2 /**********************************************************************
3 Copyright (C) FrontAccounting, LLC.
4 Released under the terms of the GNU General Public License, GPL,
5 as published by the Free Software Foundation, either version 3
6 of the License, or (at your option) any later version.
7 This program is distributed in the hope that it will be useful,
8 but WITHOUT ANY WARRANTY; without even the implied warranty of
9 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10 See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
11 ***********************************************************************/
13 Retrieve value of POST variable(s).
14 For $name passed as array $dflt is not used,
15 default values can be passed as values with non-numeric keys instead.
16 If some field have user formatted numeric value, pass float default value to
17 convert automatically to POSIX.
19 function get_post($name, $dflt='')
21 if (is_array($name)) {
23 foreach($name as $key => $dflt)
24 if (!is_numeric($key)) {
25 $ret[$key] = is_float($dflt) ? input_num($key, $dflt) : get_post($key, $dflt);
27 $ret[$dflt] = get_post($dflt, null);
31 return is_float($dflt) ? input_num($name, $dflt) :
32 ((!isset($_POST[$name]) /*|| $_POST[$name] === ''*/) ? $dflt : $_POST[$name]);
34 //---------------------------------------------------------------------------------
37 function start_form($multi=false, $dummy=false, $action="", $name="")
39 // $dummy - leaved for compatibility with 2.0 API
42 if (++$form_nested) return;
45 $name = "name='$name'";
47 $action = $_SERVER['PHP_SELF'];
50 echo "<form enctype='multipart/form-data' method='post' action='$action' $name>\n";
52 echo "<form method='post' action='$action' $name>\n";
57 Flush hidden fields buffer.
59 function output_hidden()
61 global $hidden_fields;
63 if (is_array($hidden_fields))
64 echo implode('', $hidden_fields);
65 $hidden_fields = array();
67 //---------------------------------------------------------------------------------
69 function end_form($breaks=0)
71 global $Ajax, $form_nested, $hidden_fields;
73 if ($form_nested-- > 0) return;
75 $_SESSION['csrf_token'] = random_id();
79 hidden('_modified', get_post('_modified', 0));
80 hidden('_confirmed'); // helper for final form confirmation
81 hidden('_token', $_SESSION['csrf_token']);
85 $Ajax->activate('_token');
86 $Ajax->activate('_confirmed');
89 function check_csrf_token()
91 if ($_SESSION['csrf_token'] != @$_POST['_token'])
93 display_error(_("Request from outside of this page is forbidden."));
94 error_log(_("CSRF attack detected from: ").@$_SERVER['HTTP_HOST'].' ('.@$_SERVER['HTTP_REFERER'].')');
100 function start_table($class=false, $extra="", $padding='2', $spacing='0')
102 echo "<center><table";
103 if ($class == TABLESTYLE_NOBORDER)
104 echo " class='tablestyle_noborder'";
105 elseif ($class == TABLESTYLE2)
106 echo " class='tablestyle2'";
107 elseif ($class == TABLESTYLE)
108 echo " class='tablestyle'";
111 echo " cellpadding='$padding' cellspacing='$spacing'>\n";
114 function end_table($breaks=0)
116 echo "</table></center>\n";
122 function start_outer_table($class=false, $extra="", $padding='2', $spacing='0', $br=false)
126 start_table($class, $extra, $padding, $spacing);
127 echo "<tr valign=top><td>\n"; // outer table
130 function table_section($number=1, $width=false)
136 $width = ($width ? "width='$width'" : "");
137 echo "</td><td style='border-left:1px solid #cccccc;' $width>\n"; // outer table
139 echo "<table class='tablestyle_inner'>\n";
142 function end_outer_table($breaks=0, $close_table=true)
153 // outer table spacer
155 function vertical_space($params='')
157 echo "</td></tr><tr><td valign=center $params>";
160 function meta_forward($forward_to, $params="", $timeout=0, $return=false)
163 echo "<meta http-equiv='Refresh' content='".$timeout."; url=$forward_to?$params'>\n";
164 echo "<center><br>" . _("You should automatically be forwarded.");
165 echo " " . _("If this does not happen") . " " . "<a href='$forward_to?$params'>" . _("click here") . "</a> " . _("to continue") . ".<br><br></center>\n";
166 if ($params !='') $params = '?'.$params;
167 $Ajax->redirect($forward_to.$params);
171 //-----------------------------------------------------------------------------------
172 // Find and replace hotkey marker.
