed('token');
  1578. if (empty($token) || $token != common_session_token()) {
  1579. // TRANS: Client error text when there is a problem with the session token.
  1580. $this->clientError(_('There was a problem with your session token.'));
  1581. }
  1582. }
  1583. }