source: branches/2.1/include/block.class.php @ 6322

Last change on this file since 6322 was 5990, checked in by plg, 14 years ago

bug 1484: prevent XSS vulnerability, encode url.

improvement: no need to transmit the REQUEST_URI from PHP, Smarty already
knows it.

File size: 5.8 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
6// +-----------------------------------------------------------------------+
7// | This program is free software; you can redistribute it and/or modify  |
8// | it under the terms of the GNU General Public License as published by  |
9// | the Free Software Foundation                                          |
10// |                                                                       |
11// | This program is distributed in the hope that it will be useful, but   |
12// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
13// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
14// | General Public License for more details.                              |
15// |                                                                       |
16// | You should have received a copy of the GNU General Public License     |
17// | along with this program; if not, write to the Free Software           |
18// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
19// | USA.                                                                  |
20// +-----------------------------------------------------------------------+
21
22class BlockManager
23{
24  protected $id;
25  protected $registered_blocks=array();
26  protected $display_blocks = array();
27
28  public function BlockManager($id)
29  {
30    $this->id = $id;
31  }
32
33  /** triggers an action that allows implementors of menu blocks to register the blocks*/
34  public function load_registered_blocks()
35  {
36    trigger_action('blockmanager_register_blocks', array(&$this) );
37  }
38
39  public function get_id()
40  {
41    return $this->id;
42  }
43
44  public function get_registered_blocks()
45  {
46    return $this->registered_blocks;
47  }
48
49  /** registers a block with this menu. usually called as a result of menubar_register_blocks action
50   * @param MenuBlock block
51  */
52  public function register_block(&$block)
53  {
54    if ( isset($this->registered_blocks[$block->get_id()] ) )
55    {
56      trigger_error("Block '".$block->get_id()."' is already registered", E_USER_WARNING);
57      return false;
58    }
59    $this->registered_blocks[$block->get_id()] = &$block;
60    return true;
61  }
62
63  /** performs one time preparation of registered blocks for display;
64   * triggers the action menubar_prepare_display where implementors can
65   * reposition or hide blocks
66  */
67  public function prepare_display()
68  {
69    global $conf;
70    $conf_id = 'blk_'.$this->id;
71    $mb_conf = isset($conf[$conf_id]) ? $conf[$conf_id] : array();
72    if ( !is_array($mb_conf) )
73      $mb_conf = @unserialize($mb_conf);
74
75    $idx = 1;
76    foreach( $this->registered_blocks as $id => $block )
77    {
78      $pos = isset( $mb_conf[$id] ) ? $mb_conf[$id] : $idx*50;
79      if ( $pos>0 )
80      {
81        $this->display_blocks[$id] = new DisplayBlock($block);
82        $this->display_blocks[$id]->set_position($pos);
83      }
84      $idx++;
85    }
86    $this->sort_blocks();
87    trigger_action( 'blockmanager_prepare_display', array(&$this) );
88    $this->sort_blocks();
89  }
90
91  /** returns true if the block whose id is hidden
92   * @param string block_id
93  */
94  public function is_hidden($block_id)
95  {
96    return isset($this->display_blocks[$block_id]) ? false : true;
97  }
98
99  public function hide_block($block_id)
100  {
101    unset( $this->display_blocks[$block_id] );
102  }
103
104  public function &get_block($block_id)
105  {
106    $tmp = null;
107    if ( isset($this->display_blocks[$block_id]) )
108    {
109      return $this->display_blocks[$block_id];
110    }
111    return $tmp;
112  }
113
114  public function set_block_position($block_id, $position)
115  {
116    if ( isset($this->display_blocks[$block_id]) )
117    {
118      $this->display_blocks[$block_id]->set_position($position);
119    }
120  }
121
122  protected function sort_blocks()
123  {
124    uasort( $this->display_blocks, array('BlockManager', 'cmp_by_position') );
125  }
126
127  static protected function cmp_by_position($a, $b)
128  {
129    return $a->get_position() - $b->get_position();
130  }
131
132  public function apply($var, $file)
133  {
134    global $template;
135
136    $template->set_filename('menubar', $file);
137    trigger_action('blockmanager_apply', array(&$this) );
138
139    foreach( $this->display_blocks as $id=>$block)
140    {
141      if (empty($block->raw_content) and empty($block->template) )
142      {
143        $this->hide_block($id);
144      }
145    }
146    $this->sort_blocks();
147    $template->assign('blocks', $this->display_blocks);
148    $template->assign_var_from_handle($var, 'menubar');
149  }
150}
151
152/**
153 * Represents a menu block registered in a Menu object.
154 */
155class RegisteredBlock
156{
157  protected $id;
158  protected $name;
159  protected $owner;
160
161  public function RegisteredBlock($id, $name, $owner)
162  {
163    $this->id = $id;
164    $this->name = $name;
165    $this->owner = $owner;
166  }
167
168  public function get_id() { return $this->id; }
169  public function get_name() { return $this->name; }
170  public function get_owner() { return $this->owner; }
171}
172
173/**
174 * Represents a menu block ready for display in the Menu object.
175 */
176class DisplayBlock
177{
178  protected $_registeredBlock;
179  protected $_position;
180
181  protected $_title;
182
183  public $data;
184  public $template;
185  public $raw_content;
186
187  public function DisplayBlock($registeredBlock)
188  {
189    $this->_registeredBlock = &$registeredBlock;
190  }
191
192  public function &get_block() { return $this->_registeredBlock; }
193
194  public function get_position() { return $this->_position; }
195  public function set_position($position)
196  {
197    $this->_position = $position;
198  }
199
200  public function get_title()
201  {
202    if (isset($this->_title))
203      return $this->_title;
204    else
205      return $this->_registeredBlock->get_name();
206  }
207
208  public function set_title($title)
209  {
210    $this->_title = $title;
211  }
212}
213
214?>
Note: See TracBrowser for help on using the repository browser.