security update core+modules
This commit is contained in:
Bachir Soussi Chiadmi
@@ -0,0 +1,34 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* @file
|
||||
* Contains views_handler_area_messages.
|
||||
*/
|
||||
|
||||
/**
|
||||
* Provides an area for messages.
|
||||
*/
|
||||
class views_handler_area_messages extends views_handler_area {
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function option_definition() {
|
||||
$options = parent::option_definition();
|
||||
// Set the default to TRUE so it shows on empty pages by default.
|
||||
$options['empty']['default'] = TRUE;
|
||||
return $options;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function render($empty = FALSE) {
|
||||
$return = '';
|
||||
if (!$empty || !empty($this->options['empty'])) {
|
||||
$return = theme('status_messages');
|
||||
}
|
||||
return $return;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -56,7 +56,7 @@ class views_handler_area_text extends views_handler_area {
|
||||
if (!empty($options[$type])) {
|
||||
$items = array();
|
||||
foreach ($options[$type] as $key => $value) {
|
||||
$items[] = $key . ' == ' . $value;
|
||||
$items[] = $key . ' == ' . check_plain($value);
|
||||
}
|
||||
$output .= theme('item_list',
|
||||
array(
|
||||
|
||||
@@ -423,11 +423,13 @@ class views_handler_argument extends views_handler {
|
||||
$plugin->options_validate($form['argument_default'][$default_id], $form_state, $form_state['values']['options']['argument_default'][$default_id]);
|
||||
}
|
||||
|
||||
// summary plugin
|
||||
$summary_id = $form_state['values']['options']['summary']['format'];
|
||||
$plugin = $this->get_plugin('style', $summary_id);
|
||||
if ($plugin) {
|
||||
$plugin->options_validate($form['summary']['options'][$summary_id], $form_state, $form_state['values']['options']['summary']['options'][$summary_id]);
|
||||
// Validate summary plugin options if one is present.
|
||||
if (isset($form_state['values']['options']['summary']['format'])) {
|
||||
$summary_id = $form_state['values']['options']['summary']['format'];
|
||||
$plugin = $this->get_plugin('style', $summary_id);
|
||||
if ($plugin) {
|
||||
$plugin->options_validate($form['summary']['options'][$summary_id], $form_state, $form_state['values']['options']['summary']['options'][$summary_id]);
|
||||
}
|
||||
}
|
||||
|
||||
$validate_id = $form_state['values']['options']['validate']['type'];
|
||||
@@ -453,14 +455,16 @@ class views_handler_argument extends views_handler {
|
||||
$form_state['values']['options']['default_argument_options'] = $options;
|
||||
}
|
||||
|
||||
// summary plugin
|
||||
$summary_id = $form_state['values']['options']['summary']['format'];
|
||||
$plugin = $this->get_plugin('style', $summary_id);
|
||||
if ($plugin) {
|
||||
$options = &$form_state['values']['options']['summary']['options'][$summary_id];
|
||||
$plugin->options_submit($form['summary']['options'][$summary_id], $form_state, $options);
|
||||
// Copy the now submitted options to their final resting place so they get saved.
|
||||
$form_state['values']['options']['summary_options'] = $options;
|
||||
// Handle summary plugin options if one is present.
|
||||
if (isset($form_state['values']['options']['summary']['format'])) {
|
||||
$summary_id = $form_state['values']['options']['summary']['format'];
|
||||
$plugin = $this->get_plugin('style', $summary_id);
|
||||
if ($plugin) {
|
||||
$options = &$form_state['values']['options']['summary']['options'][$summary_id];
|
||||
$plugin->options_submit($form['summary']['options'][$summary_id], $form_state, $options);
|
||||
// Copy the now submitted options to their final resting place so they get saved.
