151 * @param string Custom error message. If omitted, the default will be shown. |
151 * @param string Custom error message. If omitted, the default will be shown. |
152 */ |
152 */ |
153 |
153 |
154 function handle_invalid_json(response, customerror) |
154 function handle_invalid_json(response, customerror) |
155 { |
155 { |
156 var mainwin = $dynano('ajaxEditContainer').object; |
156 load_component('messagebox'); |
157 mainwin.innerHTML = ''; |
157 load_component('SpryEffects'); |
158 |
158 load_component('fadefilter'); |
159 // Title |
159 load_component('flyin'); |
160 var h3 = document.createElement('h3'); |
160 load_component('l10n'); |
161 h3.appendChild(document.createTextNode('The site encountered an error while processing your request.')); |
161 |
162 mainwin.appendChild(h3); |
162 darken(); |
163 |
163 |
164 if ( typeof(customerror) == 'string' ) |
164 var box = document.createElement('div'); |
165 { |
165 var mainwin = document.createElement('div'); |
166 var el = document.createElement('p'); |
166 var panel = document.createElement('div'); |
167 el.appendChild(document.createTextNode(customerror)); |
167 |
168 mainwin.appendChild(el); |
168 // |
169 } |
169 // main window |
170 else |
170 // |
171 { |
171 |
172 customerror = 'We unexpectedly received the following response from the server. The response should have been in the JSON '; |
172 mainwin.style.padding = '10px'; |
173 customerror += 'serialization format, but the response wasn\'t composed only of the JSON response. There are three possible triggers '; |
173 mainwin.style.width = '580px'; |
174 customerror += 'for this problem:'; |
174 mainwin.style.height = '360px'; |
175 var el = document.createElement('p'); |
175 mainwin.style.clip = 'rect(0px,auto,auto,0px)'; |
176 el.appendChild(document.createTextNode(customerror)); |
176 mainwin.style.overflow = 'auto'; |
177 mainwin.appendChild(el); |
177 mainwin.style.backgroundColor = '#ffffff'; |
178 var ul = document.createElement('ul'); |
178 |
179 var li1 = document.createElement('li'); |
179 // Title |
180 var li2 = document.createElement('li'); |
180 var h3 = document.createElement('h3'); |
181 var li3 = document.createElement('li'); |
181 var h3_text = ( $lang.placeholder ) ? 'The site encountered an error while processing your request.' : $lang.get('ajax_badjson_title'); |
182 li1.appendChild(document.createTextNode('The server sent back a bad HTTP response code and thus sent an error page instead of running Enano. This indicates a possible problem with your server, and is not likely to be a bug with Enano.')); |
182 h3.appendChild(document.createTextNode(h3_text)); |
183 var osc_exception = ( window.location.hostname == 'demo.opensourcecms.com' ) ? ' This is KNOWN to be the case with the OpenSourceCMS.com demo version of Enano.' : ''; |
183 mainwin.appendChild(h3); |
184 li2.appendChild(document.createTextNode('The server sent back the expected JSON response, but also injected some code into the response that should not be there. Typically this consists of advertisement code. In this case, the administrator of this site will have to contact their web host to have advertisements disabled.' + osc_exception)); |
184 |
185 li3.appendChild(document.createTextNode('It\'s possible that Enano triggered a PHP error or warning. In this case, you may be looking at a bug in Enano.')); |
185 if ( typeof(customerror) == 'string' ) |
186 |
186 { |
187 ul.appendChild(li1); |
187 var el = document.createElement('p'); |
188 ul.appendChild(li2); |
188 el.appendChild(document.createTextNode(customerror)); |
189 ul.appendChild(li3); |
189 mainwin.appendChild(el); |
190 mainwin.appendChild(ul); |
190 } |
191 } |
191 else |
192 |
192 { |
193 var p2 = document.createElement('p'); |
193 var error = 'We unexpectedly received the following response from the server. The response should have been in the JSON '; |
194 p2.appendChild(document.createTextNode('The response received from the server is as follows:')); |
194 error += 'serialization format, but the response wasn\'t composed only of the JSON response. There are three possible triggers '; |
195 mainwin.appendChild(p2); |
