NathanGibbs3 / BASE / 627

pending completion

Build # 627

Build Type

push

travis-ci-com

Committed by

NathanGibbs3

Commit Message

Merge branch 'documentation' into devel

Run Details

1766 of 6437 relevant lines covered (27.44%)

105.91 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

/includes/base_output_html.inc.php

<?php
// Basic Analysis and Security Engine (BASE)
// Copyright (C) 2019-2023 Nathan Gibbs
// Copyright (C) 2004 BASE Project Team
// Copyright (C) 2000 Carnegie Mellon University
//
//   For license info: See the file 'base_main.php'
//
//       Project Lead: Nathan Gibbs
// Built upon work by: Kevin Johnson & the BASE Project Team
//                     Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
//
//            Purpose: Prints or generates HTML to display
//
//          Author(s): Nathan Gibbs
//                     Kevin Johnson
// Ensure the conf file has been loaded.  Prevent direct access to this file.
defined('_BASE_INC') or die('Accessing this file directly is not allowed.');

function PageStart ( $refresh = 0, $page_title = '' ){
        GLOBAL $BASE_VERSION, $BASE_installID, $base_style, $BASE_urlpath,
        $html_no_cache, $refresh_stat_page, $stat_page_refresh_time, $UIL, $BCR,
        $Use_Auth_System;
        $AS = false;
        // @codeCoverageIgnoreStart
        if( isset($BCR) && is_object($BCR) ){
                $BV = $BCR->GetCap('BASE_Ver');
                $AS = $BCR->GetCap('BASE_Auth');
        }else{
                $BV = $BASE_VERSION;
                if( $Use_Auth_System == 1 ){
                        $AS = true;
                }
        }
        // @codeCoverageIgnoreEnd
        $MHE = "<meta http-equiv='";
        $MNM = "<meta name='";
        $GT = 'BASE'; // Generator Meta Attribute.
        // Backport Shim
        $Charset = _CHARSET;
        $title = _TITLE;
        // Remove Info leaking suffix from title.
        // We can safely remove this shim once we merge the Issue11 branch.
        $title = preg_replace("/ ?\(BASE\) $BASE_installID/", '', $title);
        // End Backport Shim
        $title .= " ($GT)";
        $HT = $title; // Header Title
        if ( !AuthorizedPage('(base_denied|index)') ){
                // Additional app info allowed everywhere but landing pages.
                $GT .= " $BV";
                if ( isset($BASE_installID) && $BASE_installID != ''){
                        $title .= " $BASE_installID";
                        $HT = $title;
                }
                $title .= " $BV";
                if ($page_title != ''){
                        $title .= ': ' . XSSPrintSafe($page_title);
                }
                if ( ChkArchive() ){
                        $SfxA = ' -- ARCHIVE';  // Need to add this to Translation Data.
                        $title .= $SfxA;
                        $HT .= $SfxA;
                }
                // @codeCoverageIgnoreStart
                if( $AS ){ // Auth System in use, attempt cookie refresh.
                        if( AuthorizedRole(10000) ){// Authenticated & enabled user.
                                $cookievalue = $_COOKIE['BASERole'];
                                BCS('BASERole', $cookievalue); // Refresh cookie expiration.
                        }
                }
                // @codeCoverageIgnoreEnd
        }
        print "<!DOCTYPE html PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN' 'http://www.w3.org/TR/html4/loose.dtd'>";
        NLIO('<!-- '. $title . ' -->');
        NLIO('<html>');
        NLIO('<head>', 1);
        NLIO($MHE."Content-Type' content='text/html; charset=$Charset'>", 2);
        if ( $html_no_cache == 1 ) {
                NLIO($MHE."pragma' content='no-cache'>", 2);
        }
        if ( $refresh == 1 && $refresh_stat_page == 1 ){
                if (isset($_SERVER["REQUEST_URI"])){
                        $URI = $_SERVER["REQUEST_URI"];
                }else{
                        $URI = '/';
                }
                $tmp = CleanVariable(
                        $URI, VAR_FSLASH | VAR_PERIOD | VAR_DIGIT | VAR_PUNC | VAR_LETTER
                );
                $tmp = htmlspecialchars($tmp,ENT_QUOTES);
                NLIO(
                        $MHE."refresh' content='$stat_page_refresh_time; URL=$tmp'>",2
                );
        }
        NLIO($MNM."Author' content='Nathan Gibbs'>",2);
        NLIO($MNM."Generator' content='$GT'>",2);
        NLIO($MNM."viewport' content='width=device-width, initial-scale=1'>",2);
        NLIO("<title>$title</title>",2);
//        NLIO('<meta name="color-scheme" content="light dark"/>',2);
        NLIO('<link rel="stylesheet" type="text/css" HREF="'. $BASE_urlpath .'/styles/base_common.css'.'">', 2);
        NLIO('<link rel="stylesheet" type="text/css" HREF="'. $BASE_urlpath .'/styles/'. $base_style .'">', 2);
        NLIO('</head>', 1);
        NLIO('<body>', 1);
        NLIO('<div class="mainheadertitle">'.$HT.'</div>',2);
}

function PageEnd (){
        NLIO('</body>', 1);
        NLIO('</html>');
}

function PrintBASESubHeader (
        $page_title = '', $page_name = '', $back_link = '', $refresh = 0,
        $page = ''
){
        GLOBAL $debug_mode, $max_script_runtime, $UIL, $BCR;
        if ( ini_get("safe_mode") != true ){
                set_time_limit($max_script_runtime);
        }
        $BCR->AddCap('UIMode', 'Web');
        PageStart($refresh, $page_title);
        PrintBASEMenu( 'Header', $back_link);
        if ( $debug_mode > 0 ){
                PrintPageHeader();
        }
}