|
||||
$form_state['values']['options']['summary_options'] = $options;
|
||||
}
|
||||
}
|
||||
|
||||
$validate_id = $form_state['values']['options']['validate']['type'];
|
||||
|
||||
@@ -814,7 +814,7 @@ If you would like to have the characters \'[\' and \']\' please use the html ent
|
||||
if (!empty($options[$type])) {
|
||||
$items = array();
|
||||
foreach ($options[$type] as $key => $value) {
|
||||
$items[] = $key . ' == ' . $value;
|
||||
$items[] = $key . ' == ' . check_plain($value);
|
||||
}
|
||||
$output .= theme('item_list',
|
||||
array(
|
||||
|
||||
@@ -25,6 +25,8 @@ class views_handler_field_boolean extends views_handler_field {
|
||||
function option_definition() {
|
||||
$options = parent::option_definition();
|
||||
$options['type'] = array('default' => 'yes-no');
|
||||
$options['type_custom_true'] = array('default' => '', 'translatable' => TRUE);
|
||||
$options['type_custom_false'] = array('default' => '', 'translatable' => TRUE);
|
||||
$options['not'] = array('definition bool' => 'reverse');
|
||||
|
||||
return $options;
|
||||
@@ -42,7 +44,8 @@ class views_handler_field_boolean extends views_handler_field {
|
||||
'unicode-yes-no' => array('✔', '✖'),
|
||||
);
|
||||
$output_formats = isset($this->definition['output formats']) ? $this->definition['output formats'] : array();
|
||||
$this->formats = array_merge($default_formats, $output_formats);
|
||||
$custom_format = array('custom' => array(t('Custom')));
|
||||
$this->formats = array_merge($default_formats, $output_formats, $custom_format);
|
||||
}
|
||||
|
||||
function options_form(&$form, &$form_state) {
|
||||
@@ -56,6 +59,29 @@ class views_handler_field_boolean extends views_handler_field {
|
||||
'#options' => $options,
|
||||
'#default_value' => $this->options['type'],
|
||||
);
|
||||
|
||||
$form['type_custom_true'] = array(
|
||||
'#type' => 'textfield',
|
||||
'#title' => t('Custom output for TRUE'),
|
||||
'#default_value' => $this->options['type_custom_true'],
|
||||
'#states' => array(
|
||||
'visible' => array(
|
||||
'select[name="options[type]"]' => array('value' => 'custom'),
|
||||
),
|
||||
),
|
||||
);
|
||||
|
||||
$form['type_custom_false'] = array(
|
||||
'#type' => 'textfield',
|
||||
'#title' => t('Custom output for FALSE'),
|
||||
'#default_value' => $this->options['type_custom_false'],
|
||||
'#states' => array(
|
||||
'visible' => array(
|
||||
'select[name="options[type]"]' => array('value' => 'custom'),
|
||||
),
|
||||
),
|
||||
);
|
||||
|
||||
$form['not'] = array(
|
||||
'#type' => 'checkbox',
|
||||
'#title' => t('Reverse'),
|
||||
@@ -71,7 +97,10 @@ class views_handler_field_boolean extends views_handler_field {
|
||||
$value = !$value;
|
||||
}
|
||||
|
||||
if (isset($this->formats[$this->options['type']])) {
|
||||
if ($this->options['type'] == 'custom') {
|
||||
return $value ? filter_xss_admin($this->options['type_custom_true']) : filter_xss_admin($this->options['type_custom_false']);
|
||||
}
|
||||
else if (isset($this->formats[$this->options['type']])) {
|
||||
return $value ? $this->formats[$this->options['type']][0] : $this->formats[$this->options['type']][1];
|
||||
}
|
||||
else {
|
||||
|
||||
@@ -14,6 +14,7 @@ class views_handler_field_counter extends views_handler_field {
|
||||
function option_definition() {
|
||||
$options = parent::option_definition();
|
||||
$options['counter_start'] = array('default' => 1);
|
||||
$options['reverse'] = array('default' => FALSE);
|
||||
return $options;
|
||||
}
|
||||
|
||||
@@ -26,6 +27,13 @@ class views_handler_field_counter extends views_handler_field {
|
||||
'#size' => 2,
|
||||
);
|
||||
|
||||
$form['reverse'] = array(
|
||||
'#type' => 'checkbox',
|
||||
'#title' => t('Reverse'),
|
||||
'#default_value' => $this->options['reverse'],
|
||||
'#description' => t('Reverse the counter.'),
|
||||
);
|
||||
|
||||
parent::options_form($form, $form_state);
|
||||
}
|
||||
|
||||
@@ -34,16 +42,24 @@ class views_handler_field_counter extends views_handler_field {
|
||||
}
|
||||
|
||||
function render($values) {
|
||||
$reverse = empty($this->options['reverse']) ? 1 : -1;
|
||||
|
||||
// Note: 1 is subtracted from the counter start value below because the
|
||||
// counter value is incremented by 1 at the end of this function.
