Caravel CMS PHP Cross Reference Content Management Systems

Source: /apps/GoogleGadgets/GoogleGadgets.php - 72 lines - 2936 bytes - Summary - Text - Print

   1  <?php
   2  
   3  /**
   4  * Name:      GoogleGadgets.php
   5  * App:       GoogleGadgets
   6  * Desc:      Allows the user to add Google Gadgets to their site.
   7  * Creator:   Jason Yoder <jasonay@goshen.edu>
   8  */
   9  
  10  class GoogleGadgets extends App
  11      {
  12              
  13          function getContent()
  14                  {
  15                  //make sure that the url has been placed straight from google gadgets and leave no room for malicious scripts
  16                  $beg = ereg("^[\<script\ssrc=\'http:\/\/gmodules.com\/]", $this->settingsVars['script']);
  17                  $end = ereg("[\>\<\/script\>]$", $this->settingsVars['script']);
  18                  
  19                  //first close tag >
  20                  $firstCloseTag = strpos(trim($this->settingsVars['script']), ">");
  21                  //first end script tag </script>
  22                  $firstCloseScript = strpos(trim($this->settingsVars['script']), "</script>");
  23                  //should be $firstCloseScript + 8
  24                  $lastBracket  = strrpos( trim($this->settingsVars['script']), ">");
  25                  
  26                  //from first ">" to first "</script>" should be size 1
  27                  $space = strlen( trim(substr( trim($this->settingsVars['script']), $firstCloseTag, $firstCloseScript-$firstCloseTag )));
  28                  
  29                  //if it starts as a google url, the first end bracket is followed immediately by the end script </script>
  30                  //and then string ends, then it is a valid url otherwise it is not because additional scripting might be hidden
  31                  if ($beg && $end && $space == 1 && $lastBracket == $firstCloseScript + 8 )
  32                    {
  33                    return $this->settingsVars['script'];
  34                    }  
  35                  else
  36                    return 'invalid URL'; 
  37  
  38                  }
  39          function onSave()
  40                  {
  41                  $this->settingsVars['script'] = $this->httpVars['script'];
  42                  $this->saveSettings($this->settingsVars);
  43                  } 
  44          function getConfig()
  45          {
  46          $f = FormWidget::init();
  47          $f->section();
  48  
  49          $f->field('Script Source');
  50          $f->text('script', str_replace('"', "'", $this->settingsVars['script']), 50 );
  51          
  52          $f->field('Search for Gadgets');
  53          $f->text('searchGadgets', '', 20, array('id' => $this->paramName('searchGadgets') ) );
  54          $f->button('search', 'Search for Google Gadgets', "
  55          if (document.getElementById('".$this->paramName('searchGadgets')."').value != '')
  56            {
  57            popup('http://www.google.com/ig/directory?synd=open&num=24&q='+document.getElementById('".$this->paramName('searchGadgets')."').value+'&btnG=Search+Google+Gadgets', 'Search', 820, 700); return false;
  58            }
  59          else
  60            {
  61            alert('Please enter something to search for');
  62            }
  63          ");
  64          
  65          $f->endSection();
  66          $f->defaultButtons();
  67  
  68          return $f->get();
  69          }
  70  
  71      }   
  72  ?>

title

Description

title

Description

title

Description

title

title

Body