function PrintBASESubFooter (){
        GLOBAL $BASE_path, $BASE_urlpath, $base_custom_footer, $BCR;
        $BV = $BCR->GetCap('BASE_Ver');
        NLIO('<!-- BASE Footer -->', 2);
        PrintBASEMenu('Footer');
        NLIO("<div class='mainfootertext'>", 2);
        NLIO(
                "<a class='largemenuitem' href='https://github.com/NathanGibbs3/BASE' "
                . "target='_blank'>BASE</a>"
                ,3
        );
        $tmp = '';
        if( !AuthorizedPage('(base_denied|index)') ){
                $tmp = "$BV ";
        }
        $tmp .= _FOOTER;
        NLIO($tmp, 3);
        NLIO('</div>', 2);
        if( AuthorizedPage('base_main') ){
                // Custom footer allowed on main page only.
                if( strlen($base_custom_footer) != 0 ){
                        NLIO('<!-- BASE Custom Footer -->', 2);
                        $tmp = base_include($base_custom_footer);
                        if( $tmp == false ){
                                $tmp = XSSPrintSafe ( $base_custom_footer );
                                $tmp = returnErrorMessage (
                                        "ERROR: Include custom footer file: $tmp"
                                );
                                NLIO($tmp, 2);
                        }
                }
        }
        PageEnd();
}

function PrintBASEMenu ( $type = '', $back_link = '' ){
        GLOBAL $BASE_urlpath, $Use_Auth_System, $et;
        if( LoadedString($type) == true ){
                // Common
                $type = strtolower($type);
                $ReqRE = '';
                if( $type == 'header' ){ // Header
                        $ReqRE = "(base_(denied|local_rules|main)|index)";
                }elseif( $type == 'footer' ){ // Footer
                        $ReqRE = "(base_(denied|local_rules)|index)";
                }
                // Header Menu allowed everywhere but main & landing pages.
                // Footer Menu allowed everywhere but landing pages.
                if( $ReqRE != '' && !AuthorizedPage($ReqRE) ){
                        // Html Template
                        $Hrst = "<a class='menuitem' href='$BASE_urlpath/";
                        // Href tag start.
                        $HrstTL = $Hrst . 'base_'; // Top Level Pages.
                        $Sep = ' | '; // Separator.
                        NLIO("<div class='mainheadermenu'>", 2);
                        NLIO("<table border='0'>", 3);
                        NLIO('<tr>', 4);
                        NLIO("<td class='menuitem'>", 5);
                        if( $type == 'header' ){ // Header
                                NLIO($HrstTL . "main.php'>" . _HOME . '</a>', 6);
                                NLIO(
                                        $Sep . $HrstTL . "qry_main.php?new=1'>" . _SEARCH . '</a>',
                                        6
                                );
                        }elseif( $type == 'footer' ){ // Footer
                                NLIO(
                                        $HrstTL . "ag_main.php?ag_action=list'>" . _AGMAINT
                                        . '</a>',
                                        6
                                );
                                NLIO(
                                        $Sep . $HrstTL . "maintenance.php'>" . _CACHE . '</a>', 6
                                );
                        }
                        if( $Use_Auth_System == 1 ){
                                NLIO($Sep . $HrstTL . "user.php'>" . _USERPREF . '</a>', 6);
                                NLIO($Sep . $HrstTL . "logout.php'>" . _LOGOUT . '</a>', 6);
                        }
                        if( $type == 'header' && $back_link != '' ){ // Header
                                NLIO($Sep . $back_link, 6);
                        }elseif( $type == 'footer' ){ // Footer
                                if( AuthorizedRole(1) ){ // Issue #144 fix
                                        if( $Use_Auth_System == 1 ){
                                                $tmp = _ADMIN;
                                        }else{
                                                $tmp = _CREATEU;
                                        }
                                        NLIO("$Sep$Hrst" . "admin/index.php'>$tmp</a>", 6);
                                }
                                if( is_object($et) ){
                                        print $Sep;
                                        NLIO('</td><td>', 5);
                                        $et->PrintTiming();
                                }
                        }
                        PrintFramedBoxFooter(1);
                        NLIO('</div>', 2);
                }
        }
}

function PrintFramedBoxHeader (
        $title = '', $cc = 'black' , $td = 0, $tab = 3, $align = 'center',
        $wd = 100
){
        print FramedBoxHeader($title, $cc, $td, $tab, $align, $wd);
}

function FramedBoxHeader (
        $title = '', $cc = 'black' , $td = 0, $tab = 3, $align = 'center',
        $wd = 100
){
        $Ret = '';
        // Input Validation
        $title = XSSPrintSafe($title);
        if( HtmlColor($cc) == false ){
                $cc = 'black';
        }
        if( !is_int($td) ){
                $td = 0;
        }
        if( !is_int($tab) ){
                $tab = 3;
        }
        if( !is_int($wd) ){
                $wd = 100;
        }
        $align = strtolower($align);
        $hal = array('left', 'center', 'right');
        if( !in_array($align, $hal) ){
                $align = 'center';
        }
        // Input Validation End
        $style = "'border: 2px solid $cc; border-collapse: collapse; width:$wd%;'";
        $tmp = "<table style = $style";
        if( LoadedString($title) == true ){
                $tmp .= " summary='$title'";
        }
        $tmp .= '>';
        $Ret .= NLI($tmp, $tab) . NLI('<tr>', $tab + 1);
        if( LoadedString($title) == true ){
                $Ret .= NLI(
                        "<td class='sectiontitle' style='text-align: $align;' colspan='20'>",
                        $tab + 2
                );
                $Ret .= NLI($title, $tab + 3);
                $Ret .= TblNewRow( $td, $align, $tab + 2 );
        }else{
                if( $td != 0 ){
                        $Ret .= NLI('<td', $tab + 2);
                        if( $align != '' ){
                                $Ret .= " style='text-align: $align;'";
                        }
                        $Ret .= '>';
                }
        }
        return $Ret;
}

