From 88b14706dd1d133fe7734f66e9c4980e36d6bc9f Mon Sep 17 00:00:00 2001 From: Janusz Dobrowolski Date: Sun, 19 Oct 2008 19:56:45 +0000 Subject: [PATCH] Fixed ajax popup/redirection. --- includes/ajax.inc | 13 ++++++++++--- reporting/includes/pdf_report.inc | 22 ++++------------------ 2 files changed, 14 insertions(+), 21 deletions(-) diff --git a/includes/ajax.inc b/includes/ajax.inc index ce8c9655..b95d1928 100644 --- a/includes/ajax.inc +++ b/includes/ajax.inc @@ -25,15 +25,15 @@ class Ajax extends JsHttpRequest { // function redirect($url) { if(in_ajax()) { - $this->_addCommand(true, array('n'=>'rd'),$url); - $this->run(); + $this->_addCommand(true, array('n'=>'rd'), absolute_url($url)); + $this->run(); } } // // Popup window (target=_blank) // function popup($url) { - $this->_addCommand(true, array('n'=>'pu'),$url); + $this->_addCommand(true, array('n'=>'pu'), absolute_url($url)); } // // Adds an executable Javascript code. @@ -142,4 +142,11 @@ function in_ajax() { return $Ajax->isActive(); } +// Returns absolute path of relative $url. To be used in ajax calls +// for proper redirection from any referer page. +// +function absolute_url($url) +{ + return strpos($url, '..')===0 ? dirname($_SERVER['PHP_SELF']).'/'.$url : $url; +} ?> diff --git a/reporting/includes/pdf_report.inc b/reporting/includes/pdf_report.inc index e3d84a19..0fec40a9 100644 --- a/reporting/includes/pdf_report.inc +++ b/reporting/includes/pdf_report.inc @@ -387,8 +387,7 @@ class FrontReport extends Cpdf } // do not use standard filenames or your sensitive company data // are world readable -// $fname = $dir . '/' . $this->filename; - $fname = tempnam($dir, 'xx'); + $fname = tempnam($dir, 'FA'); rename($fname, $fname.'.pdf'); $fname .= '.pdf'; $fp = fopen($fname,'w'); @@ -456,26 +455,13 @@ class FrontReport extends Cpdf { $printer = get_report_printer(user_print_profile(), $_POST['REP_ID']); if ($printer == false) { - if(in_Ajax()) { + if(in_ajax()) { global $Ajax; - // in case of ajax call non-ajax page reload is forced. - // the alternative is to differ browser support from - // call to remote printing by some attribute of print links, - // but in this case we should check related printer target - // for any link on the page, even if never used. - - // display in popup window ... -// $Ajax->popup($_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING']); - // ... or fire browser download popup - // $Ajax->redirect($_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING']); -// strip document root from file path - $fname = substr(realpath($fname), strlen($_SERVER['DOCUMENT_ROOT'])); - if (substr($fname,0,1) != '/') $fname = '/'.$fname; if (user_rep_popup()) - $Ajax->popup($fname); + $Ajax->popup($fname); // when embeded pdf viewer used else - $Ajax->redirect($fname); + $Ajax->redirect($fname); // otherwise use faster method } else { //echo ' // -- 2.30.2