|
||||
$count = is_numeric($this->options['counter_start']) ? $this->options['counter_start'] - 1 : 0;
|
||||
$counter_start = is_numeric($this->options['counter_start']) ? $this->options['counter_start'] : 0;
|
||||
$count = ($reverse == -1) ? count($this->view->result) + $counter_start : $counter_start -1;
|
||||
$pager = $this->view->query->pager;
|
||||
|
||||
// Get the base count of the pager.
|
||||
if ($pager->use_pager()) {
|
||||
$count += ($pager->get_items_per_page() * $pager->get_current_page() + $pager->get_offset());
|
||||
if ($reverse == -1) {
|
||||
$count = ($pager->total_items + $counter_start - ($pager->get_current_page() * $pager->get_items_per_page()) + $pager->get_offset());
|
||||
} else {
|
||||
$count += (($pager->get_items_per_page() * $pager->get_current_page() + $pager->get_offset())) * $reverse;
|
||||
}
|
||||
}
|
||||
// Add the counter for the current site.
|
||||
$count += $this->view->row_index + 1;
|
||||
$count += ($this->view->row_index + 1) * $reverse;
|
||||
|
||||
return $count;
|
||||
}
|
||||
|
||||
@@ -16,6 +16,8 @@ class views_handler_field_date extends views_handler_field {
|
||||
|
||||
$options['date_format'] = array('default' => 'small');
|
||||
$options['custom_date_format'] = array('default' => '');
|
||||
$options['second_date_format_custom'] = array('default' => '');
|
||||
$options['second_date_format'] = array('default' => 'small');
|
||||
$options['timezone'] = array('default' => '');
|
||||
|
||||
return $options;
|
||||
@@ -36,6 +38,7 @@ class views_handler_field_date extends views_handler_field {
|
||||
'custom' => t('Custom'),
|
||||
'raw time ago' => t('Time ago'),
|
||||
'time ago' => t('Time ago (with "ago" appended)'),
|
||||
'today time ago' => t('Time ago (with "ago" appended) for today\'s date, but not for other dates'),
|
||||
'raw time hence' => t('Time hence'),
|
||||
'time hence' => t('Time hence (with "hence" appended)'),
|
||||
'raw time span' => t('Time span (future dates have "-" prepended)'),
|
||||
@@ -49,8 +52,39 @@ class views_handler_field_date extends views_handler_field {
|
||||
'#title' => t('Custom date format'),
|
||||
'#description' => t('If "Custom", see the <a href="@url" target="_blank">PHP manual</a> for date formats. Otherwise, enter the number of different time units to display, which defaults to 2.', array('@url' => 'http://php.net/manual/function.date.php')),
|
||||
'#default_value' => isset($this->options['custom_date_format']) ? $this->options['custom_date_format'] : '',
|
||||
'#dependency' => array('edit-options-date-format' => array('custom', 'raw time ago', 'time ago', 'raw time hence', 'time hence', 'raw time span', 'time span', 'raw time span', 'inverse time span', 'time span')),
|
||||
'#dependency' => array('edit-options-date-format' => array('custom', 'raw time ago', 'time ago', 'today time ago', 'raw time hence', 'time hence', 'raw time span', 'time span', 'raw time span', 'inverse time span', 'time span')),
|
||||
);
|
||||
$form['second_date_format'] = array(
|
||||
'#type' => 'select',
|
||||
'#title' => t('Second date format'),
|
||||
'#options' => $date_formats + array(
|
||||
'custom' => t('Custom'),
|
||||
),
|
||||
'#description' => t('The date format which will be used for rendering dates other than today.'),
|
||||
'#default_value' => isset($this->options['second_date_format']) ? $this->options['second_date_format'] : 'small',
|
||||
'#dependency' => array('edit-options-date-format' => array('today time ago')),
|
||||
);
|
||||
$form['second_date_format_custom'] = array(
|
||||
'#type' => 'textfield',
|
||||
'#title' => t('Custom date format of second date'),
|
||||
'#description' => t('If "Custom" is selected in "Second date format", see the <a href="@url" target="_blank">PHP manual</a> for date formats. Otherwise, enter the number of different time units to display, which defaults to 2.', array('@url' => 'http://php.net/manual/function.date.php')),
|
||||
'#default_value' => isset($this->options['second_date_format_custom']) ? $this->options['second_date_format_custom'] : '',
|
||||
// We have to use states instead of ctools dependency because dependency
|
||||
// doesn't handle multiple conditions.