function PrintFramedBoxFooter ( $td = 0, $tab = 3 ){
        print FramedBoxFooter($td, $tab);
}

function FramedBoxFooter ( $td = 0, $tab = 3 ){
        $Ret = '';
        // Input Validation
        if( !is_int($td) ){
                $td = 0;
        }
        if( !is_int($tab) ){
                $tab = 3;
        }
        // Input Validation End
        if( $td != 0 ){
                $Ret .= NLI('</td>', $tab + 2);
        }
        $Ret .= NLI('</tr>', $tab + 1);
        $Ret .= NLI('</table>', $tab);
        return $Ret;
}

function TblNewRow ( $td = 0, $align = '', $tab = 3 ){
        $Ret = '';
        // Input Validation
        if( !is_int($td) ){
                $td = 0;
        }
        if( !is_int($tab) || $tab < 1 ){
                $tab = 3;
        }
        $align = strtolower($align);
        $hal = array( 'left', 'center', 'right' );
        if( $align != '' && !in_array($align, $hal) ){
                $align = 'left';
        }
        // Input Validation End
        $Ret = NLI('</td>', $tab);
        $Ret .= NLI('</tr><tr>', $tab -1 );
        if( $td != 0 ){
                $Ret .= NLI('<td', $tab);
                if( $align != '' ){
                        $Ret .= " style='text-align: $align;'";
                }
                $Ret .= '>';
        }
        return $Ret;
}

function PrintTblNewRow ( $td = 0, $align = '', $tab = 3 ){
        print TblNewRow($td, $align, $tab);
}

function LINext ( $tab = 3 ){
        $Ret = '';
        if( !is_int($tab) || $tab < 1 ){ // Input Validation
                $tab = 3;
        }
        $Ret = NLI('</li><li>', $tab);
        return $Ret;
}

function PrintLINext ( $tab = 3 ){
        print LINext($tab);
}

function Icon ( $icon = '', $desc = '', $tab = 3 ){
        GLOBAL $BCR;
        $Ret = '';
        if( LoadedString($icon) ){
                $sc = DIRECTORY_SEPARATOR;
                $IPfx = '';
                $debug_mode = 0;
                $IconSet = 0;
                $rfile = '';
                // @codeCoverageIgnoreStart
                if( isset($BCR) && is_object($BCR) ){
                        $path = $BCR->GetCap('BASE_SSUrlPath');
                        if( LoadedString($path) ){
                                $IPfx = "$path/";
                        }
                        $debug_mode = $BCR->GetCap('BASE_UIDiag');
                        $IconSet = $BCR->GetCap('BASE_UIConSet');
                }
                if( !is_int($debug_mode) || $debug_mode < 0 ){
                        $debug_mode = 0;
                }
                if( !is_int($IconSet) || $IconSet < 0 ){
                        $IconSet = 0;
                }
                if( defined('BASE_Path') ){
                        $rfile = BASE_Path . $sc;
                }
                // @codeCoverageIgnoreEnd
                $ICommon = "base_icon_$IconSet" . '_';
                $IPfx .= "images/$ICommon";
                $ISfx = '.png';
                $icon = CleanVariable($icon, VAR_ALPHA);
                $rfile .= "images$sc$ICommon" . $icon . $ISfx;
                $file = $IPfx . $icon . $ISfx;
                if( ChkAccess($rfile) == 1 ){
                        if( !is_int($tab) || $tab < 1 ){ // Input Validation
                                $tab = 3;
                        }
                        $tmp = "<img class='icon' src='$file'";
                        if( LoadedString($desc) ){
                                $desc = CleanVariable(
                                        $desc, VAR_ALPHA | VAR_SPACE | VAR_USCORE | VAR_PERIOD
                                );
                                $tmp .= " alt='$desc'";
                        }
                        $tmp .= ' />';
                        $Ret = NLI($tmp, $tab);
                }else{
                        // @codeCoverageIgnoreStart
                        if ( $debug_mode > 0 ){
                                KML("Icon access error: $icon File: $rfile");
                        }
                        // @codeCoverageIgnoreEnd
                }
        }
        return $Ret;
}

function PrintIcon ( $icon = '', $desc = '', $tab = 3 ){
        print Icon($icon, $desc, $tab);
}

function returnExportHTTPVar ( $var_name = '', $var_value = '', $tab = 3 ){
        $Ret = '';
        if( LoadedString( $var_name ) ){ // Input Validation
                $var_name = CleanVariable(
                        $var_name, VAR_ALPHA
                        | VAR_SCORE | VAR_USCORE | VAR_PERIOD | VAR_COLON | VAR_BRACKETS
                );
                if( !is_int($tab) ){
                        $tab = 3;
                }
                $Ret = NLI(
                        "<input type='hidden' name='$var_name' value='$var_value'/>", $tab
                );
        }
        return $Ret;
}

function chk_select ( $stored_value, $current_value ){
        $msg = ' ';
        if( strnatcmp($stored_value,$current_value) == 0 ){
                $msg .= 'selected';
        }
        return $msg;
}

function chk_check ( $stored_value, $current_value ){
        $msg = ' ';
        if( $stored_value == $current_value ){
                $msg .= 'checked';
        }
        return $msg;
}

