use CGI;
use CGI::Ajax;
use Cwd;
+use Encode;
use IO::File;
use SL::Auth;
use SL::Auth::DB;
use Template;
use URI;
use List::Util qw(first max min sum);
-use List::MoreUtils qw(any);
+use List::MoreUtils qw(any apply);
use strict;
my $db_charset = $main::dbcharset;
$db_charset ||= Common::DEFAULT_CHARSET;
- if ($self->{INPUT_ENCODING}) {
- if (lc $self->{INPUT_ENCODING} ne lc $db_charset) {
- require Text::Iconv;
- my $iconv = Text::Iconv->new($self->{INPUT_ENCODING}, $db_charset);
+ my $encoding = $self->{INPUT_ENCODING} || $db_charset;
+ delete $self->{INPUT_ENCODING};
- _recode_recursively($iconv, $self);
- }
-
- delete $self->{INPUT_ENCODING};
- }
+ _recode_recursively(SL::Iconv->new($encoding, $db_charset), $self);
$self->{action} = lc $self->{action};
$self->{action} =~ s/( |-|,|\#)/_/g;
- $self->{version} = "2.6.1";
+ #$self->{version} = "2.6.1"; # Old hardcoded but secure style
+ open VERSION_FILE, "VERSION"; # New but flexible code reads version from VERSION-file
+ $self->{version} = <VERSION_FILE>;
+ close VERSION_FILE;
+ $self->{version} =~ s/[^0-9A-Za-z\.\_\-]//g; # only allow numbers, letters, points, underscores and dashes. Prevents injecting of malicious code.
$main::lxdebug->leave_sub();
my ($self, $str) = @_;
+ $str = Encode::encode('utf-8-strict', $str) if $::locale->is_utf8;
$str =~ s/([^a-zA-Z0-9_.-])/sprintf("%%%02x", ord($1))/ge;
$main::lxdebug->leave_sub(2);
if (!$self->{header}) {
$self->header;
- print qq|
- <body>|;
+ print qq|<body>|;
}
print qq|
+ <p class="message_ok"><b>$msg</b></p>
- <p><b>$msg</b>
+ <script type="text/javascript">
+ <!--
+ // If JavaScript is enabled, the whole thing will be reloaded.
+ // The reason is: When one changes his menu setup (HTML / XUL / CSS ...)
+ // it now loads the correct code into the browser instead of do nothing.
+ setTimeout("top.frames.location.href='login.pl'",500);
+ //-->
+ </script>
+
+</body>
|;
} else {
sub header {
- $main::lxdebug->enter_sub();
+ $::lxdebug->enter_sub;
- # extra code ist currently only used by menuv3 and menuv4 to set their css.
+ # extra code is currently only used by menuv3 and menuv4 to set their css.
# it is strongly deprecated, and will be changed in a future version.
my ($self, $extra_code) = @_;
-
- if ($self->{header}) {
- $main::lxdebug->leave_sub();
- return;
- }
-
- my ($stylesheet, $favicon, $pagelayout);
-
- if ($ENV{HTTP_USER_AGENT}) {
- my $doctype;
-
- if ($ENV{'HTTP_USER_AGENT'} =~ m/MSIE\s+\d/) {
- # Only set the DOCTYPE for Internet Explorer. Other browsers have problems displaying the menu otherwise.