|
||||
'#states' => array(
|
||||
'visible' => array(
|
||||
'#edit-options-date-format' => array('value' => 'today time ago'),
|
||||
'#edit-options-second-date-format' => array('value' => 'custom'),
|
||||
),
|
||||
),
|
||||
// We have to use ctools dependency too because states doesn't add the
|
||||
// correct left margin to the element's wrapper.
|
||||
'#dependency' => array(
|
||||
// This condition is handled by form API's states.
|
||||
// 'edit-options-date-format' => array('today time ago'),
|
||||
'edit-options-second-date-format' => array('custom'),
|
||||
),
|
||||
);
|
||||
$form['timezone'] = array(
|
||||
'#type' => 'select',
|
||||
'#title' => t('Timezone'),
|
||||
@@ -66,7 +100,7 @@ class views_handler_field_date extends views_handler_field {
|
||||
function render($values) {
|
||||
$value = $this->get_value($values);
|
||||
$format = $this->options['date_format'];
|
||||
if (in_array($format, array('custom', 'raw time ago', 'time ago', 'raw time hence', 'time hence', 'raw time span', 'time span', 'raw time span', 'inverse time span', 'time span'))) {
|
||||
if (in_array($format, array('custom', 'raw time ago', 'time ago', 'today time ago', 'raw time hence', 'time hence', 'raw time span', 'time span', 'raw time span', 'inverse time span', 'time span'))) {
|
||||
$custom_format = $this->options['custom_date_format'];
|
||||
}
|
||||
|
||||
@@ -78,6 +112,21 @@ class views_handler_field_date extends views_handler_field {
|
||||
return format_interval($time_diff, is_numeric($custom_format) ? $custom_format : 2);
|
||||
case 'time ago':
|
||||
return t('%time ago', array('%time' => format_interval($time_diff, is_numeric($custom_format) ? $custom_format : 2)));
|
||||
case 'today time ago':
|
||||
$second_format = $this->options['second_date_format'];
|
||||
$second_custom_format = $this->options['second_date_format_custom'];
|
||||
if (format_date(REQUEST_TIME, 'custom', 'Y-m-d', $timezone) == format_date($value, 'custom', 'Y-m-d', $timezone)) {
|
||||
return t('%time ago', array('%time' => format_interval($time_diff, is_numeric($custom_format) ? $custom_format : 2)));
|
||||
}
|
||||
elseif ($second_format == 'custom') {
|
||||
if ($second_custom_format == 'r') {
|
||||
return format_date($value, $second_format, $second_custom_format, $timezone, 'en');
|
||||
}
|
||||
return format_date($value, $second_format, $second_custom_format, $timezone);
|
||||
}
|
||||
else {
|
||||
return format_date($value, $this->options['second_date_format'], '', $timezone);
|
||||
}
|
||||
case 'raw time hence':
|
||||
return format_interval(-$time_diff, is_numeric($custom_format) ? $custom_format : 2);
|
||||
case 'time hence':
|
||||
|
||||
@@ -91,7 +91,11 @@ class views_handler_filter extends views_handler {
|
||||
}
|
||||
|
||||
if ($this->multiple_exposed_input()) {
|
||||
$this->group_info = array_filter($options['group_info']['default_group_multiple']);
|
||||
$this->group_info = NULL;
|
||||
if (!empty($options['group_info']['default_group_multiple'])) {
|
||||
$this->group_info = array_filter($options['group_info']['default_group_multiple']);