173 // if $clean == true marker is removed and clean label is returned
174 // (for use in wiki help system), otherwise result is array of label
175 // with underlined hotkey letter and access property string.
177 function access_string($label, $clean=false)
182 if (preg_match('/(.*)&([a-zA-Z0-9])(.*)/', $label, $slices))
184 $label = $clean ? $slices[1].$slices[2].$slices[3] :
185 $slices[1].'<u>'.$slices[2].'</u>'.$slices[3];
186 $access = " accesskey='".strtoupper($slices[2])."'";
189 $label = str_replace( '&&', '&', $label);
191 return $clean ? $label : array($label, $access);
194 function hyperlink_back($center=true, $no_menu=true, $type_no=0, $trans_no=0, $final=false)
196 global $path_to_root;
201 if ($no_menu && $trans_no != 0)
203 include_once($path_to_root."/admin/db/attachments_db.inc");
204 $id = has_attachment($type_no, $trans_no);
205 $attach = get_attachment_string($type_no, $trans_no);
208 $width = ($id != 0 ? "30%" : "20%");
209 start_table(false, "width='$width'");
213 echo "<td align=center><a href='javascript:window.print();'>"._("Print")."</a></td>\n";
215 echo "<td align=center><a href='javascript:goBack(".($final ? '-2' : '').");'>".($no_menu ? _("Close") : _("Back"))."</a></td>\n";
223 function hyperlink_no_params($target, $label, $center=true)
225 $id = default_focus();
226 $pars = access_string($label);
228 $target = $_SERVER['PHP_SELF'];
231 echo "<a href='$target' id='$id' $pars[1]>$pars[0]</a>\n";
236 function hyperlink_no_params_td($target, $label)
239 hyperlink_no_params($target, $label);
243 function viewer_link($label, $url='', $class='', $id='', $icon=null)
245 global $path_to_root;
248 $class = " class='$class'";
251 $class = " id='$id'";
255 $pars = access_string($label);
256 if (user_graphic_links() && $icon)
257 $pars[0] = set_icon($icon, $pars[0]);
258 $preview_str = "<a target='_blank' $class $id href='$path_to_root/$url' onclick=\"javascript:openWindow(this.href,this.target); return false;\"$pars[1]>$pars[0]</a>";
261 $preview_str = $label;
265 function menu_link($url, $label, $id=null)
267 global $path_to_root;
269 $id = default_focus($id);
270 $pars = access_string($label);
274 $url = $path_to_root.$url;
276 return "<a href='$url' class='menu_option' id='$id' $pars[1]>$pars[0]</a>";
279 function submenu_option($title, $url, $id=null)
281 display_note( menu_link($url, $title, $id), 0, 1);
284 function submenu_view($title, $type, $number, $id=null)
286 display_note(get_trans_view_str($type, $number, $title, false, 'viewlink', $id), 0, 1);
289 function submenu_print($title, $type, $number, $id=null, $email=0, $extra=0)
291 display_note(print_document_link($number, $title, true, $type, false, 'printlink', $id, $email, $extra), 0, 1);
293 //-----------------------------------------------------------------------------------
295 function hyperlink_params($target, $label, $params, $center=true)
297 $id = default_focus();
299 $pars = access_string($label);
301 $target = $_SERVER['PHP_SELF'];
304 echo "<a id='$id' href='$target?$params'$pars[1]>$pars[0]</a>\n";
309 function hyperlink_params_td($target, $label, $params)
312 hyperlink_params($target, $label, $params, false);
316 //-----------------------------------------------------------------------------------
318 function hyperlink_params_separate($target, $label, $params, $center=false)
320 $id = default_focus();
322 $pars = access_string($label);
325 echo "<a target='_blank' id='$id' href='$target?$params' $pars[1]>$pars[0]</a>\n";
330 function hyperlink_params_separate_td($target, $label, $params)
333 hyperlink_params_separate($target, $label, $params);
337 //--------------------------------------------------------------------------------------------------
339 function alt_table_row_color(&$k, $extra_class=null)
341 $classes = $extra_class ? array($extra_class) : array();
344 array_push($classes, 'oddrow');