195 error += 'for this problem:'; |
196 |
196 customerror = ( $lang.placeholder ) ? error : $lang.get('ajax_badjson_body'); |
197 var pre = document.createElement('pre'); |
197 var el = document.createElement('p'); |
198 pre.appendChild(document.createTextNode(response)); |
198 el.appendChild(document.createTextNode(customerror)); |
199 mainwin.appendChild(pre); |
199 mainwin.appendChild(el); |
200 |
200 var ul = document.createElement('ul'); |
201 var p3 = document.createElement('p'); |
201 var li1 = document.createElement('li'); |
202 p3.appendChild(document.createTextNode('You may also choose to view the response as HTML. ')); |
202 var li2 = document.createElement('li'); |
203 var a = document.createElement('a'); |
203 var li3 = document.createElement('li'); |
204 a.appendChild(document.createTextNode('View as HTML...')); |
204 var li1_text = ( $lang.placeholder ) ? 'The server sent back a bad HTTP response code and thus sent an error page instead of running Enano. This indicates a possible problem with your server, and is not likely to be a bug with Enano.' : $lang.get('ajax_badjson_tip1'); |
205 a._resp = response; |
205 var li2_text = ( $lang.placeholder ) ? 'The server sent back the expected JSON response, but also injected some code into the response that should not be there. Typically this consists of advertisement code. In this case, the administrator of this site will have to contact their web host to have advertisements disabled.' : $lang.get('ajax_badjson_tip2'); |
206 a.id = 'invalidjson_link'; |
206 var li3_text = ( $lang.placeholder ) ? 'It\'s possible that Enano triggered a PHP error or warning. In this case, you may be looking at a bug in Enano.' : $lang.get('ajax_badjson_tip3'); |
207 a.onclick = function() |
207 var osc_ex_data = ( $lang.placeholder ) ? 'This is KNOWN to be the case with the OpenSourceCMS.com demo version of Enano.' : $lang.get('ajax_badjson_osc'); |
208 { |
208 li1.appendChild(document.createTextNode(li1_text)); |
209 var mb = new MessageBox(MB_YESNO | MB_ICONEXCLAMATION, 'Do you really want to view this response as HTML?', 'If the response was changed during transmission to include malicious code, you may be allowing that malicious code to run by viewing the response as HTML. Only do this if you have reviewed the response text and have found no suspicious code in it.'); |
209 var osc_exception = ( window.location.hostname == 'demo.opensourcecms.com' ) ? ' ' + osc_ex_data : ''; |
210 mb.onclick['Yes'] = function() |
210 li2.appendChild(document.createTextNode(li2_text + osc_exception)); |
211 { |
211 li3.appendChild(document.createTextNode(li3_text)); |
212 var html = $dynano('invalidjson_link').object._resp; |
212 |
213 var win = window.open('about:blank', 'invalidjson_htmlwin', 'width=550,height=400,status=no,toolbars=no,toolbar=no,address=no,scroll=yes'); |
213 ul.appendChild(li1); |
214 win.document.write(html); |
214 ul.appendChild(li2); |
215 } |
215 ul.appendChild(li3); |
216 return false; |
216 mainwin.appendChild(ul); |
217 } |
217 } |
218 a.href = '#'; |
218 |
219 p3.appendChild(a); |
219 var p2 = document.createElement('p'); |
220 mainwin.appendChild(p3); |
220 var p2_text = ( $lang.placeholder ) ? 'The response received from the server is as follows:' : $lang.get('ajax_badjson_msg_response'); |
|
221 p2.appendChild(document.createTextNode(p2_text)); |
|
222 mainwin.appendChild(p2); |
|
223 |
|
224 var pre = document.createElement('pre'); |
|
225 pre.appendChild(document.createTextNode(response)); |
|
226 mainwin.appendChild(pre); |
|
227 |
|
228 var p3 = document.createElement('p'); |
|
229 var p3_text = $lang.placeholder ? 'You may also choose to view the response as HTML.' : $lang.get('ajax_badjson_msg_viewashtml'); |
|
230 p3.appendChild(document.createTextNode(p3_text + ' ')); |
|
231 var a = document.createElement('a'); |
|
232 var a_text = $lang.placeholder ? 'View as HTML' : $lang.get('ajax_badjson_btn_viewashtml'); |
|
233 a.appendChild(document.createTextNode(a_text + '...')); |
|
234 a._resp = response; |
|
235 a.onclick = function() |
|
236 { |
|
237 var vah_title = ( $lang.placeholder ) ? 'View the response as HTML?' : $lang.get('ajax_badjson_html_confirm_title'); |