|
||||
}
|
||||
|
||||
$this->options['expose']['multiple'] = TRUE;
|
||||
}
|
||||
|
||||
@@ -116,6 +120,7 @@ class views_handler_filter extends views_handler {
|
||||
'label' => array('default' => '', 'translatable' => TRUE),
|
||||
'description' => array('default' => '', 'translatable' => TRUE),
|
||||
'use_operator' => array('default' => FALSE, 'bool' => TRUE),
|
||||
'operator_label' => array('default' => '', 'translatable' => TRUE),
|
||||
'operator' => array('default' => ''),
|
||||
'identifier' => array('default' => ''),
|
||||
'required' => array('default' => FALSE, 'bool' => TRUE),
|
||||
@@ -510,6 +515,16 @@ class views_handler_filter extends views_handler {
|
||||
'#description' => t('Allow the user to choose the operator.'),
|
||||
'#default_value' => !empty($this->options['expose']['use_operator']),
|
||||
);
|
||||
$form['expose']['operator_label'] = array(
|
||||
'#type' => 'textfield',
|
||||
'#default_value' => $this->options['expose']['operator_label'],
|
||||
'#title' => t('Operator label'),
|
||||
'#size' => 40,
|
||||
'#description' => t('This will appear before your operator select field.'),
|
||||
'#dependency' => array(
|
||||
'edit-options-expose-use-operator' => array(1)
|
||||
),
|
||||
);
|
||||
$form['expose']['operator_id'] = array(
|
||||
'#type' => 'textfield',
|
||||
'#default_value' => $this->options['expose']['operator_id'],
|
||||
@@ -754,10 +769,8 @@ class views_handler_filter extends views_handler {
|
||||
$operator = $this->options['expose']['operator_id'];
|
||||
$this->operator_form($form, $form_state);
|
||||
$form[$operator] = $form['operator'];
|
||||
|
||||
if (isset($form[$operator]['#title'])) {
|
||||
unset($form[$operator]['#title']);
|
||||
}
|
||||
$form[$operator]['#title'] = $this->options['expose']['operator_label'];
|
||||
$form[$operator]['#title_display'] = 'invisible';
|
||||
|
||||
$this->exposed_translate($form[$operator], 'operator');
|
||||
|
||||
|
||||
@@ -30,6 +30,6 @@ class views_handler_filter_boolean_operator_string extends views_handler_filter_
|
||||
else {
|
||||
$where .= "<> ''";
|
||||
}
|
||||
$this->query->add_where($this->options['group'], $where);
|
||||
$this->query->add_where_expression($this->options['group'], $where);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,142 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* @file
|
||||
* Definition of views_handler_filter_fields_compare.
|
||||
*/
|
||||
|
||||
/**
|
||||
* A handler to filter a view using fields comparison.
|
||||
*
|
||||
* @ingroup views_filter_handlers
|
||||
*/
|
||||
|
||||
class views_handler_filter_fields_compare extends views_handler_filter {
|
||||
|
||||
function can_expose() {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
/**
|
||||
* Overrides views_handler_filter#option_definition().
|
||||
*/
|
||||
function option_definition() {
|
||||
$options = parent::option_definition();
|
||||
|
||||
$options['left_field'] = $options['right_field'] = array('default' => '');
|
||||
|
||||
return $options;
|
||||
}
|
||||
|
||||
/**
|
||||
* Provide a list of all operators.