349 array_push($classes, 'evenrow');
352 echo "<tr class='".implode(' ', $classes)."'>\n";
355 function table_section_title($msg, $colspan=2)
357 echo "<tr><td colspan=$colspan class='tableheader'>$msg</td></tr>\n";
360 function table_header($labels, $params='')
363 foreach ($labels as $label)
364 labelheader_cell($label, $params);
367 //-----------------------------------------------------------------------------------
369 function start_row($param="")
372 echo "<tr $param>\n";
384 for ($i = 0; $i < $num; $i++)
388 $ajax_divs = array();
390 function div_start($id='', $trigger=null, $non_ajax=false)
394 if ($non_ajax) { // div for non-ajax elements
395 array_push($ajax_divs, array($id, null));
396 echo "<div style='display:none' class='js_only' ".($id !='' ? "id='$id'" : '').">";
397 } else { // ajax ready div
398 array_push($ajax_divs, array($id, $trigger===null ? $id : $trigger));
399 echo "<div ". ($id !='' ? "id='$id'" : '').">";
406 global $ajax_divs, $Ajax;
409 if (count($ajax_divs))
411 $div = array_pop($ajax_divs);
412 if ($div[1] !== null)
413 $Ajax->addUpdate($div[1], $div[0], ob_get_flush());
418 //-----------------------------------------------------------------------------
420 // $name - prefix for widget internal elements:
421 // Nth tab submit name: {$name}_N
422 // div id: _{$name}_div
423 // sel (hidden) name: _{$name}_sel
424 // $tabs - array of tabs; string: tab title or array(tab_title, enabled_status)
426 function tabbed_content_start($name, $tabs, $dft='') {
429 $selname = '_'.$name.'_sel';
430 $div = '_'.$name.'_div';
432 $sel = find_submit($name.'_', false);
434 $sel = get_post($selname, (string)($dft==='' ? key($tabs) : $dft));
436 if ($sel!==@$_POST[$selname])
437 $Ajax->activate($name);
439 $_POST[$selname] = $sel;
442 $str = "<ul class='ajaxtabs' rel='$div'>\n";
443 foreach($tabs as $tab_no => $tab) {
445 $acc = access_string(is_array($tab) ? $tab[0] : $tab);
446 $disabled = (is_array($tab) && !$tab[1]) ? 'disabled ' : '';
448 ."<button type='submit' name='{$name}_".$tab_no
449 ."' class='".((string)$tab_no===$sel ? 'current':'ajaxbutton')."' $acc[1] $disabled>"
450 ."<span>$acc[0]</span>"
456 $str .= "<div class='spaceBox'></div>\n";
457 $str .= "<input type='hidden' name='$selname' value='$sel'>\n";
458 $str .= "<div class='contentBox' id='$div'>\n";
462 function tabbed_content_end() {
464 echo "</div>"; // content box (don't change to div_end() unless div_start() is used above)
465 div_end(); // tabs widget
468 function tab_changed($name)
470 $to = find_submit("{$name}_", false);
471 if (!$to) return null;
473 return array('from' => $from = get_post("_{$name}_sel"),
477 Check whether tab has been just switched on
479 function tab_opened($name, $tab)
481 return (get_post('_'.$name.'_sel') != $tab) && (find_submit($name.'_', false) == $tab);
484 Check whether tab has been just switched off
486 function tab_closed($name, $tab)
488 return (get_post('_'.$name.'_sel') == $tab) && (find_submit($name.'_', false) != $tab);
491 Check whether tab is visible on current page
493 function tab_visible($name, $tab)
495 $new = find_submit($name.'_', false);
496 return (get_post('_'.$name.'_sel') == $tab && !$new) || $new==$tab;
499 /* Table editor interfaces. Key is editor type
500 0 => url of editor page
504 $popup_editors = array(
505 'customer' => array('/sales/manage/customers.php?debtor_no=',
506 113, _("Customers"), 900, 600),
507 'branch' => array('/sales/manage/customer_branches.php?SelectedBranch=',
508 114, _("Branches"), 900, 700),
509 'supplier' => array('/purchasing/manage/suppliers.php?supplier_id=',
510 113, _("Suppliers"), 900, 700),
511 'item' => array('/inventory/manage/items.php?stock_id=',
512 115, _("Items"), 800, 600),
513 'fa_item' => array('/inventory/manage/items.php?FixedAsset=1&stock_id=',
514 115, _("Items"), 800, 600)
