this will allow importing of outside variables not set in $_REQUEST */ class BlockForm implements BlockHandlerInterface { public function handle( $pParams, $pContent, Template $template, &$repeat): string { global $gBitSystem, $gBitUser, $gSniffer; if( !empty($pContent) ) { if ( $template ) { if( !isset( $pParams['method'] ) ) { $pParams['method'] = 'post'; } $atts = ''; $url = $gBitSystem->isLive() && isset( $pParams['secure'] ) && $pParams['secure'] // This is NEEDED to enforce HTTPS secure logins! ? 'https://' . $_SERVER['HTTP_HOST'] : ''; $onsubmit = ''; // services can add something to onsubmit if( $template->getTemplateVars( 'serviceOnsubmit' ) ) { $onsubmit .= $template->getTemplateVars( 'serviceOnsubmit' ).";"; } foreach( $pParams as $key => $val ) { switch( $key ) { case 'ifile': case 'ipackage': if( $key == 'ipackage' ) { $url = match ( $val ) { 'root' => BIT_ROOT_URL . $pParams['ifile'], default => constant( strtoupper( $val ) . '_PKG_URL' ) . $pParams['ifile'], }; } break; case 'legend': if( !empty( $val ) ) { $legend = '

'.KernelTools::tra( $val ).'

'; } break; // this is needed for backwards compatibility since we sometimes pass in a url case 'action': if ( !empty( $val ) ) { if( substr( $val, 0, 4 ) == 'http' ) { if( isset( $pParams['secure'] ) && $pParams['secure'] && ( substr( $val, 0, 5 ) != 'https' )) { $val = preg_replace( '/^http/', 'https', $val ); } $url = $val; } else { $url .= $val; } } break; case 'ianchor': case 'secure': break; case 'onsubmit': if( !empty( $val ) ) { $onsubmit .= "$val;"; } break; default: if( !empty( $val ) ) { $atts .= "$key=\"$val\" "; } break; } } if( empty( $url )) { $url = $_SERVER['SCRIPT_NAME']; } else if( $url == 'https://' . $_SERVER['HTTP_HOST'] ) { $url .= $_SERVER['SCRIPT_NAME']; } $onsub = !empty( $onsubmit ) ? " onsubmit=\"$onsubmit\"" : ''; $ret = '

'; $ret .= isset( $legend ) ? "

$legend" : ''; if( is_object( $gBitUser ) && $gBitUser->isRegistered() ) { $ret .= ''; } $ret .= $pContent; $ret .= isset( $legend ) ? '

' : ''; // close the open tags $ret .= '

'; return $ret; } global $gSmartyFormHorizontal; // global var other plugin functions will pick up to add proper col-XX-YY styling for horizontal forms $gSmartyFormHorizontal = !empty( $pParams['class'] ) && strpos( $pParams['class'], 'form-horizontal' ) !== false; return ''; } return ''; } public function isCacheable(): bool { return true; } }