/*!
Creates a \<a\> link tag of the given \a text using the given \a url.
This is an overloaded function.
The \a jsCondition argument serves for for creating Javascript confirm
alerts where if you pass 'confirm' => 'Are you sure?', the link will be
guarded with a Javascript popup asking that question. If the user accepts,
the link is processed, otherwise not.
*/
QString TViewHelper::linkTo(const QString &text, const QUrl &url, Tf::HttpMethod method, const QString &jsCondition, const THtmlAttribute &attributes) const
{
QString string("<a href=\"");
string.append(url.toString(QUrl::FullyEncoded)).append("\"");
if (method == Tf::Post) {
string.append(" onclick=\"");
if (!jsCondition.isEmpty()) {
string.append("if (").append(jsCondition).append(") { ");
}
string += "var f = document.createElement('form'); document.body.appendChild(f); f.method = 'post'; f.action = this.href;";
// Authenticity token
QString token = actionView()->authenticityToken();
if (!token.isEmpty()) {
string += " var i = document.createElement('input'); f.appendChild(i); i.type = 'hidden'; i.name = 'authenticity_token'; i.value = '";
string += token;
string += "';";
}
string += " f.submit();";
if (!jsCondition.isEmpty()) {
string += " }";
}
string += " return false;\"";
} else {
if (!jsCondition.isEmpty()) {
string.append(" onclick=\"return ").append(jsCondition).append(";\"");
}
}
string.append(attributes.toString()).append(">").append(text).append("</a>");
return string;
}
/*!
Creates a input tag with a authenticity token for CSRF protection.
*/
QString TViewHelper::inputAuthenticityTag() const
{
QString tag;
if (Tf::appSettings()->value(Tf::EnableCsrfProtectionModule, true).toBool()) {
QString token = actionView()->authenticityToken();
if (!token.isEmpty())
tag = inputTag("hidden", "authenticity_token", token, a("id", "authenticity_token"));
}
return tag;
}
QString TPrototypeAjaxHelper::optionsToString(const TOption &options) const
{
QString string;
// Adds authenticity_token
TOption opt(options);
QVariantMap map;
QVariant v = opt[Tf::Parameters];
if (v.isValid() && v.canConvert(QVariant::Map)) {
map = v.toMap();
}
map.insert("authenticity_token", actionView()->authenticityToken());
opt.insert(Tf::Parameters, map);
for (QMapIterator<int, QVariant> i(opt); i.hasNext(); ) {
i.next();
// Appends ajax option
QString s = stringOptionHash()->value(i.key());
if (!s.isEmpty() && i.value().canConvert(QVariant::String)) {
string += s;
string += QLatin1Char('\'');
string += i.value().toString();
string += QLatin1String("', ");
continue;
}
s = boolOptionHash()->value(i.key());
if (!s.isEmpty() && i.value().canConvert(QVariant::Bool)) {
string += s;
string += (i.value().toBool()) ? QLatin1String("true, ") : QLatin1String("false, ");
continue;
}
if (i.key() == Tf::Method && i.value().canConvert(QVariant::Int)) {
string += QLatin1String("method:'");
string += methodHash()->value(i.value().toInt());
string += QLatin1String("', ");
continue;
}
// Appends 'parameters' option
if (i.key() == Tf::Parameters) {
QString val;
if (i.value().canConvert(QVariant::Map)) {
QVariantMap m = i.value().toMap();
for (QMapIterator<QString, QVariant> it(m); it.hasNext(); ) {
it.next();
if (it.value().canConvert<TJavaScriptObject>()) {
val += it.key();
val += QLatin1String(":");
val += it.value().value<TJavaScriptObject>().toString();
val += QLatin1String(", ");
} else if (it.value().canConvert(QVariant::String)) {
val += it.key();
val += QLatin1String(":'");
val += THttpUtility::toUrlEncoding(it.value().toString());
val += QLatin1String("', ");
}
}
val.chop(2);
}
if (!val.isEmpty()) {
string += QLatin1String("parameters: { ");
string += val;
string += QLatin1String(" }, ");
}
continue;
}
// Appends ajax callbacks
s = eventStringHash()->value(i.key());
if (!s.isEmpty() && i.value().canConvert(QVariant::String)) {
string += s;
string += i.value().toString();
string += QLatin1String(", ");
continue;
} else {
tWarn("invalid parameter: %d [%s:%d]", i.key(), __FILE__, __LINE__);
}
}
string.chop(2);
return string;
}
