diff --git a/app/Config/bootstrap.default.php b/app/Config/bootstrap.default.php index f0c9d14e9..9c21ed5ce 100644 --- a/app/Config/bootstrap.default.php +++ b/app/Config/bootstrap.default.php @@ -107,6 +107,16 @@ if (!$relativePaths) { } } +/** + * Configure base URL for CakePHP + */ +if (Configure::read('MISP.baseurl')) { + $regex = "%^(?https?)://(?(?:(?:\w|-)+\.)+[a-z]{2,5})(?::(?[0-9]+))?(?/[a-z0-9_\-\.]+)?$%i"; + if (preg_match($regex, Configure::read('MISP.baseurl'), $matches)) { + if (isset($matches['base'])) Configure::write('App.base', $matches['base']); + } +} + /** * Plugins need to be loaded manually, you can either load them one by one or all of them in a single call * Uncomment one of the lines below, as you need. make sure you read the documentation on CakePlugin to use more diff --git a/app/Controller/Component/RestResponseComponent.php b/app/Controller/Component/RestResponseComponent.php index 50cbaf378..b3354c23d 100644 --- a/app/Controller/Component/RestResponseComponent.php +++ b/app/Controller/Component/RestResponseComponent.php @@ -294,7 +294,7 @@ class RestResponseComponent extends Component $action = substr($action, 6); $admin_routing = 'admin/'; } - $url = '/' . $admin_routing . $controller . '/' . $action; + $url = $baseurl . '/' . $admin_routing . $controller . '/' . $action; $result[$url] = $data; } } @@ -337,7 +337,7 @@ class RestResponseComponent extends Component } } $data['body'] = json_encode($data['body'], JSON_PRETTY_PRINT); - $url = '/' . $admin_routing . $controller . '/' . $action; + $url = $baseurl . '/' . $admin_routing . $controller . '/' . $action; $data['url'] = $url; if (!empty($data['params'])) { foreach ($data['params'] as $param) { diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php index f3184a104..0cf190b6f 100644 --- a/app/Controller/EventsController.php +++ b/app/Controller/EventsController.php @@ -1529,7 +1529,7 @@ class EventsController extends AppController } $this->set('contributors', $contributors); $this->set('typeGroups', array_keys($this->Event->Attribute->typeGroupings)); - $attributeUri = '/events/viewEventAttributes/' . $event['Event']['id']; + $attributeUri = $baseurl . '/events/viewEventAttributes/' . $event['Event']['id']; foreach ($this->params->named as $k => $v) { if (!is_numeric($k)) { if (is_array($v)) { @@ -1989,7 +1989,7 @@ class EventsController extends AppController } else { if ($this->_isRest()) { // TODO return error if REST if (is_numeric($add)) { - $this->response->header('Location', Configure::read('MISP.baseurl') . '/events/' . $add); + $this->response->header('Location', $baseurl . '/events/' . $add); $this->response->send(); throw new NotFoundException(__('Event already exists, if you would like to edit it, use the url in the location header.')); } @@ -2606,7 +2606,7 @@ class EventsController extends AppController if (!empty($errors)) { $this->set('errors', $errors); } - $this->set('url', '/events/publishSightings/' . $id); + $this->set('url', $baseurl . '/events/publishSightings/' . $id); $this->set('id', $id); $this->set('_serialize', array('name', 'message', 'url', 'id', 'errors')); } else { @@ -2673,7 +2673,7 @@ class EventsController extends AppController if (!empty($errors)) { $this->set('errors', $errors); } - $this->set('url', '/events/alert/' . $id); + $this->set('url', $baseurl . '/events/alert/' . $id); $this->set('id', $id); $this->set('_serialize', array('name', 'message', 'url', 'id', 'errors')); } else { @@ -2758,7 +2758,7 @@ class EventsController extends AppController if (!empty($errors)) { $this->set('errors', $errors); } - $this->set('url', '/events/alert/' . $id); + $this->set('url', $baseurl . '/events/alert/' . $id); $this->set('id', $id); $this->set('_serialize', array('name', 'message', 'url', 'id', 'errors')); } else { @@ -3946,89 +3946,89 @@ class EventsController extends AppController // #TODO i18n $exports = array( 'xml' => array( - 'url' => '/events/restSearch/xml/eventid:' . $id . '.xml', + 'url' => $baseurl . '/events/restSearch/xml/eventid:' . $id . '.xml', 'text' => 'MISP XML (metadata + all attributes)', 'requiresPublished' => false, 'checkbox' => true, 'checkbox_text' => 'Encode Attachments', - 'checkbox_set' => '/events/restSearch/xml/eventid:' . $id . '/withAttachments:1.xml', + 'checkbox_set' => $baseurl . '/events/restSearch/xml/eventid:' . $id . '/withAttachments:1.xml', 'checkbox_default' => true ), 'json' => array( - 'url' => '/events/restSearch/json/eventid:' . $id . '.json', + 'url' => $baseurl . '/events/restSearch/json/eventid:' . $id . '.json', 'text' => 'MISP JSON (metadata + all attributes)', 'requiresPublished' => false, 'checkbox' => true, 'checkbox_text' => 'Encode Attachments', - 'checkbox_set' => '/events/restSearch/json/withAttachments:1/eventid:' . $id . '.json', + 'checkbox_set' => $baseurl . '/events/restSearch/json/withAttachments:1/eventid:' . $id . '.json', 'checkbox_default' => true ), 'openIOC' => array( - 'url' => '/events/restSearch/openioc/to_ids:1/published:1/eventid:' . $id . '.json', + 'url' => $baseurl .'