517 Bind editors for various selectors.
518 $type - type of editor
519 $input - name of related input field
520 $caller - optional function key code (available values F1-F12: 112-123,
523 function set_editor($type, $input, $caller=true)
525 global $path_to_root, $Editors, $popup_editors, $Pagehelp;
527 $key = $caller===true ? $popup_editors[$type][1] : $caller;
529 $Editors[$key] = array( $path_to_root . $popup_editors[$type][0], $input,
530 $popup_editors[$type][3], $popup_editors[$type][4]);
532 $help = 'F' . ($key - 111) . ' - ';
533 $help .= $popup_editors[$type][2];
536 //------------------------------------------------------------------------------
537 // Procedures below are now obsolete. Preserved for eventual future use.
540 External page call with saving current context.
541 $call - url of external page
542 $ctx - optional. name of SESSION context object or array of names of POST
543 variables saved on call
545 function context_call($call, $ctx='')
549 foreach($ctx as $postname)
551 $context[$postname] = get_post($postname);
554 $context = isset($_SESSION[$ctx]) ? $_SESSION[$ctx] : null;
556 array_unshift($_SESSION['Context'], array('name' => $ctx,
558 'caller' => $_SERVER['PHP_SELF'],
563 Restores context after external page call and
564 returns array of data passed by external page.
566 function context_restore()
568 if ( count($_SESSION['Context'])) {
569 if ($_SERVER['PHP_SELF'] == $_SESSION['Context'][0]['caller']) {
570 $ctx = array_shift($_SESSION['Context']);
572 if (is_array($ctx['ctx'])) {
573 foreach($ctx['ctx'] as $name => $val)
575 $_POST[$name] = $val;
578 if ($ctx['name']!='')
579 $_SESSION[$ctx['name']] = $ctx['ctx'];
588 Return to caller page if the page was called from external context.
590 function context_return($ret)
592 if ( count($_SESSION['Context'])) {
593 $ctx = &$_SESSION['Context'][0];
595 meta_forward( $ctx['caller'] );
599 Clearing context stack after page cancel.
601 function context_reset()
603 $_SESSION['Context'] = array();
606 Context stack initialization
608 if (!isset($_SESSION['Context'])) {
612 Redirector for selector F4 calls.
613 $sel_editors is array of selname=>editor_page
615 function editor_redirect($sel_editors, $save_fun='') {
616 foreach ($sel_editors as $selname=>$editor)
617 if (isset($_POST['_'.$selname.'_editor'])) {
618 if (function_exists($save_fun))
620 unset($_POST['_'.$selname.'_editor']);
621 context_call($editor, array_keys($_POST));
625 Return procedure for selector F4 calls
627 function editor_return($vars, $restore_fun='') {
628 if (function_exists($restore_fun))
631 if ($ret = context_restore()) {
632 foreach ($vars as $postname=>$retname)
633 if (isset($ret[$retname])) {
634 $_POST[$postname] = $ret[$retname];
635 set_focus($postname);
640 function confirm_dialog($submit, $msg) {
641 if (find_post($submit)) {
642 display_warning($msg);
644 submit_center_first('DialogConfirm', _("Proceed"), '', true);
645 submit_center_last('DialogCancel', _("Cancel"), '', 'cancel');
648 return get_post('DialogConfirm', 0);
651 Confirm dialog to be used optionally in final form checking routine.
652 Displays warning conditionally unless it was displayed
654 function display_confirmation($msg)
658 if (!get_post('_confirmed'))
660 $_POST['_confirmed'] = 1;
661 display_warning($msg);
667 Block menu/shortcut links during transaction procesing.
669 function page_processing($msg = false)
674 $msg = _("Entered data has not been saved yet.\nDo you want to abandon changes?");
676 $js = "_validate._processing=" . (
677 $msg ? '\''.strtr($msg, array("\n"=>'\\n')) . '\';' : 'null;');
679 $Ajax->addScript(true, $js);
684 function page_modified($status = true)
688 $js = "_validate._modified=" . ($status ? 1:0).';';
690 $Ajax->addScript(true, $js);