|
||||
*/
|
||||
function fields_operator_options() {
|
||||
return array(
|
||||
'<' => t('Is less than'),
|
||||
'<=' => t('Is less than or equal to'),
|
||||
'=' => t('Is equal to'),
|
||||
'<>' => t('Is not equal to'),
|
||||
'>=' => t('Is greater than or equal to'),
|
||||
'>' => t('Is greater than')
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Provide a list of available fields.
|
||||
*/
|
||||
function field_options() {
|
||||
$options = array();
|
||||
|
||||
$field_handlers = $this->view->display_handler->get_handlers('field');
|
||||
foreach ($field_handlers as $field => $handler) {
|
||||
if ($handler->table != 'views') {
|
||||
$options[$field] = $handler->ui_name();
|
||||
}
|
||||
}
|
||||
|
||||
return $options;
|
||||
}
|
||||
|
||||
/**
|
||||
* Overrides views_handler_filter#options_form().
|
||||
*/
|
||||
function options_form(&$form, &$form_state) {
|
||||
parent::options_form($form, $form_state);
|
||||
|
||||
$field_options = $this->field_options();
|
||||
|
||||
$form['left_field'] = array(
|
||||
'#type' => 'select',
|
||||
'#title' => t('Left field'),
|
||||
'#default_value' => $this->options['left_field'],
|
||||
'#options' => $field_options,
|
||||
'#weight' => -3,
|
||||
);
|
||||
|
||||
$form['operator'] = array(
|
||||
'#type' => 'select',
|
||||
'#title' => t('Operator'),
|
||||
'#default_value' => $this->options['operator'],
|
||||
'#options' => $this->fields_operator_options(),
|
||||
'#weight' => -2,
|
||||
);
|
||||
|
||||
$form['right_field'] = array(
|
||||
'#type' => 'select',
|
||||
'#title' => t('Right field'),
|
||||
'#default_value' => $this->options['right_field'],
|
||||
'#options' => $field_options,
|
||||
'#weight' => -1,
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Overrides views_handler_filter#query().
|
||||
*
|
||||
* Build extra condition from existing fields (from existing joins).
|
||||
*/
|
||||
function query() {
|
||||
$left = $this->options['left_field'];
|
||||
$right = $this->options['right_field'];
|
||||
|
||||
// Get all existing field handlers.
|
||||
$field_handlers = $this->view->display_handler->get_handlers('field');
|
||||
|
||||
// Make sure the selected fields still exist.
|
||||
if (!isset($field_handlers[$left], $field_handlers[$right])) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Get the left table and field.
|
||||
$left_handler = $field_handlers[$left];
|
||||
$left_handler->set_relationship();
|
||||
$left_table_alias = $this->query->ensure_table($left_handler->table, $left_handler->relationship);
|
||||
|
||||
// Get the left table and field.
|
||||
$right_handler = $field_handlers[$right];
|
||||
$right_handler->set_relationship();
|
||||
$right_table_alias = $this->query->ensure_table($right_handler->table, $right_handler->relationship);
|
||||
|
||||
// Build piece of SQL.
|
||||
$snippet =
|
||||
$left_table_alias . '.' . $left_handler->real_field .
|
||||
' ' . $this->options['operator'] . ' ' .
|
||||
$right_table_alias . '.' . $right_handler->real_field;
|
||||
|
||||
$this->query->add_where_expression($this->options['group'], $snippet);
|
||||
}
|
||||
|
||||
/**
|
||||
* Overrides views_handler_filter#admin_summary().
|
||||
*/
|
||||
function admin_summary() {
|
||||
return check_plain(
|
||||
$this->options['left_field'] . ' ' .
|
||||
$this->options['operator'] . ' ' .
|
||||
$this->options['right_field']
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -258,7 +258,7 @@ class views_handler_filter_numeric extends views_handler_filter {
|
||||
}
|
||||
|
||||
function op_regex($field) {
|
||||
$this->query->add_where($this->options['group'], $field, $this->value, 'RLIKE');
|
||||
$this->query->add_where($this->options['group'], $field, $this->value['value'], 'RLIKE');
|
||||
}
|
||||
|
||||
function admin_summary() {
|
||||
|
||||
Reference in New Issue
Block a user