- $doctype = qq|<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">\n|;
- }
-
- my $stylesheets = "$self->{stylesheet} $self->{stylesheets}";
-
- $stylesheets =~ s|^\s*||;
- $stylesheets =~ s|\s*$||;
- foreach my $file (split m/\s+/, $stylesheets) {
- $file =~ s|.*/||;
- next if (! -f "css/$file");
-
- $stylesheet .= qq|<link rel="stylesheet" href="css/$file" TYPE="text/css" TITLE="Lx-Office stylesheet">\n|;
- }
-
- $self->{favicon} = "favicon.ico" unless $self->{favicon};
-
- if ($self->{favicon} && (-f "$self->{favicon}")) {
- $favicon =
- qq|<LINK REL="shortcut icon" HREF="$self->{favicon}" TYPE="image/x-icon">
- |;
- }
-
- my $db_charset = $main::dbcharset ? $main::dbcharset : Common::DEFAULT_CHARSET;
-
- if ($self->{landscape}) {
- $pagelayout = qq|<style type="text/css">
- \@page { size:landscape; }
- </style>|;
- }
-
- my $fokus = qq|
+ my $db_charset = $::dbcharset || Common::DEFAULT_CHARSET;
+ my @header;
+
+ $::lxdebug->leave_sub and return if !$ENV{HTTP_USER_AGENT} || $self->{header}++;
+
+ $self->{favicon} ||= "favicon.ico";
+ $self->{titlebar} = "$self->{title} - $self->{titlebar}" if $self->{title};
+
+ # build includes
+ if ($self->{refresh_url} || $self->{refresh_time}) {
+ my $refresh_time = $self->{refresh_time} || 3;
+ my $refresh_url = $self->{refresh_url} || $ENV{REFERER};
+ push @header, "<meta http-equiv='refresh' content='$refresh_time;$refresh_url'>";
+ }
+
+ push @header, "<link rel='stylesheet' href='css/$_' type='text/css' title='Lx-Office stylesheet'>"
+ for grep { -f "css/$_" } apply { s|.*/|| } $self->{stylesheet}, $self->{stylesheets};
+
+ push @header, "<style type='text/css'>\@page { size:landscape; }</style>" if $self->{landscape};
+ push @header, "<link rel='shortcut icon' href='$self->{favicon}' type='image/x-icon'>" if -f $self->{favicon};
+ push @header, '<script type="text/javascript" src="js/jquery.js"></script>',
+ '<script type="text/javascript" src="js/common.js"></script>',
+ '<style type="text/css">@import url(js/jscalendar/calendar-win2k-1.css);</style>',
+ '<script type="text/javascript" src="js/jscalendar/calendar.js"></script>',
+ '<script type="text/javascript" src="js/jscalendar/lang/calendar-de.js"></script>',
+ '<script type="text/javascript" src="js/jscalendar/calendar-setup.js"></script>',
+ '<script type="text/javascript" src="js/part_selection.js"></script>';
+ push @header, $self->{javascript} if $self->{javascript};
+ push @header, map { $_->show_javascript } @{ $self->{AJAX} || [] };
+ push @header, "<script type='text/javascript'>function fokus(){ document.$self->{fokus}.focus(); }</script>" if $self->{fokus};
+ push @header, sprintf "<script type='text/javascript'>top.document.title='%s';</script>",
+ join ' - ', grep $_, $self->{title}, $self->{login}, $::myconfig{dbname}, $self->{version} if $self->{title};
+
+ # if there is a title, we put some JavaScript in to the page, wich writes a
+ # meaningful title-tag for our frameset.
+ my $title_hack = '';
+ if ($self->{title}) {
+ $title_hack = qq|
<script type="text/javascript">
<!--
- function fokus() {
- document.$self->{fokus}.focus();
- }
+ // Write a meaningful title-tag for our frameset.
+ top.document.title="| . $self->{"title"} . qq| - | . $self->{"login"} . qq| - | . $::myconfig{dbname} . qq| - V| . $self->{"version"} . qq|";
//-->
- </script>
- | if $self->{"fokus"};
-
- #Set Calendar
- my $jsscript = "";
- if ($self->{jsscript} == 1) {
-
- $jsscript = qq|
- <script type="text/javascript" src="js/jquery.js"></script>
- <script type="text/javascript" src="js/common.js"></script>
- <style type="text/css">\@import url(js/jscalendar/calendar-win2k-1.css);</style>
- <script type="text/javascript" src="js/jscalendar/calendar.js"></script>
- <script type="text/javascript" src="js/jscalendar/lang/calendar-de.js"></script>
- <script type="text/javascript" src="js/jscalendar/calendar-setup.js"></script>
- $self->{javascript}
- |;
- }
-
- $self->{titlebar} =
- ($self->{title})
- ? "$self->{title} - $self->{titlebar}"
- : $self->{titlebar};
- my $ajax = "";
- for my $item (@ { $self->{AJAX} || [] }) {
- $ajax .= $item->show_javascript();
- }
+ </script>|;
+ }
- print $self->create_http_response('content_type' => 'text/html',
- 'charset' => $db_charset,);
- print qq|${doctype}<html>
-<head>
- <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=${db_charset}">
+ # output
+ print $self->create_http_response(content_type => 'text/html', charset => $db_charset);
+ print "<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01//EN' 'http://www.w3.org/TR/html4/strict.dtd'>\n"
+ if $ENV{'HTTP_USER_AGENT'} =~ m/MSIE\s+\d/; # Other browsers may choke on menu scripts with DOCTYPE.