function dispYearOptions ( $stored_value, $Start = 1999 ){
        // Creates the years for drop down boxes
        if( !is_int($Start) || $Start < 1999 ){ // Input Validation
                $Start = 1999;
        }
        $thisyear = date("Y");
        $options = '';
  $options = "<OPTION VALUE=' ' ".chk_select($stored_value, " ").">"._DISPYEAR."\n";
        for( $i = $Start; $i<=$thisyear; $i++ ){
    $options = $options ."<OPTION VALUE='".$i."' ".chk_select($stored_value, $i).">".$i."\n";
        }
        $options .= '</select>';
        return $options;
}

function PrintBASEAdminMenuHeader (){
        GLOBAL $Use_Auth_System;
        $menu = NLI('<div>', 2);
        $menu .= NLI(
                "<div class='mainheadermenu' style='float: left; width: 15%;'>", 3
        );
        $menu .= NLI(_USERMAN . '<hr/>', 4);
        // Html Templates
        $Umca = "base_useradmin.php?action="; // User Managemnt Common Action.
        $Hrst = "<a href='$Umca"; // Href tag start.
        $Hrsp = " class='menuitem'>"; // Href tag end.
        if( $Use_Auth_System == 1 ){ // Issue #144 Fix
                $menu .= NLI($Hrst . "list'" . $Hrsp . _LISTU . '</a><br>', 4);
        }
        $menu .= NLI($Hrst . "create'" . $Hrsp . _CREATEU. '</a><br>', 4);
        $Umca = "base_roleadmin.php?action="; // Role Managemnt Common Action.
        $Hrst = "<a href='$Umca"; // Href tag start.
        if( $Use_Auth_System == 1 ){ // Issue #144 Fix
                $menu .= NLI('<br>' . _ROLEMAN . '<hr>', 4);
                $menu .= NLI($Hrst . "list'" . $Hrsp . _LISTR . '</a><br>', 4);
                $menu .= NLI($Hrst . "create'" . $Hrsp ._CREATER . '</a><br>', 4);
        }
        $menu .= NLI('</div>', 3);
        $menu .= NLI(
                "<div style='padding-left: 10px; width: auto;'>", 3
        );
        print $menu;
}

function PrintBASEAdminMenuFooter (){
        NLIO('</div>',3);
        NLIO('</div>',2);
}

function PrintBASEHelpLink ( $target ){
  /*
    This function will accept a target variable which will point to
    an anchor in the base_help.php file.  It will output a help icon
    that will link to that target in a new window.
  */
}

// Generate Horizontal Bar Graph <td> tag set.
function HBarGraph (
        $Value = 1, $Count = 1, $color = 'ff0000', $bgcolor = 'ffffff'
){
        $pfx = '<td bgcolor="#';
        // Input Validation.
        if( !HtmlColor($color) ){
                $color = 'ff0000';
        }
        if( !HtmlColor($bgcolor) ){
                $bgcolor = 'ffffff';
        }
        // Input End.
        $ent_pct = Percent($Value, $Count);
        if( $ent_pct > 0 ){
                $ent_clr = $color;
        }else{
                $ent_pct = 100;
                $ent_clr = $bgcolor;
        }
        $Ret = $pfx . $ent_clr . '" width="' . $ent_pct. '%">&nbsp;</td>';
        if ( $ent_pct > 0 && $ent_pct < 100 ){
                $Ret .= $pfx . $bgcolor.'"></td>';
        }
        return $Ret;
}

function HtmlPercent ( $Value = 1, $Count = 1 ){
        $ent_pct = Percent($Value, $Count);
        if( $ent_pct == 0 ){
                $tmp = "&lt; 1";
        }else{
                $tmp = $ent_pct;
        }
        $Ret = $tmp . '%';
        return $Ret;
}

