date.chapril.org-framadate/app/inc/smarty.php

<?php
/**
 * This software is governed by the CeCILL-B license. If a copy of this license
 * is not distributed with this file, you can obtain one at
 * http://www.cecill.info/licences/Licence_CeCILL-B_V1-en.txt
 *
 * Authors of STUdS (initial project): Guilhem BORGHESI (borghesi@unistra.fr) and Raphaël DROZ
 * Authors of Framadate/OpenSondate: Framasoft (https://github.com/framasoft)
 *
 * =============================
 *
 * Ce logiciel est régi par la licence CeCILL-B. Si une copie de cette licence
 * ne se trouve pas avec ce fichier vous pouvez l'obtenir sur
 * http://www.cecill.info/licences/Licence_CeCILL-B_V1-fr.txt
 *
 * Auteurs de STUdS (projet initial) : Guilhem BORGHESI (borghesi@unistra.fr) et Raphaël DROZ
 * Auteurs de Framadate/OpenSondage : Framasoft (https://github.com/framasoft)
 */
use Framadate\Utils;

require_once __DIR__ . '/../../vendor/smarty/smarty/libs/Smarty.class.php';
$smarty = new \Smarty();
$smarty->setTemplateDir(ROOT_DIR . '/tpl/');
$smarty->setCompileDir(ROOT_DIR . '/tpl_c/');
$smarty->setCacheDir(ROOT_DIR . '/cache/');
$smarty->caching = false;

$smarty->assign('APPLICATION_NAME', NOMAPPLICATION);
$smarty->assign('SERVER_URL', Utils::get_server_name());
$smarty->assign('SCRIPT_NAME', $_SERVER['SCRIPT_NAME']);
$smarty->assign('TITLE_IMAGE', IMAGE_TITRE);
$smarty->assign('use_nav_js', file_exists($_SERVER['DOCUMENT_ROOT'] . '/nav/nav.js'));
$smarty->assign('html_lang', $html_lang);
$smarty->assign('langs', $ALLOWED_LANGUAGES);
$smarty->assign('date_format', $date_format);

// Dev Mode
if (isset($_SERVER['FRAMADATE_DEVMODE']) && $_SERVER['FRAMADATE_DEVMODE']) {
    $smarty->force_compile = true;
    $smarty->compile_check = true;

} else {
    $smarty->force_compile = false;
    $smarty->compile_check = false;
}


function smarty_function_poll_url($params, Smarty_Internal_Template $template) {
    $poll_id =  filter_var($params['id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
    $admin =  (isset($params['admin']) && $params['admin']) ? true : false;
    $vote_unique_id = isset($params['vote_id']) ? filter_var($params['vote_id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]) : '';

    // If filter_var fails (i.e.: hack tentative), it will return false. At least no leak is possible from this.

    return Utils::getUrlSondage($poll_id, $admin, $vote_unique_id);
}

function smarty_modifier_markdown($md, $clear = false) {
    return Utils::markdown($md, $clear);
}

function smarty_modifier_resource($link) {
    return Utils::get_server_name() . $link;
}

function smarty_modifier_html($html) {
    return Utils::htmlEscape($html);
}
Escape html for all bound variables from .tpl files 2015-01-11 14:59:25 +01:00			`<?php`
			`/**`
			`* This software is governed by the CeCILL-B license. If a copy of this license`
			`* is not distributed with this file, you can obtain one at`
			`* http://www.cecill.info/licences/Licence_CeCILL-B_V1-en.txt`
			`*`
			`* Authors of STUdS (initial project): Guilhem BORGHESI (borghesi@unistra.fr) and Raphaël DROZ`
			`* Authors of Framadate/OpenSondate: Framasoft (https://github.com/framasoft)`
			`*`
			`* =============================`
			`*`
			`* Ce logiciel est régi par la licence CeCILL-B. Si une copie de cette licence`
			`* ne se trouve pas avec ce fichier vous pouvez l'obtenir sur`
			`* http://www.cecill.info/licences/Licence_CeCILL-B_V1-fr.txt`
			`*`
			`* Auteurs de STUdS (projet initial) : Guilhem BORGHESI (borghesi@unistra.fr) et Raphaël DROZ`
			`* Auteurs de Framadate/OpenSondage : Framasoft (https://github.com/framasoft)`
			`*/`
			`use Framadate\Utils;`