+ print <<EOT;
+<html>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=$db_charset">
<title>$self->{titlebar}</title>
- $stylesheet
- $pagelayout
- $favicon
- $jsscript
- $ajax
-
- $fokus
-
+EOT
+ print " $_\n" for @header;
+ print <<EOT;
<link rel="stylesheet" href="css/jquery.autocomplete.css" type="text/css" />
-
<meta name="robots" content="noindex,nofollow" />
<script type="text/javascript" src="js/highlight_input.js"></script>
-
<link rel="stylesheet" type="text/css" href="css/tabcontent.css" />
<script type="text/javascript" src="js/tabcontent.js">
***********************************************/
</script>
-
$extra_code
-</head>
+ $title_hack
+ </head>
-|;
- }
- $self->{header} = 1;
+EOT
- $main::lxdebug->leave_sub();
+ $::lxdebug->leave_sub;
}
sub ajax_response_header {
}
if (%main::myconfig) {
- map({ $additional_params->{"myconfig_${_}"} = $main::myconfig{$_}; } keys(%main::myconfig));
- my $jsc_dateformat = $main::myconfig{"dateformat"};
- $jsc_dateformat =~ s/d+/\%d/gi;
- $jsc_dateformat =~ s/m+/\%m/gi;
- $jsc_dateformat =~ s/y+/\%Y/gi;
- $additional_params->{"myconfig_jsc_dateformat"} = $jsc_dateformat;
+ $::myconfig{jsc_dateformat} = apply {
+ s/d+/\%d/gi;
+ s/m+/\%m/gi;
+ s/y+/\%Y/gi;
+ } $::myconfig{"dateformat"};
$additional_params->{"myconfig"} ||= \%::myconfig;
+ map { $additional_params->{"myconfig_${_}"} = $main::myconfig{$_}; } keys %::myconfig;
}
$additional_params->{"conf_dbcharset"} = $main::dbcharset;
'CACHE_SIZE' => 0,
'PLUGIN_BASE' => 'SL::Template::Plugin',
'INCLUDE_PATH' => '.:templates/webpages',
- 'COMPILE_EXT' => $main::template_compile_ext,
- 'COMPILE_DIR' => $main::template_compile_dir,
+ 'COMPILE_EXT' => '.tcc',
+ 'COMPILE_DIR' => $::userspath . '/templates-cache',
})) || die;
}
$main::lxdebug->enter_sub();
my ($self, $myconfig, $userspath) = @_;
- my ($template, $out);
+ my $out;
local (*IN, *OUT);
my $ext_for_format;
+ my $template_type;
if ($self->{"format"} =~ /(opendocument|oasis)/i) {
- $template = OpenDocumentTemplate->new($self->{"IN"}, $self, $myconfig, $userspath);
+ $template_type = 'OpenDocument';
$ext_for_format = $self->{"format"} =~ m/pdf/ ? 'pdf' : 'odt';
} elsif ($self->{"format"} =~ /(postscript|pdf)/i) {
$ENV{"TEXINPUTS"} = ".:" . getcwd() . "/" . $myconfig->{"templates"} . ":" . $ENV{"TEXINPUTS"};
- $template = LaTeXTemplate->new($self->{"IN"}, $self, $myconfig, $userspath);
+ $template_type = 'LaTeX';
$ext_for_format = 'pdf';
} elsif (($self->{"format"} =~ /html/i) || (!$self->{"format"} && ($self->{"IN"} =~ /html$/i))) {
- $template = HTMLTemplate->new($self->{"IN"}, $self, $myconfig, $userspath);
+ $template_type = 'HTML';
$ext_for_format = 'html';
} elsif (($self->{"format"} =~ /xml/i) || (!$self->{"format"} && ($self->{"IN"} =~ /xml$/i))) {
- $template = XMLTemplate->new($self->{"IN"}, $self, $myconfig, $userspath);
+ $template_type = 'XML';
$ext_for_format = 'xml';
- } elsif ( $self->{"format"} =~ /elsterwinston/i ) {
- $template = XMLTemplate->new($self->{"IN"}, $self, $myconfig, $userspath);
-
- } elsif ( $self->{"format"} =~ /elstertaxbird/i ) {
- $template = XMLTemplate->new($self->{"IN"}, $self, $myconfig, $userspath);
+ } elsif ( $self->{"format"} =~ /elster(?:winston|taxbird)/i ) {
+ $template_type = 'xml';
} elsif ( $self->{"format"} =~ /excel/i ) {
- $template = ExcelTemplate->new($self->{"IN"}, $self, $myconfig, $userspath);
+ $template_type = 'Excel';
$ext_for_format = 'xls';
} elsif ( defined $self->{'format'}) {
$self->error("Outputformat not defined: $self->{'format'}");
}
+ my $template = SL::Template::create(type => $template_type,
+ file_name => $self->{IN},
+ form => $self,
+ myconfig => $myconfig,
+ userspath => $userspath);
+
# Copy the notes from the invoice/sales order etc. back to the variable "notes" because that is where most templates expect it to be.