?>

1	<?php
2	// Basic Analysis and Security Engine (BASE)
3	// Copyright (C) 2019-2023 Nathan Gibbs
4	// Copyright (C) 2004 BASE Project Team
5	// Copyright (C) 2000 Carnegie Mellon University
6	//
7	// For license info: See the file 'base_main.php'
8	//
9	// Project Lead: Nathan Gibbs
10	// Built upon work by: Kevin Johnson & the BASE Project Team
11	// Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
12	//
13	// Purpose: Prints or generates HTML to display
14	//
15	// Author(s): Nathan Gibbs
16	// Kevin Johnson
17	// Ensure the conf file has been loaded. Prevent direct access to this file.
18	defined('_BASE_INC') or die('Accessing this file directly is not allowed.');
19
20	function PageStart ( $refresh = 0, $page_title = '' ){
21	GLOBAL $BASE_VERSION, $BASE_installID, $base_style, $BASE_urlpath,	84✔
22	$html_no_cache, $refresh_stat_page, $stat_page_refresh_time, $UIL, $BCR,	48✔
23	$Use_Auth_System;	48✔
24	$AS = false;	120✔
25	// @codeCoverageIgnoreStart
26	if( isset($BCR) && is_object($BCR) ){
27	$BV = $BCR->GetCap('BASE_Ver');
28	$AS = $BCR->GetCap('BASE_Auth');
29	}else{
30	$BV = $BASE_VERSION;
31	if( $Use_Auth_System == 1 ){
32	$AS = true;
33	}
34	}
35	// @codeCoverageIgnoreEnd
36	$MHE = "<meta http-equiv='";	120✔
37	$MNM = "<meta name='";	120✔
38	$GT = 'BASE'; // Generator Meta Attribute.	120✔
39	// Backport Shim
40	$Charset = _CHARSET;	120✔
41	$title = _TITLE;	120✔
42	// Remove Info leaking suffix from title.
43	// We can safely remove this shim once we merge the Issue11 branch.
44	$title = preg_replace("/ ?\(BASE\) $BASE_installID/", '', $title);	120✔
45	// End Backport Shim
46	$title .= " ($GT)";	120✔
47	$HT = $title; // Header Title	120✔
48	if ( !AuthorizedPage('(base_denied\|index)') ){	120✔
49	// Additional app info allowed everywhere but landing pages.
50	$GT .= " $BV";	120✔
51	if ( isset($BASE_installID) && $BASE_installID != ''){	120✔
52	$title .= " $BASE_installID";	120✔
53	$HT = $title;	120✔
54	}	36✔
55	$title .= " $BV";	120✔
56	if ($page_title != ''){	120✔
57	$title .= ': ' . XSSPrintSafe($page_title);	20✔
58	}	6✔
59	if ( ChkArchive() ){	120✔
60	$SfxA = ' -- ARCHIVE'; // Need to add this to Translation Data.	20✔
61	$title .= $SfxA;	20✔
62	$HT .= $SfxA;	20✔
63	}	6✔
64	// @codeCoverageIgnoreStart
65	if( $AS ){ // Auth System in use, attempt cookie refresh.
66	if( AuthorizedRole(10000) ){// Authenticated & enabled user.
67	$cookievalue = $_COOKIE['BASERole'];
68	BCS('BASERole', $cookievalue); // Refresh cookie expiration.
69	}
70	}
71	// @codeCoverageIgnoreEnd
72	}	36✔
73	print "<!DOCTYPE html PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN' 'http://www.w3.org/TR/html4/loose.dtd'>";	120✔
74	NLIO('<!-- '. $title . ' -->');	120✔
75	NLIO('<html>');	120✔
76	NLIO('<head>', 1);	120✔
77	NLIO($MHE."Content-Type' content='text/html; charset=$Charset'>", 2);	120✔
78	if ( $html_no_cache == 1 ) {	120✔
79	NLIO($MHE."pragma' content='no-cache'>", 2);	20✔
80	}	6✔
81	if ( $refresh == 1 && $refresh_stat_page == 1 ){	120✔
82	if (isset($_SERVER["REQUEST_URI"])){	40✔
83	$URI = $_SERVER["REQUEST_URI"];	20✔
84	}else{	6✔
85	$URI = '/';	20✔
86	}
87	$tmp = CleanVariable(	40✔
88	$URI, VAR_FSLASH \| VAR_PERIOD \| VAR_DIGIT \| VAR_PUNC \| VAR_LETTER	40✔
89	);	12✔
90	$tmp = htmlspecialchars($tmp,ENT_QUOTES);	40✔
91	NLIO(	40✔
92	$MHE."refresh' content='$stat_page_refresh_time; URL=$tmp'>",2	40✔
93	);	12✔
94	}	12✔
95	NLIO($MNM."Author' content='Nathan Gibbs'>",2);	120✔
96	NLIO($MNM."Generator' content='$GT'>",2);	120✔
97	NLIO($MNM."viewport' content='width=device-width, initial-scale=1'>",2);	120✔
98	NLIO("<title>$title</title>",2);	120✔
99	// NLIO('<meta name="color-scheme" content="light dark"/>',2);
100	NLIO('<link rel="stylesheet" type="text/css" HREF="'. $BASE_urlpath .'/styles/base_common.css'.'">', 2);	120✔
101	NLIO('<link rel="stylesheet" type="text/css" HREF="'. $BASE_urlpath .'/styles/'. $base_style .'">', 2);	120✔
102	NLIO('</head>', 1);	120✔
103	NLIO('<body>', 1);	120✔
104	NLIO('<div class="mainheadertitle">'.$HT.'</div>',2);	120✔
105	}	84✔
106
107	function PageEnd (){
108	NLIO('</body>', 1);	22✔
109	NLIO('</html>');	22✔
110	}	16✔
111
112	function PrintBASESubHeader (
113	$page_title = '', $page_name = '', $back_link = '', $refresh = 0,
114	$page = ''
115	){
