/
view.php
executable file
·143 lines (134 loc) · 6.01 KB
/
view.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
<?php
// VIEW controller
session_start();
// prevent XSS (cross-site scripting)
$_REQUEST = array_map(function ($value) {
return htmlspecialchars($value, ENT_QUOTES, 'UTF-8');
}, $_REQUEST);
if ( $_REQUEST["action"] == 'authentication' or $_REQUEST["action"] == 'requestauth' ) {
if ( isset($_SESSION['userTK']) and !empty($_SESSION['userTK']) ) {
$_REQUEST["action"] = 'menu';
}
}
switch($_REQUEST["action"]){
case "authentication":
if ( "recover" == $_REQUEST["task"] ) {
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/recover.tpl.php");
} else {
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/authentication.tpl.php");
}
break;
case "requestauth":
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/requestauth.tpl.php");
break;
case "new_pass":
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/new_pass.tpl.php");
break;
case "menu":
if( isset($_REQUEST['origin']) && !empty($_REQUEST['origin']) ){
$origin = base64_decode($_REQUEST["origin"]);
if(strpos($origin,"?"))
$redirectCommand = $origin."&spauth=true";
else
$redirectCommand = $origin."?spauth=true";
echo '<script language="javascript">';
echo 'window.open("'.$redirectCommand.'","_parent")';
echo '</script>';
exit;
} else {
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/menu.tpl.php");
}
break;
case "mydocuments":
if ( $public )
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/mypublicdocuments.tpl.php");
else
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/mydocuments.tpl.php");
break;
case "directories":
if ($_REQUEST["task"] == "add"){
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/directories_add.tpl.php");
}elseif ($_REQUEST["task"] == "edit"){
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/directories_add.tpl.php");
}elseif ($_REQUEST["task"] == "delete"){
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/directories_rem.tpl.php");
}elseif ($_REQUEST["task"] == "movedoc"){
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/directories_movdoc.tpl.php");
}elseif ($_REQUEST["task"] == "publish"){
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/directories_publish.tpl.php");
}
break;
case "mylinks":
if (($_REQUEST["task"] == "add") or ($_REQUEST["task"] == "edit")){
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/mylinks_add.tpl.php");
}else{
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/mylinks.tpl.php");
}
break;
case "mysearches":
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/mysearches.tpl.php");
break;
case "mynews":
if (($_REQUEST["task"] == "add") or ($_REQUEST["task"] == "edit")){
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/mynews_add.tpl.php");
}else{
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/mynews.tpl.php");
}
break;
case "myalerts":
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/myalerts.tpl.php");
break;
case "myprofiledocuments":
if (($_REQUEST["task"] == "add") or ($_REQUEST["task"] == "edit")) {
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/myprofiledocuments_add.tpl.php");
} elseif ( $_REQUEST["task"] == "addcol" ) {
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/myprofiledocuments_addcol.tpl.php");
} else {
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/myprofiledocuments.tpl.php");
}
break;
case "suggesteddocs":
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/suggesteddocs.tpl.php");
break;
case "orcidworks":
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/orcidworks.tpl.php");
break;
case "searchresults":
if ( ($_REQUEST["task"] == "add") || ($_REQUEST["task"] == "edit") ) {
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/searchresults_add.tpl.php");
} elseif ( $_REQUEST["task"] == "addcol" ) {
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/searchresults_addcol.tpl.php");
} else {
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/searchresults.tpl.php");
}
break;
case "tutorial":
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/tutorial.tpl.php");
break;
case "logout":
if( isset($_REQUEST['origin']) && !empty($_REQUEST['origin']) ) {
$origin = base64_decode($_REQUEST["origin"]);
if(strpos($origin,"?"))
$redirectCommand = $origin."&splogout=true";
else
$redirectCommand = $origin."?splogout=true";
echo '<script language="javascript">';
echo 'window.open("'.$redirectCommand.'","_parent")';
echo '</script>';
exit;
} else {
if ( isset($_REQUEST['error']) && !empty($_REQUEST['error']) )
header("Location:".RELATIVE_PATH."/controller/".MAIN_PAGE."/?error=".$_REQUEST['error']);
else
header("Location:".RELATIVE_PATH."/controller/".MAIN_PAGE);
exit();
}
break;
case "mig_id_confirmation":
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/mig_id_confirmation.tpl.php");
break;
default:
require_once(dirname(__FILE__)."/templates/".$_SESSION["skin"]."/authentication.tpl.php");
break;
}
?>