Skip to content

Commit

Permalink
movre 0.85 to trunk
Browse files Browse the repository at this point in the history
  • Loading branch information
@moyooo
moyooo committed Sep 11, 2013
1 parent 3af2495 commit 5b2033c
Show file tree
Hide file tree
Showing 1,370 changed files with 328,044 additions and 292,497 deletions.
1 change: 1 addition & 0 deletions AUTHORS.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,3 +10,4 @@ Damien Touraine

Contibutors :
Olivier Andreotti
Alexandre Delaunay
50 changes: 24 additions & 26 deletions ajax/autocompletion.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
*/

// Include plugin if it is a plugin table
if (!strstr($_POST['itemtype'],"Plugin")) {
if (!strstr($_GET['itemtype'],"Plugin")) {
$AJAX_INCLUDE = 1;
}
include ('../inc/includes.php');
Expand All @@ -42,66 +42,64 @@
Session::checkLoginUser();

// Security
if (!isset($_POST['itemtype']) || !($item = getItemForItemtype($_POST['itemtype']))) {
if (!isset($_GET['itemtype']) || !($item = getItemForItemtype($_GET['itemtype']))) {
exit();
}

$item->getEmpty();
$table = $item->getTable();
// Security
if (!isset($item->fields[$_POST['field']]) || !$item->canView()) {
if (!isset($item->fields[$_GET['field']]) || !$item->canView()) {
exit();
}

// Security : blacklist fields
if (in_array($table.'.'.$_POST['field'],
if (in_array($table.'.'.$_GET['field'],
array('glpi_authldaps.rootdn', 'glpi_authldaps.rootdn_passwd',
'glpi_configs.proxy_passwd', 'glpi_mailcollectors.login',
'glpi_configs.value', 'glpi_mailcollectors.login',
'glpi_mailcollectors.passwd', 'glpi_users.name', 'glpi_users.password'))) {
exit();
}


$entity = "";
if (isset($_POST['entity_restrict']) && $_POST['entity_restrict']>=0) {
if (isset($_GET['entity_restrict']) && $_GET['entity_restrict']>=0) {
if ($item->isEntityAssign()) {
$entity = " AND `entities_id` = '".$_POST['entity_restrict']."' ";
$entity = " AND `entities_id` = '".$_GET['entity_restrict']."' ";
}
}

if (isset($_POST['user_restrict']) && $_POST['user_restrict']>0) {
$entity = " AND `users_id` = '".$_POST['user_restrict']."' ";
if (isset($_GET['user_restrict']) && $_GET['user_restrict']>0) {
$entity = " AND `users_id` = '".$_GET['user_restrict']."' ";
}

$query = "SELECT COUNT(`".$_POST['field']."`)
$query = "SELECT COUNT(`".$_GET['field']."`)
FROM `$table`
WHERE `".$_POST['field']."` LIKE '".$_POST['query']."%'
AND `".$_POST['field']."` <> '".$_POST['query']."'
WHERE `".$_GET['field']."` LIKE '".$_GET['term']."%'
AND `".$_GET['field']."` <> '".$_GET['term']."'
$entity ";
$result = $DB->query($query);
$totnum = $DB->result($result,0,0);

$query = "SELECT DISTINCT `".$_POST['field']."` AS VAL
$query = "SELECT DISTINCT `".$_GET['field']."` AS VAL
FROM `$table`
WHERE `".$_POST['field']."` LIKE '".$_POST['query']."%'
AND `".$_POST['field']."` <> '".$_POST['query']."'
WHERE `".$_GET['field']."` LIKE '".$_GET['term']."%'
AND `".$_GET['field']."` <> '".$_GET['term']."'
$entity
ORDER BY `".$_POST['field']."`
LIMIT ".intval($_POST['start']).",".intval($_POST['limit']);
ORDER BY `".$_GET['field']."`";

$values = array();
if ($result=$DB->query($query)) {
echo '{"totalCount":'.$totnum.',"items":[';


if ($DB->numrows($result)>0) {
$first = true;
while ($data=$DB->fetch_assoc($result)) {
if ($first) {
$first = false;
} else {
echo ',';
}
echo '{"value":"'.$data['VAL'].'"}';
$values[]=$data['VAL'];
}
}
echo ']}';
}
?>
if (count($values)) {
echo json_encode($values);
}
?>
2 changes: 1 addition & 1 deletion ajax/comments.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@

if (isset($_POST['withlink'])) {
echo "<script type='text/javascript' >\n";
echo "Ext.get('".$_POST['withlink']."').dom.href='".$tmpname['link']."';";
echo Html::jsGetElementbyID($_POST['withlink']).".attr('href', '".$tmpname['link']."');";
echo "</script>\n";
}
break;
Expand Down
47 changes: 31 additions & 16 deletions ajax/common.tabs.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,41 +40,56 @@
Html::header_nocache();
}