116	GLOBAL $debug_mode, $max_script_runtime, $UIL, $BCR;
117	if ( ini_get("safe_mode") != true ){	×
118	set_time_limit($max_script_runtime);	×
119	}
120	$BCR->AddCap('UIMode', 'Web');	×
121	PageStart($refresh, $page_title);	×
122	PrintBASEMenu( 'Header', $back_link);	×
123	if ( $debug_mode > 0 ){	×
124	PrintPageHeader();	×
125	}
126	}
127
128	function PrintBASESubFooter (){
129	GLOBAL $BASE_path, $BASE_urlpath, $base_custom_footer, $BCR;
130	$BV = $BCR->GetCap('BASE_Ver');	×
131	NLIO('<!-- BASE Footer -->', 2);	×
132	PrintBASEMenu('Footer');	×
133	NLIO("<div class='mainfootertext'>", 2);	×
134	NLIO(	×
135	"<a class='largemenuitem' href='https://github.com/NathanGibbs3/BASE' "
136	. "target='_blank'>BASE</a>"
137	,3
138	);
139	$tmp = '';	×
140	if( !AuthorizedPage('(base_denied\|index)') ){	×
141	$tmp = "$BV ";	×
142	}
143	$tmp .= _FOOTER;	×
144	NLIO($tmp, 3);	×
145	NLIO('</div>', 2);	×
146	if( AuthorizedPage('base_main') ){	×
147	// Custom footer allowed on main page only.
148	if( strlen($base_custom_footer) != 0 ){	×
149	NLIO('<!-- BASE Custom Footer -->', 2);	×
150	$tmp = base_include($base_custom_footer);	×
151	if( $tmp == false ){	×
152	$tmp = XSSPrintSafe ( $base_custom_footer );	×
153	$tmp = returnErrorMessage (	×
154	"ERROR: Include custom footer file: $tmp"	×
155	);
156	NLIO($tmp, 2);	×
157	}
158	}
159	}
160	PageEnd();	×
161	}
162
163	function PrintBASEMenu ( $type = '', $back_link = '' ){
164	GLOBAL $BASE_urlpath, $Use_Auth_System, $et;	98✔
165	if( LoadedString($type) == true ){	140✔
166	// Common
167	$type = strtolower($type);	120✔
168	$ReqRE = '';	120✔
169	if( $type == 'header' ){ // Header	120✔
170	$ReqRE = "(base_(denied\|local_rules\|main)\|index)";	40✔
171	}elseif( $type == 'footer' ){ // Footer	92✔
172	$ReqRE = "(base_(denied\|local_rules)\|index)";	60✔
173	}	18✔
174	// Header Menu allowed everywhere but main & landing pages.
175	// Footer Menu allowed everywhere but landing pages.
176	if( $ReqRE != '' && !AuthorizedPage($ReqRE) ){	120✔
177	// Html Template
178	$Hrst = "<a class='menuitem' href='$BASE_urlpath/";	100✔
179	// Href tag start.
180	$HrstTL = $Hrst . 'base_'; // Top Level Pages.	100✔
181	$Sep = ' \| '; // Separator.	100✔
182	NLIO("<div class='mainheadermenu'>", 2);	100✔
183	NLIO("<table border='0'>", 3);	100✔
184	NLIO('<tr>', 4);	100✔
185	NLIO("<td class='menuitem'>", 5);	100✔
186	if( $type == 'header' ){ // Header	100✔
187	NLIO($HrstTL . "main.php'>" . _HOME . '</a>', 6);	40✔
188	NLIO(	40✔
189	$Sep . $HrstTL . "qry_main.php?new=1'>" . _SEARCH . '</a>',	32✔
190	6	16✔
191	);	12✔
192	}elseif( $type == 'footer' ){ // Footer	72✔
193	NLIO(	60✔
194	$HrstTL . "ag_main.php?ag_action=list'>" . _AGMAINT	48✔
195	. '</a>',	42✔
196	6	24✔
197	);	18✔
198	NLIO(	60✔
199	$Sep . $HrstTL . "maintenance.php'>" . _CACHE . '</a>', 6	48✔
200	);	18✔
201	}	18✔
202	if( $Use_Auth_System == 1 ){	100✔
203	NLIO($Sep . $HrstTL . "user.php'>" . _USERPREF . '</a>', 6);	80✔
204	NLIO($Sep . $HrstTL . "logout.php'>" . _LOGOUT . '</a>', 6);	80✔
205	}	24✔
206	if( $type == 'header' && $back_link != '' ){ // Header	100✔
207	NLIO($Sep . $back_link, 6);	20✔
208	}elseif( $type == 'footer' ){ // Footer	86✔
209	if( AuthorizedRole(1) ){ // Issue #144 fix	60✔
210	if( $Use_Auth_System == 1 ){	60✔
211	$tmp = _ADMIN;	40✔
212	}else{	12✔
213	$tmp = _CREATEU;	20✔
214	}
215	NLIO("$Sep$Hrst" . "admin/index.php'>$tmp</a>", 6);	60✔
216	}	18✔
217	if( is_object($et) ){	60✔
218	print $Sep;	20✔
219	NLIO('</td><td>', 5);	20✔
220	$et->PrintTiming();	20✔
221	}	6✔
222	}	18✔
223	PrintFramedBoxFooter(1);	100✔
224	NLIO('</div>', 2);	100✔
225	}	30✔
226	}	36✔
227	}	98✔
228
229	function PrintFramedBoxHeader (
230	$title = '', $cc = 'black' , $td = 0, $tab = 3, $align = 'center',
231	$wd = 100
232	){
233	print FramedBoxHeader($title, $cc, $td, $tab, $align, $wd);	88✔
234	}	64✔
235
236	function FramedBoxHeader (
237	$title = '', $cc = 'black' , $td = 0, $tab = 3, $align = 'center',
238	$wd = 100
239	){
240	$Ret = '';	176✔
241	// Input Validation
242	$title = XSSPrintSafe($title);	176✔
243	if( HtmlColor($cc) == false ){	176✔
244	$cc = 'black';	132✔
245	}	48✔
246	if( !is_int($td) ){	176✔
247	$td = 0;	44✔
248	}	16✔
249	if( !is_int($tab) ){	176✔
250	$tab = 3;	44✔
251	}	16✔
252	if( !is_int($wd) ){	176✔
253	$wd = 100;	44✔
254	}	16✔
255	$align = strtolower($align);	176✔