			`require_once __DIR__ . '/../../vendor/smarty/smarty/libs/Smarty.class.php';`
			`$smarty = new \Smarty();`
			`$smarty->setTemplateDir(ROOT_DIR . '/tpl/');`
			`$smarty->setCompileDir(ROOT_DIR . '/tpl_c/');`
			`$smarty->setCacheDir(ROOT_DIR . '/cache/');`
			`$smarty->caching = false;`

			`$smarty->assign('APPLICATION_NAME', NOMAPPLICATION);`
			`$smarty->assign('SERVER_URL', Utils::get_server_name());`
Issue #18 Install pagination on polls admin page 2015-01-18 16:14:45 +01:00			`$smarty->assign('SCRIPT_NAME', $_SERVER['SCRIPT_NAME']);`
Escape html for all bound variables from .tpl files 2015-01-11 14:59:25 +01:00			`$smarty->assign('TITLE_IMAGE', IMAGE_TITRE);`
			`$smarty->assign('use_nav_js', file_exists($_SERVER['DOCUMENT_ROOT'] . '/nav/nav.js'));`
Make language selection work better 2015-01-20 00:05:43 +01:00			`$smarty->assign('html_lang', $html_lang);`
Escape html for all bound variables from .tpl files 2015-01-11 14:59:25 +01:00			`$smarty->assign('langs', $ALLOWED_LANGUAGES);`
			`$smarty->assign('date_format', $date_format);`

Editing vote by link with unique id - Changed the smarty modifier poll_url to a function and added the vote_id parameter - Modified accordingly all poll_url occurence in templates - Added htaccess.txt to be sure to keep poll's URL changes up to date - Escaped some templates output in order to avoid to broke HTML - Using vote's uniqId instead of vote's id when it's needed 2015-04-02 16:52:46 +02:00			`// Dev Mode`
Correcting 'Undefined index' notice on DevMode var 2015-04-07 17:29:15 +02:00			`if (isset($_SERVER['FRAMADATE_DEVMODE']) && $_SERVER['FRAMADATE_DEVMODE']) {`
Added smarty developer configuration. 2015-04-02 11:57:12 +02:00			`$smarty->force_compile = true;`
			`$smarty->compile_check = true;`

			`} else {`
			`$smarty->force_compile = false;`
			`$smarty->compile_check = false;`
			`}`


Editing vote by link with unique id - Changed the smarty modifier poll_url to a function and added the vote_id parameter - Modified accordingly all poll_url occurence in templates - Added htaccess.txt to be sure to keep poll's URL changes up to date - Escaped some templates output in order to avoid to broke HTML - Using vote's uniqId instead of vote's id when it's needed 2015-04-02 16:52:46 +02:00			`function smarty_function_poll_url($params, Smarty_Internal_Template $template) {`
			`$poll_id = filter_var($params['id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);`
New edition possibility is taken into account - Also added Framadate\Message à link attribute - Added local anchor #edit with vote edition - For now, when the poll owner check the new edit option (ie: "Votes are editable solely by their owner"), users get their update link on vote creation 2015-04-05 17:44:29 +02:00			`$admin = (isset($params['admin']) && $params['admin']) ? true : false;`
			`$vote_unique_id = isset($params['vote_id']) ? filter_var($params['vote_id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]) : '';`
Editing vote by link with unique id - Changed the smarty modifier poll_url to a function and added the vote_id parameter - Modified accordingly all poll_url occurence in templates - Added htaccess.txt to be sure to keep poll's URL changes up to date - Escaped some templates output in order to avoid to broke HTML - Using vote's uniqId instead of vote's id when it's needed 2015-04-02 16:52:46 +02:00
			`// If filter_var fails (i.e.: hack tentative), it will return false. At least no leak is possible from this.`

			`return Utils::getUrlSondage($poll_id, $admin, $vote_unique_id);`
Escape html for all bound variables from .tpl files 2015-01-11 14:59:25 +01:00			`}`

			`function smarty_modifier_markdown($md, $clear = false) {`
			`return Utils::markdown($md, $clear);`
			`}`

			`function smarty_modifier_resource($link) {`
			`return Utils::get_server_name() . $link;`
			`}`

			`function smarty_modifier_html($html) {`
Improve management of errors in infos_sondage page 2015-01-17 16:20:42 +01:00			`return Utils::htmlEscape($html);`
Escape html for all bound variables from .tpl files 2015-01-11 14:59:25 +01:00			`}`