if (!isset($_POST['glpi_tab'])) {
if (!isset($_GET['_glpi_tab'])) {
exit();
}

if (!isset($_POST['itemtype']) || empty($_POST['itemtype'])) {
if (!isset($_GET['_itemtype']) || empty($_GET['_itemtype'])) {
exit();
}

if (!isset($_POST["sort"])) {
$_POST["sort"] = "";
if (!isset($_GET["sort"])) {
$_GET["sort"] = "";
}

if (!isset($_POST["order"])) {
$_POST["order"] = "";
if (!isset($_GET["order"])) {
$_GET["order"] = "";
}

if (!isset($_POST["withtemplate"])) {
$_POST["withtemplate"] = "";
if (!isset($_GET["withtemplate"])) {
$_GET["withtemplate"] = "";
}

if ($item = getItemForItemtype($_POST['itemtype'])) {
if ($item instanceof CommonDBTM
&& $item->isNewItem()
&& (!isset($_POST["id"]) || !$item->can($_POST["id"],'r'))) {
exit();
if ($item = getItemForItemtype($_GET['_itemtype'])) {
if ($item->get_item_to_display_tab) {
// No id if ruleCollection but check right
if ($item instanceof RuleCollection) {
if (!$item->canList()) {
exit();
}
} else if (!isset($_GET["id"])|| $item->isNewID($_GET["id"])) {
if (!$item->can(-1, CREATE, $_GET)) {
exit();
}
} else if (!$item->can($_GET["id"], READ)) {
exit();
}
}
}

CommonGLPI::displayStandardTab($item, $_POST['glpi_tab'],$_POST["withtemplate"]);
$notvalidoptions = array('_glpi_tab', '_itemtype', 'sort', 'order', 'withtemplate');
$options = $_GET;
foreach ($notvalidoptions as $key) {
if (isset($options[$key])) {
unset($options[$key]);
}
}
CommonGLPI::displayStandardTab($item, $_GET['_glpi_tab'],$_GET["withtemplate"], $options);


if (isset($_POST['full_page_tab'])) {
echo "<div class='center' id='debugajax'>";
Html::showSimpleForm($_SERVER['REQUEST_URI'], 'full_page_tab',
'Reload this tab', $_POST);
Html::showSimpleForm($_SERVER['REQUEST_URI'], 'full_page_tab', 'Reload this tab', $_POST);
echo "</div>";

Html::footer();
Expand Down
42 changes: 23 additions & 19 deletions ajax/dropdownAllItems.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,34 +50,38 @@
}

$rand = mt_rand();
$use_ajax = false;

if ($CFG_GLPI["use_ajax"]
&& (countElementsInTable($table) > $CFG_GLPI["ajax_limit_count"])) {
$use_ajax = true;
}

$paramsallitems = array('searchText' => '__VALUE__',
'table' => $table,
'itemtype' => $_POST["idtable"],
'rand' => $rand,
'myname' => $_POST["myname"],
'displaywith' => array('otherserial', 'serial'),
'display_emptychoice' => true);
$field_id = Html::cleanId("dropdown_".$_POST["name"].$rand);

$p = array('value' => 0,
'valuename' => Dropdown::EMPTY_VALUE,
'itemtype' => $_POST["idtable"],
'display_emptychoice' => true,
'displaywith' => array('otherserial', 'serial'));
if (isset($_POST['value'])) {
$paramsallitems['value'] = $_POST['value'];
$p['value'] = $_POST['value'];
}
if (isset($_POST['entity_restrict'])) {
$paramsallitems['entity_restrict'] = $_POST['entity_restrict'];
$p['entity_restrict'] = $_POST['entity_restrict'];
}
if (isset($_POST['condition'])) {
$paramsallitems['condition'] = stripslashes($_POST['condition']);
$p['condition'] = $_POST['condition'];
}
echo Html::jsAjaxDropdown($_POST["name"], $field_id,
$CFG_GLPI['root_doc']."/ajax/getDropdownValue.php",
$p);

$default = "<select name='".$_POST["myname"]."'><option value='0'>".Dropdown::EMPTY_VALUE.
"</option></select>";
Ajax::dropdown($use_ajax, "/ajax/$link", $paramsallitems, $default, $rand);
if (!empty($_POST['showItemSpecificity'])) {
$params = array('items_id' => '__VALUE__',
'itemtype' => $_POST["idtable"]);
if (isset($_POST['entity_restrict'])) {
$params['entity_restrict'] = $_POST['entity_restrict'];
}

Ajax::updateItemOnSelectEvent($field_id, "showItemSpecificity_".$_POST["name"]."$rand",
$_POST['showItemSpecificity'], $params);

echo "<br><span id='showItemSpecificity_".$_POST["name"]."$rand'>&nbsp;</span>\n";
}
}
?>
Loading

0 comments on commit 5b2033c

Please sign in to comment.