256	$hal = array('left', 'center', 'right');	176✔
257	if( !in_array($align, $hal) ){	176✔
258	$align = 'center';	44✔
259	}	16✔
260	// Input Validation End
261	$style = "'border: 2px solid $cc; border-collapse: collapse; width:$wd%;'";	176✔
262	$tmp = "<table style = $style";	176✔
263	if( LoadedString($title) == true ){	176✔
264	$tmp .= " summary='$title'";	88✔
265	}	32✔
266	$tmp .= '>';	176✔
267	$Ret .= NLI($tmp, $tab) . NLI('<tr>', $tab + 1);	176✔
268	if( LoadedString($title) == true ){	176✔
269	$Ret .= NLI(	88✔
270	"<td class='sectiontitle' style='text-align: $align;' colspan='20'>",	88✔
271	$tab + 2	40✔
272	);	32✔
273	$Ret .= NLI($title, $tab + 3);	88✔
274	$Ret .= TblNewRow( $td, $align, $tab + 2 );	88✔
275	}else{	32✔
276	if( $td != 0 ){	88✔
277	$Ret .= NLI('<td', $tab + 2);	44✔
278	if( $align != '' ){	44✔
279	$Ret .= " style='text-align: $align;'";	44✔
280	}	16✔
281	$Ret .= '>';	44✔
282	}	16✔
283	}
284	return $Ret;	176✔
285	}
286
287	function PrintFramedBoxFooter ( $td = 0, $tab = 3 ){
288	print FramedBoxFooter($td, $tab);	166✔
289	}	118✔
290
291	function FramedBoxFooter ( $td = 0, $tab = 3 ){
292	$Ret = '';	232✔
293	// Input Validation
294	if( !is_int($td) ){	232✔
295	$td = 0;	44✔
296	}	16✔
297	if( !is_int($tab) ){	232✔
298	$tab = 3;	44✔
299	}	16✔
300	// Input Validation End
301	if( $td != 0 ){	232✔
302	$Ret .= NLI('</td>', $tab + 2);	144✔
303	}	46✔
304	$Ret .= NLI('</tr>', $tab + 1);	232✔
305	$Ret .= NLI('</table>', $tab);	232✔
306	return $Ret;	232✔
307	}
308
309	function TblNewRow ( $td = 0, $align = '', $tab = 3 ){
310	$Ret = '';	264✔
311	// Input Validation
312	if( !is_int($td) ){	264✔
313	$td = 0;	44✔
314	}	16✔
315	if( !is_int($tab) \|\| $tab < 1 ){	264✔
316	$tab = 3;	44✔
317	}	16✔
318	$align = strtolower($align);	264✔
319	$hal = array( 'left', 'center', 'right' );	264✔
320	if( $align != '' && !in_array($align, $hal) ){	264✔
321	$align = 'left';	44✔
322	}	16✔
323	// Input Validation End
324	$Ret = NLI('</td>', $tab);	264✔
325	$Ret .= NLI('</tr><tr>', $tab -1 );	264✔
326	if( $td != 0 ){	264✔
327	$Ret .= NLI('<td', $tab);	88✔
328	if( $align != '' ){	88✔
329	$Ret .= " style='text-align: $align;'";	44✔
330	}	16✔
331	$Ret .= '>';	88✔
332	}	32✔
333	return $Ret;	264✔
334	}
335
336	function PrintTblNewRow ( $td = 0, $align = '', $tab = 3 ){
337	print TblNewRow($td, $align, $tab);	88✔
338	}	64✔
339
340	function LINext ( $tab = 3 ){
341	$Ret = '';	88✔
342	if( !is_int($tab) \|\| $tab < 1 ){ // Input Validation	88✔
343	$tab = 3;	44✔
344	}	16✔
345	$Ret = NLI('</li><li>', $tab);	88✔
346	return $Ret;	88✔
347	}
348
349	function PrintLINext ( $tab = 3 ){
350	print LINext($tab);	44✔
351	}	32✔
352
353	function Icon ( $icon = '', $desc = '', $tab = 3 ){
354	GLOBAL $BCR;	256✔
355	$Ret = '';	352✔
356	if( LoadedString($icon) ){	352✔
357	$sc = DIRECTORY_SEPARATOR;	308✔
358	$IPfx = '';	308✔
359	$debug_mode = 0;	308✔
360	$IconSet = 0;	308✔
361	$rfile = '';	308✔
362	// @codeCoverageIgnoreStart
363	if( isset($BCR) && is_object($BCR) ){
364	$path = $BCR->GetCap('BASE_SSUrlPath');
365	if( LoadedString($path) ){
366	$IPfx = "$path/";
367	}
368	$debug_mode = $BCR->GetCap('BASE_UIDiag');
369	$IconSet = $BCR->GetCap('BASE_UIConSet');
370	}
371	if( !is_int($debug_mode) \|\| $debug_mode < 0 ){
372	$debug_mode = 0;
373	}
374	if( !is_int($IconSet) \|\| $IconSet < 0 ){
375	$IconSet = 0;
376	}
377	if( defined('BASE_Path') ){
378	$rfile = BASE_Path . $sc;
379	}
380	// @codeCoverageIgnoreEnd
381	$ICommon = "base_icon_$IconSet" . '_';	308✔
382	$IPfx .= "images/$ICommon";	308✔
383	$ISfx = '.png';	308✔
384	$icon = CleanVariable($icon, VAR_ALPHA);	308✔
385	$rfile .= "images$sc$ICommon" . $icon . $ISfx;	308✔
386	$file = $IPfx . $icon . $ISfx;	308✔
387	if( ChkAccess($rfile) == 1 ){	308✔
388	if( !is_int($tab) \|\| $tab < 1 ){ // Input Validation	264✔
389	$tab = 3;	44✔
390	}	16✔
391	$tmp = "<img class='icon' src='$file'";	264✔
392	if( LoadedString($desc) ){	264✔
393	$desc = CleanVariable(	88✔
394	$desc, VAR_ALPHA \| VAR_SPACE \| VAR_USCORE \| VAR_PERIOD	88✔
395	);	32✔
396	$tmp .= " alt='$desc'";	88✔
397	}	32✔
398	$tmp .= ' />';	264✔
399	$Ret = NLI($tmp, $tab);	264✔
400	}else{	96✔
401	// @codeCoverageIgnoreStart
402	if ( $debug_mode > 0 ){
403	KML("Icon access error: $icon File: $rfile");
404	}
405	// @codeCoverageIgnoreEnd
