diff options
| author | Tim Almdal <tnalmdal@shaw.ca> | 2009-07-28 11:59:58 +0800 |
|---|---|---|
| committer | Tim Almdal <tnalmdal@shaw.ca> | 2009-07-28 12:04:23 +0800 |
| commit | 2f969c80eb2e228f2c5729c6f4660c99555f9c9f (patch) | |
| tree | 1604a30f3e2d2b171f0f3819813aea5be3a6b0fc | |
| parent | 975a5ded7b6cc11ce55f2a9bbaa43d4897687b37 (diff) | |
Create A Forge Script element. Form_Script allows the specification
of either a url to a script file or in line text which will be included
in a script block.
Signed-off-by: Tim Almdal <tnalmdal@shaw.ca>
| -rw-r--r-- | modules/gallery/libraries/Form_Script.php | 66 | ||||
| -rw-r--r-- | modules/gallery/tests/DrawForm_Test.php | 39 | ||||
| -rw-r--r-- | modules/gallery/tests/xss_data.txt | 4 | ||||
| -rw-r--r-- | modules/gallery/views/form.html.php | 2 |
4 files changed, 109 insertions, 2 deletions
diff --git a/modules/gallery/libraries/Form_Script.php b/modules/gallery/libraries/Form_Script.php new file mode 100644 index 00000000..e841408d --- /dev/null +++ b/modules/gallery/libraries/Form_Script.php @@ -0,0 +1,66 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Form_Script_Core extends Forge { + protected $data = array( + "name" => false, + "type" => "script", + "url" => "", + "text" => ""); + + public function __construct($name) { + // Set dummy data so we don"t get errors + $this->attr["action"] = ""; + $this->attr["method"] = "post"; + $this->data["name"] = $name; + } + + public function __get($key) { + return isset($this->data[$key]) ? $this->data[$key] : null; + } + + /** + * Sets url attribute + */ + public function url($url) { + $this->data["url"] = $url; + + return $this; + } + + public function text($script_text) { + $this->data["text"] = $script_text; + + return $this; + } + + public function render() { + $script = array(); + if (!empty($this->data["url"])) { + $script[] = html::script($this->data["url"]); + } + + if (!empty($this->data["text"])) { + $script[] = "<script type=\"text/javascript\">\n{$this->data['text']}\n</script>\n"; + } + + return implode("\n", $script); + } + +} // End Form Script
\ No newline at end of file diff --git a/modules/gallery/tests/DrawForm_Test.php b/modules/gallery/tests/DrawForm_Test.php index 2c5aaba4..dde54257 100644 --- a/modules/gallery/tests/DrawForm_Test.php +++ b/modules/gallery/tests/DrawForm_Test.php @@ -80,5 +80,44 @@ class DrawForm_Test extends Unit_Test_Case { $this->assert_same($expected, $rendered); } + function form_script_test() { + $form = new Forge("test/controller", "", "post", array("id" => "gTestGroupForm")); + $group = $form->group("test_group")->label(t("Test Group")); + $group->input("title")->label(t("Title")); + $group->textarea("description")->label(t("Text Area")); + $form->script("") + ->url(url::file("test.js")) + ->text("alert('Test Javascript');"); + $group->submit("")->value(t("Submit")); + $rendered = $form->__toString(); + + $expected = "<form action=\"http://./index.php/test/controller\" method=\"post\" " . + "id=\"gTestGroupForm\">\n" . + "<input type=\"hidden\" name=\"csrf\" value=\"" . access::csrf_token() . "\" />\n" . + " <fieldset>\n" . + " <legend>Test Group</legend>\n" . + " <ul>\n" . + " <li>\n" . + " <label for=\"title\" >Title</label>\n" . + " <input type=\"text\" id=\"title\" name=\"title\" value=\"\" " . + "class=\"textbox\" />\n" . + " </li>\n" . + " <li>\n" . + " <label for=\"description\" >Text Area</label>\n" . + " <textarea id=\"description\" name=\"description\" " . + "class=\"textarea\" ></textarea>\n" . + " </li>\n" . + " <li>\n" . + " <input type=\"submit\" value=\"Submit\" class=\"submit\" />\n" . + " </li>\n" . + " </ul>\n" . + " </fieldset>\n" . + "<script type=\"text/javascript\" src=\"http://./test.js\"></script>\n\n" . + "<script type=\"text/javascript\">\n" . + "alert('Test Javascript');\n" . + "</script>\n" . + "</form>\n"; + $this->assert_same($expected, $rendered); + } } diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index 45f7c7ec..cc9261e5 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -444,8 +444,8 @@ modules/tag/views/admin_tags.html.php 50 DIRTY $tag->id modules/tag/views/admin_tags.html.php 50 $tag->name modules/tag/views/admin_tags.html.php 51 DIRTY $tag->count modules/tag/views/admin_tags.html.php 52 DIRTY $tag->id -modules/tag/views/tag_block.html.php 13 DIRTY $cloud -modules/tag/views/tag_block.html.php 15 DIRTY $form +modules/tag/views/tag_block.html.php 15 DIRTY $cloud +modules/tag/views/tag_block.html.php 17 DIRTY $form modules/tag/views/tag_cloud.html.php 4 DIRTY $tag->count modules/tag/views/tag_cloud.html.php 4 DIRTY $max_count modules/tag/views/tag_cloud.html.php 5 DIRTY $tag->count diff --git a/modules/gallery/views/form.html.php b/modules/gallery/views/form.html.php index ec2a56a9..730d77cb 100644 --- a/modules/gallery/views/form.html.php +++ b/modules/gallery/views/form.html.php @@ -40,6 +40,8 @@ if (!function_exists("DrawForm")) { print "$prefix {$hidden->render()}\n"; } print "$prefix</fieldset>\n"; + } else if ($input->type == 'script') { + print $input->render(); } else { if ($input->error_messages()) { print "$prefix<li class=\"gError\">\n"; |