makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/11095] Forward GET parameters into hidden fields for jumpbox.

Browse source 
PHPBB3-11095
This commit is contained in:
Oleg Pudeyev 2012-11-29 13:36:00 -05:00
parent 9c0a03f1d5
commit 2a39df1a53
4 changed files with 43 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
phpBB/includes/functions.php
View file

@ -4940,13 +4940,47 @@ function phpbb_quoteattr($data, $entities = null)
return $data; return $data;
} }
function phpbb_build_hidden_fields_for_query_params($request, $exclude = null)
{
$names = $request->variable_names(phpbb_request_interface::GET);
$hidden = '';
foreach ($names as $name)
{
// Sessions are dealt with elsewhere, omit sid always
if ($name == 'sid')
{
continue;
}
// Omit any additional parameters requested
if (!empty($exclude) && in_array($name, $exclude))
{
continue;
}
$escaped_name = phpbb_quoteattr($name);
// Note: we might retrieve the variable from POST or cookies
// here. To avoid exposing cookies, skip variables that are
// overwritten somewhere other than GET entirely.
$value = $request->variable($name, '', true);
$get_value = $request->variable($name, '', true, phpbb_request_interface::GET);
if ($value === $get_value)
{
$escaped_value = phpbb_quoteattr($value);
$hidden .= "<input type='hidden' name=$escaped_name value=$escaped_value />";
}
}
return $hidden;
}
/** /**
* Generate page header * Generate page header
*/ */
function page_header($page_title = '', $display_online_list = true, $item_id = 0, $item = 'forum') function page_header($page_title = '', $display_online_list = true, $item_id = 0, $item = 'forum')
{ {
global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path; global $db, $config, $template, $SID, $_SID, $_EXTRA_URL, $user, $auth, $phpEx, $phpbb_root_path;
global $phpbb_dispatcher; global $phpbb_dispatcher, $request;
if (defined('HEADER_INC')) if (defined('HEADER_INC'))
{ {
@ -5135,6 +5169,8 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0
$timezone_name = $user->lang['timezones'][$timezone_name]; $timezone_name = $user->lang['timezones'][$timezone_name];
} }
$hidden_fields_for_jumpbox = phpbb_build_hidden_fields_for_query_params($request, array('f'));
// The following assigns all _common_ variables that may be used at any point in a template. // The following assigns all _common_ variables that may be used at any point in a template.
$template->assign_vars(array( $template->assign_vars(array(
'SITENAME' => $config['sitename'], 'SITENAME' => $config['sitename'],
@ -5149,6 +5185,7 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0
'RECORD_USERS' => $l_online_record, 'RECORD_USERS' => $l_online_record,
'PRIVATE_MESSAGE_INFO' => $l_privmsgs_text, 'PRIVATE_MESSAGE_INFO' => $l_privmsgs_text,
'PRIVATE_MESSAGE_INFO_UNREAD' => $l_privmsgs_text_unread, 'PRIVATE_MESSAGE_INFO_UNREAD' => $l_privmsgs_text_unread,
'HIDDEN_FIELDS_FOR_JUMPBOX' => $hidden_fields_for_jumpbox,
'S_USER_NEW_PRIVMSG' => $user->data['user_new_privmsg'], 'S_USER_NEW_PRIVMSG' => $user->data['user_new_privmsg'],
'S_USER_UNREAD_PRIVMSG' => $user->data['user_unread_privmsg'], 'S_USER_UNREAD_PRIVMSG' => $user->data['user_unread_privmsg'],
@ -5507,7 +5544,8 @@ function phpbb_to_numeric($input)
function phpbb_create_symfony_request(phpbb_request $request) function phpbb_create_symfony_request(phpbb_request $request)
{ {
// This function is meant to sanitize the global input arrays // This function is meant to sanitize the global input arrays
$sanitizer = function(&$value, $key) { $sanitizer = function(&$value, $key)
{
$type_cast_helper = new phpbb_request_type_cast_helper(); $type_cast_helper = new phpbb_request_type_cast_helper();
$type_cast_helper->set_var($value, $value, gettype($value), true); $type_cast_helper->set_var($value, $value, gettype($value), true);
}; };

1
phpBB/styles/prosilver/template/jumpbox.html
View file

@ -17,6 +17,7 @@
<!-- ELSE --> <!-- ELSE -->
<fieldset class="jumpbox"> <fieldset class="jumpbox">
<!-- ENDIF --> <!-- ENDIF -->
{HIDDEN_FIELDS_FOR_JUMPBOX}
<label for="f" accesskey="j"><!-- IF S_IN_MCP and S_MERGE_SELECT -->{L_SELECT_TOPICS_FROM}<!-- ELSEIF S_IN_MCP -->{L_MODERATE_FORUM}<!-- ELSE -->{L_JUMP_TO}<!-- ENDIF -->{L_COLON}</label> <label for="f" accesskey="j"><!-- IF S_IN_MCP and S_MERGE_SELECT -->{L_SELECT_TOPICS_FROM}<!-- ELSEIF S_IN_MCP -->{L_MODERATE_FORUM}<!-- ELSE -->{L_JUMP_TO}<!-- ENDIF -->{L_COLON}</label>
<select name="f" id="f" onchange="if(this.options[this.selectedIndex].value != -1){ document.forms['jumpbox'].submit() }"> <select name="f" id="f" onchange="if(this.options[this.selectedIndex].value != -1){ document.forms['jumpbox'].submit() }">
<!-- BEGIN jumpbox_forums --> <!-- BEGIN jumpbox_forums -->

2
phpBB/styles/subsilver2/template/jumpbox.html
View file

@ -4,7 +4,7 @@
<table cellspacing="0" cellpadding="0" border="0"> <table cellspacing="0" cellpadding="0" border="0">
<tr> <tr>
<td nowrap="nowrap"><span class="gensmall"><!-- IF S_IN_MCP and S_MERGE_SELECT -->{L_SELECT_TOPICS_FROM}<!-- ELSEIF S_IN_MCP -->{L_MODERATE_FORUM}<!-- ELSE -->{L_JUMP_TO}<!-- ENDIF -->{L_COLON}</span>&nbsp;<select name="f" onchange="if(this.options[this.selectedIndex].value != -1){ document.forms['jumpbox'].submit() }"> <td nowrap="nowrap">{HIDDEN_FIELDS_FOR_JUMPBOX}<span class="gensmall"><!-- IF S_IN_MCP and S_MERGE_SELECT -->{L_SELECT_TOPICS_FROM}<!-- ELSEIF S_IN_MCP -->{L_MODERATE_FORUM}<!-- ELSE -->{L_JUMP_TO}<!-- ENDIF -->{L_COLON}</span>&nbsp;<select name="f" onchange="if(this.options[this.selectedIndex].value != -1){ document.forms['jumpbox'].submit() }">
<!-- BEGIN jumpbox_forums --> <!-- BEGIN jumpbox_forums -->
<!-- IF jumpbox_forums.S_FORUM_COUNT eq 1 --><option value="-1">------------------</option><!-- ENDIF --> <!-- IF jumpbox_forums.S_FORUM_COUNT eq 1 --><option value="-1">------------------</option><!-- ENDIF -->

1
phpBB/styles/subsilver2/template/mcp_jumpbox.html
View file

@ -2,6 +2,7 @@
<form name="jumpbox" method="get" action="{S_JUMPBOX_ACTION}"> <form name="jumpbox" method="get" action="{S_JUMPBOX_ACTION}">
{HIDDEN_FIELDS_FOR_JUMPBOX}
<span class="gensmall">{L_JUMP_TO}{L_COLON}</span>&nbsp;<select name="f" onChange="if(this.options[this.selectedIndex].value != -1 && this.options[this.selectedIndex].value != document.jumpbox.current_f.value){ document.forms['jumpbox'].submit() }"> <span class="gensmall">{L_JUMP_TO}{L_COLON}</span>&nbsp;<select name="f" onChange="if(this.options[this.selectedIndex].value != -1 && this.options[this.selectedIndex].value != document.jumpbox.current_f.value){ document.forms['jumpbox'].submit() }">
<!-- IF S_ENABLE_SELECT_ALL --> <!-- IF S_ENABLE_SELECT_ALL -->