406	}
407	}	112✔
408	return $Ret;	352✔
409	}
410
411	function PrintIcon ( $icon = '', $desc = '', $tab = 3 ){
412	print Icon($icon, $desc, $tab);	176✔
413	}	128✔
414
415	function returnExportHTTPVar ( $var_name = '', $var_value = '', $tab = 3 ){
416	$Ret = '';	110✔
417	if( LoadedString( $var_name ) ){ // Input Validation	110✔
418	$var_name = CleanVariable(	88✔
419	$var_name, VAR_ALPHA	72✔
420	\| VAR_SCORE \| VAR_USCORE \| VAR_PERIOD \| VAR_COLON \| VAR_BRACKETS	80✔
421	);	32✔
422	if( !is_int($tab) ){	88✔
423	$tab = 3;	22✔
424	}	8✔
425	$Ret = NLI(	88✔
426	"<input type='hidden' name='$var_name' value='$var_value'/>", $tab	88✔
427	);	32✔
428	}	32✔
429	return $Ret;	110✔
430	}
431
432	function chk_select ( $stored_value, $current_value ){
433	$msg = ' ';	44✔
434	if( strnatcmp($stored_value,$current_value) == 0 ){	44✔
435	$msg .= 'selected';	22✔
436	}	8✔
437	return $msg;	44✔
438	}
439
440	function chk_check ( $stored_value, $current_value ){
441	$msg = ' ';	44✔
442	if( $stored_value == $current_value ){	44✔
443	$msg .= 'checked';	22✔
444	}	8✔
445	return $msg;	44✔
446	}
447
448	function dispYearOptions ( $stored_value, $Start = 1999 ){
449	// Creates the years for drop down boxes
450	if( !is_int($Start) \|\| $Start < 1999 ){ // Input Validation	×
451	$Start = 1999;	×
452	}
453	$thisyear = date("Y");	×
454	$options = '';	×
455	$options = "<OPTION VALUE=' ' ".chk_select($stored_value, " ").">"._DISPYEAR."\n";	×
456	for( $i = $Start; $i<=$thisyear; $i++ ){	×
457	$options = $options ."<OPTION VALUE='".$i."' ".chk_select($stored_value, $i).">".$i."\n";	×
458	}
459	$options .= '</select>';	×
460	return $options;	×
461	}
462
463	function PrintBASEAdminMenuHeader (){
464	GLOBAL $Use_Auth_System;
465	$menu = NLI('<div>', 2);	×
466	$menu .= NLI(	×
467	"<div class='mainheadermenu' style='float: left; width: 15%;'>", 3
468	);
469	$menu .= NLI(_USERMAN . '<hr/>', 4);	×
470	// Html Templates
471	$Umca = "base_useradmin.php?action="; // User Managemnt Common Action.	×
472	$Hrst = "<a href='$Umca"; // Href tag start.	×
473	$Hrsp = " class='menuitem'>"; // Href tag end.	×
474	if( $Use_Auth_System == 1 ){ // Issue #144 Fix	×
475	$menu .= NLI($Hrst . "list'" . $Hrsp . _LISTU . '</a><br>', 4);	×
476	}
477	$menu .= NLI($Hrst . "create'" . $Hrsp . _CREATEU. '</a><br>', 4);	×
478	$Umca = "base_roleadmin.php?action="; // Role Managemnt Common Action.	×
479	$Hrst = "<a href='$Umca"; // Href tag start.	×
480	if( $Use_Auth_System == 1 ){ // Issue #144 Fix	×
481	$menu .= NLI('<br>' . _ROLEMAN . '<hr>', 4);	×
482	$menu .= NLI($Hrst . "list'" . $Hrsp . _LISTR . '</a><br>', 4);	×
483	$menu .= NLI($Hrst . "create'" . $Hrsp ._CREATER . '</a><br>', 4);	×
484	}
485	$menu .= NLI('</div>', 3);	×
486	$menu .= NLI(	×
487	"<div style='padding-left: 10px; width: auto;'>", 3
488	);
489	print $menu;	×
490	}
491
492	function PrintBASEAdminMenuFooter (){
493	NLIO('</div>',3);	×
494	NLIO('</div>',2);	×
495	}
496
497	function PrintBASEHelpLink ( $target ){
498	/*
499	This function will accept a target variable which will point to
500	an anchor in the base_help.php file. It will output a help icon
501	that will link to that target in a new window.
502	*/
503	}
504
505	// Generate Horizontal Bar Graph <td> tag set.
506	function HBarGraph (
507	$Value = 1, $Count = 1, $color = 'ff0000', $bgcolor = 'ffffff'
508	){
509	$pfx = '<td bgcolor="#';	132✔
510	// Input Validation.
511	if( !HtmlColor($color) ){	132✔
512	$color = 'ff0000';	22✔
513	}	8✔
514	if( !HtmlColor($bgcolor) ){	132✔
515	$bgcolor = 'ffffff';	22✔
516	}	8✔
517	// Input End.
518	$ent_pct = Percent($Value, $Count);	132✔
519	if( $ent_pct > 0 ){	132✔
520	$ent_clr = $color;	110✔
521	}else{	40✔
522	$ent_pct = 100;	22✔
523	$ent_clr = $bgcolor;	22✔
524	}
525	$Ret = $pfx . $ent_clr . '" width="' . $ent_pct. '%"> </td>';	132✔
526	if ( $ent_pct > 0 && $ent_pct < 100 ){	132✔
527	$Ret .= $pfx . $bgcolor.'"></td>';	22✔
528	}	8✔
529	return $Ret;	132✔
530	}
531
532	function HtmlPercent ( $Value = 1, $Count = 1 ){
533	$ent_pct = Percent($Value, $Count);	88✔
534	if( $ent_pct == 0 ){	88✔
535	$tmp = "< 1";	22✔
536	}else{	8✔
537	$tmp = $ent_pct;	66✔
538	}
539	$Ret = $tmp . '%';	88✔
540	return $Ret;	88✔
541	}
542
543	?>

NathanGibbs3 / BASE / 627

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous