diff options
| author | Nala Ginrut <nalaginrut@gmail.com> | 2014-06-19 15:18:13 +0800 |
|---|---|---|
| committer | Nala Ginrut <nalaginrut@gmail.com> | 2014-06-19 15:18:13 +0800 |
| commit | bfd1db41367f7931016931a94cf1b67396481c79 (patch) | |
| tree | 2d696f2d8eca9ed2e4561c61c16584952d9f7b0b /app/Templates | |
| parent | d0944e682d5a3491f72c5b566248b87fbaff032a (diff) | |
| parent | efdc959c555872677e599d2ff12e1263d719f3f2 (diff) | |
Merge remote-tracking branch 'upstream/master'
Diffstat (limited to 'app/Templates')
43 files changed, 222 insertions, 64 deletions
diff --git a/app/Templates/action_index.php b/app/Templates/action_index.php index b515ccaa..36c333a9 100644 --- a/app/Templates/action_index.php +++ b/app/Templates/action_index.php @@ -56,7 +56,7 @@ <h3><?= t('Add an action') ?></h3> <form method="post" action="?controller=action&action=params&project_id=<?= $project['id'] ?>" autocomplete="off"> - + <?= Helper\form_csrf() ?> <?= Helper\form_hidden('project_id', $values) ?> <?= Helper\form_label(t('Event'), 'event_name') ?> diff --git a/app/Templates/action_params.php b/app/Templates/action_params.php index 15a1d420..da685860 100644 --- a/app/Templates/action_params.php +++ b/app/Templates/action_params.php @@ -9,7 +9,7 @@ <h3><?= t('Define action parameters') ?></h3> <form method="post" action="?controller=action&action=create&project_id=<?= $project['id'] ?>" autocomplete="off"> - + <?= Helper\form_csrf() ?> <?= Helper\form_hidden('project_id', $values) ?> <?= Helper\form_hidden('event_name', $values) ?> <?= Helper\form_hidden('action_name', $values) ?> diff --git a/app/Templates/action_remove.php b/app/Templates/action_remove.php index b90136e8..13679eab 100644 --- a/app/Templates/action_remove.php +++ b/app/Templates/action_remove.php @@ -9,7 +9,7 @@ </p> <div class="form-actions"> - <a href="?controller=action&action=remove&action_id=<?= $action['id'] ?>" class="btn btn-red"><?= t('Yes') ?></a> + <a href="?controller=action&action=remove&action_id=<?= $action['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a> <?= t('or') ?> <a href="?controller=action&action=index&project_id=<?= $action['project_id'] ?>"><?= t('cancel') ?></a> </div> </div> diff --git a/app/Templates/user_forbidden.php b/app/Templates/app_forbidden.php index 853159ba..0c035404 100644 --- a/app/Templates/user_forbidden.php +++ b/app/Templates/app_forbidden.php @@ -4,6 +4,6 @@ </div> <p class="alert alert-error"> - <?= t('Only administrators can access to this page.') ?> + <?= t('Access Forbidden') ?> </p> </section>
\ No newline at end of file diff --git a/app/Templates/board_assign.php b/app/Templates/board_assign.php index 74448a5c..6f92b375 100644 --- a/app/Templates/board_assign.php +++ b/app/Templates/board_assign.php @@ -18,7 +18,7 @@ <section> <h3><?= t('Change assignee for the task "%s"', $values['title']) ?></h3> <form method="post" action="?controller=board&action=assignTask" autocomplete="off"> - + <?= Helper\form_csrf() ?> <?= Helper\form_hidden('id', $values) ?> <?= Helper\form_hidden('project_id', $values) ?> diff --git a/app/Templates/board_edit.php b/app/Templates/board_edit.php index 575536a8..05d9a6f6 100644 --- a/app/Templates/board_edit.php +++ b/app/Templates/board_edit.php @@ -9,7 +9,7 @@ <h3><?= t('Change columns') ?></h3> <form method="post" action="?controller=board&action=update&project_id=<?= $project['id'] ?>" autocomplete="off"> - + <?= Helper\form_csrf() ?> <?php $i = 0; ?> <table> <tr> @@ -27,12 +27,12 @@ <ul> <?php if ($column['position'] != 1): ?> <li> - <a href="?controller=board&action=moveUp&project_id=<?= $project['id'] ?>&column_id=<?= $column['id'] ?>"><?= t('Move Up') ?></a> + <a href="?controller=board&action=moveUp&project_id=<?= $project['id'] ?>&column_id=<?= $column['id'].Helper\param_csrf() ?>"><?= t('Move Up') ?></a> </li> <?php endif ?> <?php if ($column['position'] != count($columns)): ?> <li> - <a href="?controller=board&action=moveDown&project_id=<?= $project['id'] ?>&column_id=<?= $column['id'] ?>"><?= t('Move Down') ?></a> + <a href="?controller=board&action=moveDown&project_id=<?= $project['id'] ?>&column_id=<?= $column['id'].Helper\param_csrf() ?>"><?= t('Move Down') ?></a> </li> <?php endif ?> <li> @@ -52,7 +52,7 @@ <h3><?= t('Add a new column') ?></h3> <form method="post" action="?controller=board&action=add&project_id=<?= $project['id'] ?>" autocomplete="off"> - + <?= Helper\form_csrf() ?> <?= Helper\form_hidden('project_id', $values) ?> <?= Helper\form_label(t('Title'), 'title') ?> <?= Helper\form_text('title', $values, $errors, array('required')) ?> diff --git a/app/Templates/board_index.php b/app/Templates/board_index.php index 8e664219..38fb985c 100644 --- a/app/Templates/board_index.php +++ b/app/Templates/board_index.php @@ -39,4 +39,4 @@ </section> -<script type="text/javascript" src="assets/js/board.js"></script> +<?= Helper\js('assets/js/board.js') ?> diff --git a/app/Templates/board_remove.php b/app/Templates/board_remove.php index b406eb38..76c217b3 100644 --- a/app/Templates/board_remove.php +++ b/app/Templates/board_remove.php @@ -10,7 +10,7 @@ </p> <div class="form-actions"> - <a href="?controller=board&action=remove&column_id=<?= $column['id'] ?>" class="btn btn-red"><?= t('Yes') ?></a> + <a href="?controller=board&action=remove&column_id=<?= $column['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a> <?= t('or') ?> <a href="?controller=board&action=edit&project_id=<?= $column['project_id'] ?>"><?= t('cancel') ?></a> </div> </div> diff --git a/app/Templates/board_show.php b/app/Templates/board_show.php index e5cd9ceb..6a138bf9 100644 --- a/app/Templates/board_show.php +++ b/app/Templates/board_show.php @@ -1,4 +1,4 @@ -<table id="board" data-project-id="<?= $current_project_id ?>" data-time="<?= time() ?>" data-check-interval="<?= BOARD_CHECK_INTERVAL ?>"> +<table id="board" data-project-id="<?= $current_project_id ?>" data-time="<?= time() ?>" data-check-interval="<?= BOARD_CHECK_INTERVAL ?>" data-csrf-token=<?= \Core\Security::getCSRFToken() ?>> <tr> <?php $column_with = round(100 / count($board), 2); ?> <?php foreach ($board as $column): ?> diff --git a/app/Templates/category_edit.php b/app/Templates/category_edit.php index 99ba0c7c..1339f6da 100644 --- a/app/Templates/category_edit.php +++ b/app/Templates/category_edit.php @@ -8,7 +8,7 @@ <section> <form method="post" action="?controller=category&action=update&project_id=<?= $project['id'] ?>" autocomplete="off"> - + <?= Helper\form_csrf() ?> <?= Helper\form_hidden('id', $values) ?> <?= Helper\form_hidden('project_id', $values) ?> diff --git a/app/Templates/category_index.php b/app/Templates/category_index.php index db986143..7fb923ba 100644 --- a/app/Templates/category_index.php +++ b/app/Templates/category_index.php @@ -34,6 +34,7 @@ <h3><?= t('Add a new category') ?></h3> <form method="post" action="?controller=category&action=save&project_id=<?= $project['id'] ?>" autocomplete="off"> + <?= Helper\form_csrf() ?> <?= Helper\form_hidden('project_id', $values) ?> <?= Helper\form_label(t('Category Name'), 'name') ?> diff --git a/app/Templates/category_remove.php b/app/Templates/category_remove.php index cc2eb678..cfc23e07 100644 --- a/app/Templates/category_remove.php +++ b/app/Templates/category_remove.php @@ -9,7 +9,7 @@ </p> <div class="form-actions"> - <a href="?controller=category&action=remove&project_id=<?= $project['id'] ?>&category_id=<?= $category['id'] ?>" class="btn btn-red"><?= t('Yes') ?></a> + <a href="?controller=category&action=remove&project_id=<?= $project['id'] ?>&category_id=<?= $category['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a> <?= t('or') ?> <a href="?controller=category&project_id=<?= $project['id'] ?>"><?= t('cancel') ?></a> </div> </div> diff --git a/app/Templates/comment_create.php b/app/Templates/comment_create.php index a566d9c8..f598532d 100644 --- a/app/Templates/comment_create.php +++ b/app/Templates/comment_create.php @@ -3,7 +3,7 @@ </div> <form method="post" action="?controller=comment&action=save&task_id=<?= $task['id'] ?>" autocomplete="off"> - + <?= Helper\form_csrf() ?> <?= Helper\form_hidden('task_id', $values) ?> <?= Helper\form_hidden('user_id', $values) ?> <?= Helper\form_textarea('comment', $values, $errors, array('required', 'placeholder="'.t('Leave a comment').'"'), 'comment-textarea') ?><br/> diff --git a/app/Templates/comment_edit.php b/app/Templates/comment_edit.php index 0a17a95e..fdf3db54 100644 --- a/app/Templates/comment_edit.php +++ b/app/Templates/comment_edit.php @@ -4,6 +4,7 @@ <form method="post" action="?controller=comment&action=update&task_id=<?= $task['id'] ?>&comment_id=<?= $comment['id'] ?>" autocomplete="off"> + <?= Helper\form_csrf() ?> <?= Helper\form_hidden('id', $values) ?> <?= Helper\form_textarea('comment', $values, $errors, array('required', 'placeholder="'.t('Leave a comment').'"')) ?><br/> diff --git a/app/Templates/comment_remove.php b/app/Templates/comment_remove.php index 02a23f93..7b117781 100644 --- a/app/Templates/comment_remove.php +++ b/app/Templates/comment_remove.php @@ -1,5 +1,5 @@ <div class="page-header"> - <h2><?= t('Add a comment') ?></h2> + <h2><?= t('Remove a comment') ?></h2> </div> <div class="confirm"> @@ -10,7 +10,7 @@ <?= Helper\template('comment_show', array('comment' => $comment, 'task' => $task, 'preview' => true)) ?> <div class="form-actions"> - <a href="?controller=comment&action=remove&task_id=<?= $task['id'] ?>&comment_id=<?= $comment['id'] ?>" class="btn btn-red"><?= t('Yes') ?></a> + <a href="?controller=comment&action=remove&task_id=<?= $task['id'] ?>&comment_id=<?= $comment['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a> <?= t('or') ?> <a href="?controller=task&action=show&task_id=<?= $task['id'] ?>#comment-<?= $comment['id'] ?>"><?= t('cancel') ?></a> </div> </div>
\ No newline at end of file diff --git a/app/Templates/config_index.php b/app/Templates/config_index.php index 6c610d2b..602e2070 100644 --- a/app/Templates/config_index.php +++ b/app/Templates/config_index.php @@ -7,6 +7,8 @@ <section> <form method="post" action="?controller=config&action=save" autocomplete="off"> + <?= Helper\form_csrf() ?> + <?= Helper\form_label(t('Language'), 'language') ?> <?= Helper\form_select('language', $languages, $values, $errors) ?><br/> @@ -39,7 +41,7 @@ </div> <section class="settings"> <ul> - <li><a href="?controller=config&action=tokens"><?= t('Reset all tokens') ?></a></li> + <li><a href="?controller=config&action=tokens<?= Helper\param_csrf() ?>"><?= t('Reset all tokens') ?></a></li> <li> <?= t('Webhooks token:') ?> <strong><?= Helper\escape($values['webhooks_token']) ?></strong> @@ -50,11 +52,11 @@ <strong><?= Helper\format_bytes($db_size) ?></strong> </li> <li> - <a href="?controller=config&action=downloadDb"><?= t('Download the database') ?></a> + <a href="?controller=config&action=downloadDb<?= Helper\param_csrf() ?>"><?= t('Download the database') ?></a> <?= t('(Gzip compressed Sqlite file)') ?> </li> <li> - <a href="?controller=config&action=optimizeDb"><?= t('Optimize the database') ?></a> + <a href="?controller=config&action=optimizeDb <?= Helper\param_csrf() ?>"><?= t('Optimize the database') ?></a> <?= t('(VACUUM command)') ?> </li> <?php endif ?> @@ -112,7 +114,7 @@ <td><?= dt('%B %e, %G at %k:%M %p', $session['expiration']) ?></td> <td><?= Helper\escape($session['ip']) ?></td> <td><?= Helper\escape($session['user_agent']) ?></td> - <td><a href="?controller=config&action=removeRememberMeToken&id=<?= $session['id'] ?>"><?= t('Remove') ?></a></td> + <td><a href="?controller=config&action=removeRememberMeToken&id=<?= $session['id'].Helper\param_csrf() ?>"><?= t('Remove') ?></a></td> </tr> <?php endforeach ?> </table> diff --git a/app/Templates/file_new.php b/app/Templates/file_new.php index 43223d0c..7f7f1d1c 100644 --- a/app/Templates/file_new.php +++ b/app/Templates/file_new.php @@ -3,7 +3,9 @@ </div> <form action="?controller=file&action=save&task_id=<?= $task['id'] ?>" method="post" enctype="multipart/form-data"> + <?= Helper\form_csrf() ?> <input type="file" name="files[]" multiple /> + <div class="form-help"><?= t('Maximum size: ') ?><?= is_integer($max_size) ? Helper\format_bytes($max_size) : $max_size ?></div> <div class="form-actions"> <input type="submit" value="<?= t('Save') ?>" class="btn btn-blue"/> <?= t('or') ?> diff --git a/app/Templates/file_remove.php b/app/Templates/file_remove.php index 1d26c15e..af77591c 100644 --- a/app/Templates/file_remove.php +++ b/app/Templates/file_remove.php @@ -8,7 +8,7 @@ </p> <div class="form-actions"> - <a href="?controller=file&action=remove&task_id=<?= $task['id'] ?>&file_id=<?= $file['id'] ?>" class="btn btn-red"><?= t('Yes') ?></a> + <a href="?controller=file&action=remove&task_id=<?= $task['id'] ?>&file_id=<?= $file['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a> <?= t('or') ?> <a href="?controller=task&action=show&task_id=<?= $task['id'] ?>"><?= t('cancel') ?></a> </div> </div>
\ No newline at end of file diff --git a/app/Templates/file_show.php b/app/Templates/file_show.php new file mode 100644 index 00000000..674861dd --- /dev/null +++ b/app/Templates/file_show.php @@ -0,0 +1,17 @@ +<div class="page-header"> + <h2><?= t('Attachments') ?></h2> +</div> + +<ul class="task-show-files"> +<?php foreach ($files as $file): ?> + <li> + <a href="?controller=file&action=download&file_id=<?= $file['id'] ?>&task_id=<?= $task['id'] ?>"><?= Helper\escape($file['name']) ?></a> + <span class="task-show-file-actions"> + <?php if ($file['is_image']): ?> + <a href="?controller=file&action=open&file_id=<?= $file['id'] ?>&task_id=<?= $task['id'] ?>" class="popover"><?= t('open') ?></a>, + <?php endif ?> + <a href="?controller=file&action=confirm&file_id=<?= $file['id'] ?>&task_id=<?= $task['id'] ?>"><?= t('remove') ?></a> + </span> + </li> +<?php endforeach ?> +</ul>
\ No newline at end of file diff --git a/app/Templates/layout.php b/app/Templates/layout.php index 0bb8446d..aa430477 100644 --- a/app/Templates/layout.php +++ b/app/Templates/layout.php @@ -6,12 +6,12 @@ <meta name="viewport" content="width=device-width"> <meta name="mobile-web-app-capable" content="yes"> - <script src="assets/js/jquery-1.11.1.min.js"></script> - <script src="assets/js/jquery-ui-1.10.4.custom.min.js"></script> - <script src="assets/js/jquery.ui.touch-punch.min.js"></script> + <?= Helper\js('assets/js/jquery-1.11.1.min.js') ?> + <?= Helper\js('assets/js/jquery-ui-1.10.4.custom.min.js') ?> + <?= Helper\js('assets/js/jquery.ui.touch-punch.min.js') ?> - <link rel="stylesheet" href="assets/css/app.css" media="screen"> - <link rel="stylesheet" href="assets/css/font-awesome.min.css" media="screen"> + <?= Helper\css('assets/css/app.css') ?> + <?= Helper\css('assets/css/font-awesome.min.css') ?> <link rel="icon" type="image/png" href="assets/img/favicon.png"> <link rel="apple-touch-icon" href="assets/img/touch-icon-iphone.png"> @@ -45,7 +45,7 @@ <a href="?controller=config"><?= t('Settings') ?></a> </li> <li> - <a href="?controller=user&action=logout"><?= t('Logout') ?></a> + <a href="?controller=user&action=logout<?= Helper\param_csrf() ?>"><?= t('Logout') ?></a> (<?= Helper\escape(Helper\get_username()) ?>) </li> </ul> diff --git a/app/Templates/project_edit.php b/app/Templates/project_edit.php index 557986bf..a882fbc6 100644 --- a/app/Templates/project_edit.php +++ b/app/Templates/project_edit.php @@ -8,6 +8,7 @@ <section> <form method="post" action="?controller=project&action=update&project_id=<?= $values['id'] ?>" autocomplete="off"> + <?= Helper\form_csrf() ?> <?= Helper\form_hidden('id', $values) ?> <?= Helper\form_label(t('Name'), 'name') ?> diff --git a/app/Templates/project_forbidden.php b/app/Templates/project_forbidden.php deleted file mode 100644 index 1cba7b58..00000000 --- a/app/Templates/project_forbidden.php +++ /dev/null @@ -1,9 +0,0 @@ -<section id="main"> - <div class="page-header"> - <h2><?= t('Forbidden') ?></h2> - </div> - - <p class="alert alert-error"> - <?= t('You are not allowed to access to this project.') ?> - </p> -</section>
\ No newline at end of file diff --git a/app/Templates/project_index.php b/app/Templates/project_index.php index 1a3dbd49..927924a5 100644 --- a/app/Templates/project_index.php +++ b/app/Templates/project_index.php @@ -78,9 +78,9 @@ </li> <li> <?php if ($project['is_active']): ?> - <a href="?controller=project&action=disable&project_id=<?= $project['id'] ?>"><?= t('Disable') ?></a> + <a href="?controller=project&action=disable&project_id=<?= $project['id'].Helper\param_csrf() ?>"><?= t('Disable') ?></a> <?php else: ?> - <a href="?controller=project&action=enable&project_id=<?= $project['id'] ?>"><?= t('Enable') ?></a> + <a href="?controller=project&action=enable&project_id=<?= $project['id'].Helper\param_csrf() ?>"><?= t('Enable') ?></a> <?php endif ?> </li> <li> diff --git a/app/Templates/project_new.php b/app/Templates/project_new.php index 2026d461..b4ed9990 100644 --- a/app/Templates/project_new.php +++ b/app/Templates/project_new.php @@ -8,6 +8,7 @@ <section> <form method="post" action="?controller=project&action=save" autocomplete="off"> + <?= Helper\form_csrf() ?> <?= Helper\form_label(t('Name'), 'name') ?> <?= Helper\form_text('name', $values, $errors, array('autofocus', 'required')) ?> diff --git a/app/Templates/project_remove.php b/app/Templates/project_remove.php index e9f213b5..e25efa2f 100644 --- a/app/Templates/project_remove.php +++ b/app/Templates/project_remove.php @@ -9,7 +9,7 @@ </p> <div class="form-actions"> - <a href="?controller=project&action=remove&project_id=<?= $project['id'] ?>" class="btn btn-red"><?= t('Yes') ?></a> + <a href="?controller=project&action=remove&project_id=<?= $project['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a> <?= t('or') ?> <a href="?controller=project"><?= t('cancel') ?></a> </div> </div> diff --git a/app/Templates/project_users.php b/app/Templates/project_users.php index 0448004f..8afac709 100644 --- a/app/Templates/project_users.php +++ b/app/Templates/project_users.php @@ -10,6 +10,8 @@ <?php if (! empty($users['not_allowed'])): ?> <form method="post" action="?controller=project&action=allow&project_id=<?= $project['id'] ?>" autocomplete="off"> + <?= Helper\form_csrf() ?> + <?= Helper\form_hidden('project_id', array('project_id' => $project['id'])) ?> <?= Helper\form_label(t('User'), 'user_id') ?> @@ -32,7 +34,7 @@ <?php foreach ($users['allowed'] as $user_id => $username): ?> <li> <strong><?= Helper\escape($username) ?></strong> - (<a href="?controller=project&action=revoke&project_id=<?= $project['id'] ?>&user_id=<?= $user_id ?>"><?= t('revoke') ?></a>) + (<a href="?controller=project&action=revoke&project_id=<?= $project['id'] ?>&user_id=<?= $user_id.Helper\param_csrf() ?>"><?= t('revoke') ?></a>) </li> <?php endforeach ?> </ul> diff --git a/app/Templates/subtask_create.php b/app/Templates/subtask_create.php new file mode 100644 index 00000000..f1b27ab9 --- /dev/null +++ b/app/Templates/subtask_create.php @@ -0,0 +1,27 @@ +<div class="page-header"> + <h2><?= t('Add a sub-task') ?></h2> +</div> + +<form method="post" action="?controller=subtask&action=save&task_id=<?= $task['id'] ?>" autocomplete="off"> + + <?= Helper\form_csrf() ?> + + <?= Helper\form_hidden('task_id', $values) ?> + + <?= Helper\form_label(t('Title'), 'title') ?> + <?= Helper\form_text('title', $values, $errors, array('required autofocus')) ?><br/> + + <?= Helper\form_label(t('Assignee'), 'user_id') ?> + <?= Helper\form_select('user_id', $users_list, $values, $errors) ?><br/> + + <?= Helper\form_label(t('Original Estimate'), 'time_estimated') ?> + <?= Helper\form_numeric('time_estimated', $values, $errors) ?> <?= t('hours') ?><br/> + + <?= Helper\form_checkbox('another_subtask', t('Create another sub-task'), 1, isset($values['another_subtask']) && $values['another_subtask'] == 1) ?> + + <div class="form-actions"> + <input type="submit" value="<?= t('Save') ?>" class="btn btn-blue"/> + <?= t('or') ?> + <a href="?controller=task&action=show&task_id=<?= $task['id'] ?>"><?= t('cancel') ?></a> + </div> +</form> diff --git a/app/Templates/subtask_edit.php b/app/Templates/subtask_edit.php new file mode 100644 index 00000000..fc65d3b3 --- /dev/null +++ b/app/Templates/subtask_edit.php @@ -0,0 +1,32 @@ +<div class="page-header"> + <h2><?= t('Edit a sub-task') ?></h2> +</div> + +<form method="post" action="?controller=subtask&action=update&task_id=<?= $task['id'] ?>&subtask_id=<?= $subtask['id'] ?>" autocomplete="off"> + + <?= Helper\form_csrf() ?> + + <?= Helper\form_hidden('id', $values) ?> + <?= Helper\form_hidden('task_id', $values) ?> + + <?= Helper\form_label(t('Title'), 'title') ?> + <?= Helper\form_text('title', $values, $errors, array('required autofocus')) ?><br/> + + <?= Helper\form_label(t('Status'), 'status') ?> + <?= Helper\form_select('status', $status_list, $values, $errors) ?><br/> + + <?= Helper\form_label(t('Assignee'), 'user_id') ?> + <?= Helper\form_select('user_id', $users_list, $values, $errors) ?><br/> + + <?= Helper\form_label(t('Original Estimate'), 'time_estimated') ?> + <?= Helper\form_numeric('time_estimated', $values, $errors) ?> <?= t('hours') ?><br/> + + <?= Helper\form_label(t('Time Spent'), 'time_spent') ?> + <?= Helper\form_numeric('time_spent', $values, $errors) ?> <?= t('hours') ?><br/> + + <div class="form-actions"> + <input type="submit" value="<?= t('Save') ?>" class="btn btn-blue"/> + <?= t('or') ?> + <a href="?controller=task&action=show&task_id=<?= $task['id'] ?>"><?= t('cancel') ?></a> + </div> +</form> diff --git a/app/Templates/subtask_remove.php b/app/Templates/subtask_remove.php new file mode 100644 index 00000000..12c99cf1 --- /dev/null +++ b/app/Templates/subtask_remove.php @@ -0,0 +1,16 @@ +<div class="page-header"> + <h2><?= t('Remove a sub-task') ?></h2> +</div> + +<div class="confirm"> + <p class="alert alert-info"> + <?= t('Do you really want to remove this sub-task?') ?> + </p> + + <p><strong><?= Helper\escape($subtask['title']) ?></strong></p> + + <div class="form-actions"> + <a href="?controller=subtask&action=remove&task_id=<?= $task['id'] ?>&subtask_id=<?= $subtask['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a> + <?= t('or') ?> <a href="?controller=task&action=show&task_id=<?= $task['id'] ?>#subtasks"><?= t('cancel') ?></a> + </div> +</div>
\ No newline at end of file diff --git a/app/Templates/subtask_show.php b/app/Templates/subtask_show.php new file mode 100644 index 00000000..b9385c7e --- /dev/null +++ b/app/Templates/subtask_show.php @@ -0,0 +1,60 @@ +<div class="page-header"> + <h2><?= t('Sub-Tasks') ?></h2> +</div> + +<?php + +$total_spent = 0; +$total_estimated = 0; +$total_remaining = 0; + +?> + +<table class="subtasks-table"> + <tr> + <th width="40%"><?= t('Title') ?></th> + <th><?= t('Status') ?></th> + <th><?= t('Assignee') ?></th> + <th><?= t('Time tracking') ?></th> + <th><?= t('Actions') ?></th> + </tr> + <?php foreach ($subtasks as $subtask): ?> + <tr> + <td><?= Helper\escape($subtask['title']) ?></td> + <td><?= Helper\escape($subtask['status_name']) ?></td> + <td> + <?php if (! empty($subtask['username'])): ?> + <?= Helper\escape($subtask['username']) ?> + <?php endif ?> + </td> + <td> + <?php if (! empty($subtask['time_spent'])): ?> + <strong><?= Helper\escape($subtask['time_spent']).'h' ?></strong> <?= t('spent') ?> + <?php endif ?> + + <?php if (! empty($subtask['time_estimated'])): ?> + <strong><?= Helper\escape($subtask['time_estimated']).'h' ?></strong> <?= t('estimated') ?> + <?php endif ?> + </td> + <td> + <a href="?controller=subtask&action=edit&task_id=<?= $task['id'] ?>&subtask_id=<?= $subtask['id'] ?>"><?= t('Edit') ?></a> + <?= t('or') ?> + <a href="?controller=subtask&action=confirm&task_id=<?= $task['id'] ?>&subtask_id=<?= $subtask['id'] ?>"><?= t('Remove') ?></a> + </td> + </tr> + <?php + $total_estimated += $subtask['time_estimated']; + $total_spent += $subtask['time_spent']; + $total_remaining = $total_estimated - $total_spent; + ?> + <?php endforeach ?> +</table> + +<div class="subtasks-time-tracking"> + <h4><?= t('Time tracking') ?></h4> + <ul> + <li><?= t('Estimate:') ?> <strong><?= Helper\escape($total_estimated) ?></strong> <?= t('hours') ?></li> + <li><?= t('Spent:') ?> <strong><?= Helper\escape($total_spent) ?></strong> <?= t('hours') ?></li> + <li><?= t('Remaining:') ?> <strong><?= Helper\escape($total_remaining > 0 ? $total_remaining : 0) ?></strong> <?= t('hours') ?></li> + </ul> +</div>
\ No newline at end of file diff --git a/app/Templates/task_close.php b/app/Templates/task_close.php index 6843c2f6..5c75b72b 100644 --- a/app/Templates/task_close.php +++ b/app/Templates/task_close.php @@ -8,7 +8,7 @@ </p> <div class="form-actions"> - <a href="?controller=task&action=close&task_id=<?= $task['id'] ?>" class="btn btn-red"><?= t('Yes') ?></a> + <a href="?controller=task&action=close&task_id=<?= $task['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a> <?= t('or') ?> <a href="?controller=task&action=show&task_id=<?= $task['id'] ?>"><?= t('cancel') ?></a> </div> </div>
\ No newline at end of file diff --git a/app/Templates/task_edit.php b/app/Templates/task_edit.php index d698c21d..c03c7d9a 100644 --- a/app/Templates/task_edit.php +++ b/app/Templates/task_edit.php @@ -8,6 +8,8 @@ <section> <form method="post" action="?controller=task&action=update&task_id=<?= $task['id'] ?>" autocomplete="off"> + <?= Helper\form_csrf() ?> + <div class="form-column"> <?= Helper\form_label(t('Title'), 'title') ?> diff --git a/app/Templates/task_edit_description.php b/app/Templates/task_edit_description.php index 0bdc40a2..550dac73 100644 --- a/app/Templates/task_edit_description.php +++ b/app/Templates/task_edit_description.php @@ -4,6 +4,8 @@ <form method="post" action="?controller=task&action=saveDescription&task_id=<?= $task['id'] ?>" autocomplete="off"> + <?= Helper\form_csrf() ?> + <?= Helper\form_hidden('id', $values) ?> <?= Helper\form_textarea('description', $values, $errors, array('required', 'placeholder="'.t('Leave a description').'"'), 'description-textarea') ?><br/> <div class="form-help"><a href="http://kanboard.net/documentation/syntax-guide" target="_blank" rel="noreferrer"><?= t('Write your text in Markdown') ?></a></div> diff --git a/app/Templates/task_layout.php b/app/Templates/task_layout.php index ce5f36c5..cc711b78 100644 --- a/app/Templates/task_layout.php +++ b/app/Templates/task_layout.php @@ -14,4 +14,5 @@ </div> </section> </section> -<script type="text/javascript" src="assets/js/task.js"></script>
\ No newline at end of file + +<?= Helper\js('assets/js/task.js') ?> diff --git a/app/Templates/task_new.php b/app/Templates/task_new.php index d233efd2..2938c4ca 100644 --- a/app/Templates/task_new.php +++ b/app/Templates/task_new.php @@ -5,6 +5,8 @@ <section> <form method="post" action="?controller=task&action=save" autocomplete="off"> + <?= Helper\form_csrf() ?> + <div class="form-column"> <?= Helper\form_label(t('Title'), 'title') ?> <?= Helper\form_text('title', $values, $errors, array('autofocus', 'required')) ?><br/> diff --git a/app/Templates/task_open.php b/app/Templates/task_open.php index 59ea0b54..3526ec81 100644 --- a/app/Templates/task_open.php +++ b/app/Templates/task_open.php @@ -8,7 +8,7 @@ </p> <div class="form-actions"> - <a href="?controller=task&action=open&task_id=<?= $task['id'] ?>" class="btn btn-red"><?= t('Yes') ?></a> + <a href="?controller=task&action=open&task_id=<?= $task['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a> <?= t('or') ?> <a href="?controller=task&action=show&task_id=<?= $task['id'] ?>"><?= t('cancel') ?></a> </div> </div>
\ No newline at end of file diff --git a/app/Templates/task_remove.php b/app/Templates/task_remove.php index 60e4e8e7..dd4841db 100644 --- a/app/Templates/task_remove.php +++ b/app/Templates/task_remove.php @@ -8,7 +8,7 @@ </p> <div class="form-actions"> - <a href="?controller=task&action=remove&task_id=<?= $task['id'] ?>" class="btn btn-red"><?= t('Yes') ?></a> + <a href="?controller=task&action=remove&task_id=<?= $task['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a> <?= t('or') ?> <a href="?controller=task&action=show&task_id=<?= $task['id'] ?>"><?= t('cancel') ?></a> </div> </div>
\ No newline at end of file diff --git a/app/Templates/task_show.php b/app/Templates/task_show.php index 53cdbae8..4c3d4697 100644 --- a/app/Templates/task_show.php +++ b/app/Templates/task_show.php @@ -62,23 +62,14 @@ <?php if (! empty($files)): ?> <div id="attachments" class="task-show-section"> - <div class="page-header"> - <h2><?= t('Attachments') ?></h2> - </div> + <?= Helper\template('file_show', array('task' => $task, 'files' => $files)) ?> +</div> +<?php endif ?> - <ul class="task-show-files"> - <?php foreach ($files as $file): ?> - <li> - <a href="?controller=file&action=download&file_id=<?= $file['id'] ?>&task_id=<?= $task['id'] ?>"><?= Helper\escape($file['name']) ?></a> - <span class="task-show-file-actions"> - <?php if ($file['is_image']): ?> - <a href="?controller=file&action=open&file_id=<?= $file['id'] ?>&task_id=<?= $task['id'] ?>" class="popover"><?= t('open') ?></a>, - <?php endif ?> - <a href="?controller=file&action=confirm&file_id=<?= $file['id'] ?>&task_id=<?= $task['id'] ?>"><?= t('remove') ?></a> - </span> - </li> - <?php endforeach ?> - </ul> + +<?php if (! empty($subtasks)): ?> +<div id="subtasks" class="task-show-section"> + <?= Helper\template('subtask_show', array('task' => $task, 'subtasks' => $subtasks)) ?> </div> <?php endif ?> diff --git a/app/Templates/task_sidebar.php b/app/Templates/task_sidebar.php index 8a3939b8..d97c44e2 100644 --- a/app/Templates/task_sidebar.php +++ b/app/Templates/task_sidebar.php @@ -5,6 +5,7 @@ <li><a href="?controller=task&action=show&task_id=<?= $task['id'] ?>"><?= t('Summary') ?></a></li> <li><a href="?controller=task&action=edit&task_id=<?= $task['id'] ?>"><?= t('Edit the task') ?></a></li> <li><a href="?controller=task&action=editDescription&task_id=<?= $task['id'] ?>"><?= t('Edit the description') ?></a></li> + <li><a href="?controller=subtask&action=create&task_id=<?= $task['id'] ?>"><?= t('Add a sub-task') ?></a></li> <li><a href="?controller=comment&action=create&task_id=<?= $task['id'] ?>"><?= t('Add a comment') ?></a></li> <li><a href="?controller=file&action=create&task_id=<?= $task['id'] ?>"><?= t('Attach a document') ?></a></li> <li><a href="?controller=task&action=duplicate&project_id=<?= $task['project_id'] ?>&task_id=<?= $task['id'] ?>"><?= t('Duplicate') ?></a></li> diff --git a/app/Templates/user_edit.php b/app/Templates/user_edit.php index c857fe1c..6b83f748 100644 --- a/app/Templates/user_edit.php +++ b/app/Templates/user_edit.php @@ -8,6 +8,8 @@ <section> <form method="post" action="?controller=user&action=update" autocomplete="off"> + <?= Helper\form_csrf() ?> + <div class="form-column"> <?= Helper\form_hidden('id', $values) ?> @@ -48,9 +50,9 @@ <?php if (GOOGLE_AUTH && Helper\is_current_user($values['id'])): ?> <?php if (empty($values['google_id'])): ?> - <a href="?controller=user&action=google"><?= t('Link my Google Account') ?></a> + <a href="?controller=user&action=google<?= Helper\param_csrf() ?>"><?= t('Link my Google Account') ?></a> <?php else: ?> - <a href="?controller=user&action=unlinkGoogle"><?= t('Unlink my Google Account') ?></a> + <a href="?controller=user&action=unlinkGoogle<?= Helper\param_csrf() ?>"><?= t('Unlink my Google Account') ?></a> <?php endif ?> <?php endif ?> diff --git a/app/Templates/user_login.php b/app/Templates/user_login.php index 878170e3..49902ebb 100644 --- a/app/Templates/user_login.php +++ b/app/Templates/user_login.php @@ -8,6 +8,8 @@ <form method="post" action="?controller=user&action=check" class="form-login"> + <?= Helper\form_csrf() ?> + <?= Helper\form_label(t('Username'), 'username') ?> <?= Helper\form_text('username', $values, $errors, array('autofocus', 'required')) ?><br/> diff --git a/app/Templates/user_new.php b/app/Templates/user_new.php index 6ad976f2..3e22b7ee 100644 --- a/app/Templates/user_new.php +++ b/app/Templates/user_new.php @@ -8,6 +8,8 @@ <section> <form method="post" action="?controller=user&action=save" autocomplete="off"> + <?= Helper\form_csrf() ?> + <div class="form-column"> <?= Helper\form_label(t('Username'), 'username') ?> diff --git a/app/Templates/user_remove.php b/app/Templates/user_remove.php index a4db2e4a..61d4163b 100644 --- a/app/Templates/user_remove.php +++ b/app/Templates/user_remove.php @@ -7,7 +7,7 @@ <p class="alert alert-info"><?= t('Do you really want to remove this user: "%s"?', $user['username']) ?></p> <div class="form-actions"> - <a href="?controller=user&action=remove&user_id=<?= $user['id'] ?>" class="btn btn-red"><?= t('Yes') ?></a> + <a href="?controller=user&action=remove&user_id=<?= $user['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a> <?= t('or') ?> <a href="?controller=user"><?= t('cancel') ?></a> </div> </div> |