|
238 var vah_body = ( $lang.placeholder ) ? 'If the server\'s response was modified by an attacker to include malicious code, viewing the response as HTML might allow that malicious code to run. Only continue if you have inspected the response text and verified that it is safe.' : $lang.get('ajax_badjson_html_confirm_body'); |
|
239 var btn_confirm = $lang.placeholder ? 'View as HTML' : $lang.get('ajax_badjson_btn_viewashtml'); |
|
240 var btn_cancel = $lang.placeholder ? 'Cancel' : $lang.get('etc_cancel'); |
|
241 var mp = miniPromptMessage({ |
|
242 title: vah_title, |
|
243 message: vah_body, |
|
244 buttons: [ |
|
245 { |
|
246 text: btn_confirm, |
|
247 color: 'blue', |
|
248 style: { |
|
249 fontWeight: 'bold' |
|
250 }, |
|
251 onclick: function() { |
|
252 var mp = miniPromptGetParent(this); |
|
253 var win = window.open('about:blank', 'invalidjson_htmlwin', 'width=550,height=400,status=no,toolbars=no,toolbar=no,address=no,scroll=yes'); |
|
254 win.document.write(mp._response); |
|
255 win.document.close(); |
|
256 miniPromptDestroy(this); |
|
257 } |
|
258 }, |
|
259 { |
|
260 text: btn_cancel, |
|
261 onclick: function() { |
|
262 miniPromptDestroy(this); |
|
263 } |
|
264 } |
|
265 ] |
|
266 }); |
|
267 mp._response = this._resp; |
|
268 return false; |
|
269 } |
|
270 a.href = '#'; |
|
271 p3.appendChild(a); |
|
272 mainwin.appendChild(p3); |
|
273 |
|
274 // |
|
275 // panel |
|
276 // |
|
277 |
|
278 panel.style.backgroundColor = '#D0D0D0'; |
|
279 panel.style.textAlign = 'right'; |
|
280 panel.style.padding = '0 10px'; |
|
281 panel.style.lineHeight = '40px'; |
|
282 panel.style.width = '580px'; |
|
283 |
|
284 var closer = document.createElement('input'); |
|
285 var btn_close = $lang.placeholder ? 'Close' : $lang.get('ajax_badjson_btn_close'); |
|
286 closer.type = 'button'; |
|
287 closer.value = btn_close; |
|
288 closer.onclick = function() |
|
289 { |
|
290 var parentdiv = this.parentNode.parentNode; |
|
291 var effect = new Spry.Effect.Blind(parentdiv, { |
|
292 from: '100%', |
|
293 to: '0%', |
|
294 duration: '1000' |
|
295 }); |
|
296 var observer = { |
|
297 onPostEffect: function() |
|
298 { |
|
299 parentdiv.parentNode.removeChild(parentdiv); |
|
300 enlighten(); |
|
301 } |
|
302 }; |
|
303 effect.addObserver(observer); |
|
304 effect.start(); |
|
305 } |
|
306 panel.appendChild(closer); |
|
307 |
|
308 // |
|
309 // put it together |
|
310 // |
|
311 |
|
312 box.appendChild(mainwin); |
|
313 box.appendChild(panel); |
|
314 |
|
315 // add it to the body to allow height/width calculation |
|
316 |
|
317 box.style.display = 'block'; |
|
318 box.style.position = 'absolute'; |
|
319 domObjChangeOpac(0, box); |
|
320 |
|
321 var body = document.getElementsByTagName('body')[0]; |
|
322 body.appendChild(box); |
|
323 |
|
324 |
|
325 // calculate position of the box |
|
326 // box should be exactly 640px high, 480px wide |
|
327 var top = ( getHeight() / 2 ) - ( $(box).Height() / 2 ) + getScrollOffset(); |
|
328 var left = ( getWidth() / 2 ) - ( $(box).Width() / 2 ); |
|
329 console.debug('top = %d, left = %d', top, left); |
|
330 box.style.top = top + 'px'; |
|
331 box.style.left = left + 'px'; |
|
332 |
|
333 // we have width and height, set display to none and reset opacity |
|
334 box.style.display = 'none'; |
|
335 domObjChangeOpac(100, box); |
|
336 |
|
337 setTimeout(function() |
|
338 { |
|
339 (new Spry.Effect.Blind(box, { |
|
340 from: '0%', |
|
341 to: '100%', |
|
342 duration: 1000 |
|
343 })).start(); |
|
344 }, 1000); |
|
345 } |
|
346 |
|
347 /** |
|
348 * Verify that a string is roughly a valid JSON object. Warning - this is only a very cheap syntax check. |
|
349 * @param string |
|
350 * @return bool true if JSON is valid |
|
351 */ |
|
352 |
|
353 function check_json_response(response) |
|
354 { |
|
355 response = trim(response); |
|
356 if ( response.substr(0, 1) == '{' && response.substr(response.length - 1, 1) == '}' ) |
|
357 { |
|
358 return true; |
|
359 } |
|
360 return false; |
221 } |
361 } |
222 |
362 |
223 function ajaxEscape(text) |
363 function ajaxEscape(text) |
224 { |
364 { |
225 /* |
365 /* |