$self->{"notes"} = $self->{ $self->{"formname"} . "notes" };
# Database routines used throughout
+sub _dbconnect_options {
+ my $self = shift;
+ my $options = { pg_enable_utf8 => $::locale->is_utf8,
+ @_ };
+
+ return $options;
+}
+
sub dbconnect {
$main::lxdebug->enter_sub(2);
my ($self, $myconfig) = @_;
# connect to database
- my $dbh =
- DBI->connect($myconfig->{dbconnect},
- $myconfig->{dbuser}, $myconfig->{dbpasswd})
+ my $dbh = DBI->connect($myconfig->{dbconnect}, $myconfig->{dbuser}, $myconfig->{dbpasswd}, $self->_dbconnect_options)
or $self->dberror;
# set db options
my ($self, $myconfig) = @_;
# connect to database
- my $dbh =
- DBI->connect($myconfig->{dbconnect}, $myconfig->{dbuser},
- $myconfig->{dbpasswd}, { AutoCommit => 0 })
+ my $dbh = DBI->connect($myconfig->{dbconnect}, $myconfig->{dbuser}, $myconfig->{dbpasswd}, $self->_dbconnect_options(AutoCommit => 0))
or $self->dberror;
# set db options
my @values;
foreach my $item (qw(name department_1 department_2 street zipcode city country
- contact phone fax email)) {
+ contact cp_gender phone fax email)) {
if ($self->{"shipto$item"}) {
$shipto = 1 if ($self->{$item} ne $self->{"shipto$item"});
}
shiptocity = ?,
shiptocountry = ?,
shiptocontact = ?,
+ shiptocp_gender = ?,
shiptophone = ?,
shiptofax = ?,
shiptoemail = ?
shiptocity = ? AND
shiptocountry = ? AND
shiptocontact = ? AND
+ shiptocp_gender = ? AND
shiptophone = ? AND
shiptofax = ? AND
shiptoemail = ? AND
$query =
qq|INSERT INTO shipto (trans_id, shiptoname, shiptodepartment_1, shiptodepartment_2,
shiptostreet, shiptozipcode, shiptocity, shiptocountry,
- shiptocontact, shiptophone, shiptofax, shiptoemail, module)
- VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)|;
+ shiptocontact, shiptocp_gender, shiptophone, shiptofax, shiptoemail, module)
+ VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)|;
do_query($self, $dbh, $query, $id, @values, $module);
}
}
=head1 SPECIAL FUNCTIONS
-=over 4
-
-=item _store_value()
+=head2 C<_store_value()>
parses a complex var name, and stores it in the form.
filter.status[] => $form->{status}->[ val1, val2, ... ]
-=item update_business PARAMS
+=head2 C<update_business> PARAMS
PARAMS (not named):
\%config, - config hashref
special behaviour for empty strings in customerinitnumber field:
will in this case not increase the value, and return undef.
-=item redirect_header $url
+=head2 C<redirect_header> $url
Generates a HTTP redirection header for the new C<$url>. Constructs an
absolute URL including scheme, host name and port. If C<$url> is a
print $::form->redirect_header('oe.pl?action=edit&id=1234');
print $::form->redirect_header('http://www.lx-office.org/');
+=head2 C<header>
+
+Generates a general purpose http/html header and includes most of the scripts
+ans stylesheets needed.
+
+Only one header will be generated. If the method was already called in this
+request it will not output anything and return undef. Also if no
+HTTP_USER_AGENT is found, no header is generated.
+
+Although header does not accept parameters itself, it will honor special
+hashkeys of its Form instance:
+
+=over 4
+
+=item refresh_time
+
+=item refresh_url
+
+If one of these is set, a http-equiv refresh is generated. Missing parameters
+default to 3 seconds and the refering url.
+
+=item stylesheet
+
+=item stylesheets
+
+If these are arrayrefs the contents will be inlined into the header.
+
+=item landscape
+
+If true, a css snippet will be generated that sets the page in landscape mode.
+
+=item favicon
+
+Used to override the default favicon.
+
+=item title
+
+A html page title will be generated from this
+
=back
=cut