/events/restSearch/openioc/to_ids:1/published:1/eventid:' . $id . '.json', 'text' => 'OpenIOC (all indicators marked to IDS)', 'requiresPublished' => false, 'checkbox' => false, ), 'csv' => array( - 'url' => '/events/restSearch/returnFormat:csv/to_ids:1/published:1/includeContext:0/eventid:' . $id, + 'url' => $baseurl . '/events/restSearch/returnFormat:csv/to_ids:1/published:1/includeContext:0/eventid:' . $id, 'text' => 'CSV', 'requiresPublished' => false, 'checkbox' => true, 'checkbox_text' => 'Include non-IDS marked attributes', - 'checkbox_set' => '/events/restSearch/returnFormat:csv/to_ids:1||0/published:1||0/includeContext:0/eventid:' . $id + 'checkbox_set' => $baseurl . '/events/restSearch/returnFormat:csv/to_ids:1||0/published:1||0/includeContext:0/eventid:' . $id ), 'csv_with_context' => array( - 'url' => '/events/restSearch/returnFormat:csv/to_ids:1/published:1/includeContext:1/eventid:' . $id, + 'url' => $baseurl . '/events/restSearch/returnFormat:csv/to_ids:1/published:1/includeContext:1/eventid:' . $id, 'text' => 'CSV with additional context', 'requiresPublished' => false, 'checkbox' => true, 'checkbox_text' => 'Include non-IDS marked attributes', - 'checkbox_set' => '/events/restSearch/returnFormat:csv/to_ids:1||0/published:1||0/includeContext:1/eventid:' . $id + 'checkbox_set' => $baseurl . '/events/restSearch/returnFormat:csv/to_ids:1||0/published:1||0/includeContext:1/eventid:' . $id ), 'stix_xml' => array( - 'url' => '/events/restSearch/stix/eventid:' . $id, + 'url' => $baseurl . '/events/restSearch/stix/eventid:' . $id, 'text' => 'STIX XML (metadata + all attributes)', 'requiresPublished' => false, 'checkbox' => true, 'checkbox_text' => 'Encode Attachments', - 'checkbox_set' => '/events/restSearch/stix/eventid:' . $id . '/withAttachments:1' + 'checkbox_set' => $baseurl . '/events/restSearch/stix/eventid:' . $id . '/withAttachments:1' ), 'stix_json' => array( - 'url' => '/events/restSearch/stix-json/eventid:' . $id, + 'url' => $baseurl . '/events/restSearch/stix-json/eventid:' . $id, 'text' => 'STIX JSON (metadata + all attributes)', 'requiresPublished' => false, 'checkbox' => true, 'checkbox_text' => 'Encode Attachments', - 'checkbox_set' => '/events/restSearch/stix-json/withAttachments:1/eventid:' . $id + 'checkbox_set' => $baseurl . '/events/restSearch/stix-json/withAttachments:1/eventid:' . $id ), 'stix2_json' => array( - 'url' => '/events/restSearch/stix2/eventid:' . $id, + 'url' => $baseurl . '/events/restSearch/stix2/eventid:' . $id, 'text' => 'STIX2 (requires the STIX 2 library)', 'requiresPublished' => false, 'checkbox' => true, 'checkbox_text' => 'Encode Attachments', - 'checkbox_set' => '/events/restSearch/stix2/eventid:' . $id . '/withAttachments:1' + 'checkbox_set' => $baseurl . '/events/restSearch/stix2/eventid:' . $id . '/withAttachments:1' ), 'rpz' => array( - 'url' => '/attributes/restSearch/returnFormat:rpz/published:1||0/eventid:' . $id, + 'url' => $baseurl . '/attributes/restSearch/returnFormat:rpz/published:1||0/eventid:' . $id, 'text' => 'RPZ Zone file', 'requiresPublished' => false, 'checkbox' => false, ), 'suricata' => array( - 'url' => '/events/restSearch/returnFormat:suricata/published:1||0/eventid:' . $id, + 'url' => $baseurl . '/events/restSearch/returnFormat:suricata/published:1||0/eventid:' . $id, 'text' => 'Download Suricata rules', 'requiresPublished' => false, 'checkbox' => false, ), 'snort' => array( - 'url' => '/events/restSearch/returnFormat:snort/published:1||0/eventid:' . $id, + 'url' => $baseurl . '/events/restSearch/returnFormat:snort/published:1||0/eventid:' . $id, 'text' => 'Download Snort rules', 'requiresPublished' => false, 'checkbox' => false, ), 'bro' => array( - 'url' => '/attributes/bro/download/all/false/' . $id, + 'url' => $baseurl . '/attributes/bro/download/all/false/' . $id, // 'url' => '/attributes/restSearch/returnFormat:bro/published:1||0/eventid:' . $id, 'text' => 'Download Bro rules', 'requiresPublished' => false, @@ -4036,11 +4036,11 @@ class EventsController extends AppController ), 'text' => array( 'text' => 'Export all attribute values as a text file', - 'url' => '/attributes/restSearch/returnFormat:text/published:1||0/eventid:' . $id, + 'url' => $baseurl . '/attributes/restSearch/returnFormat:text/published:1||0/eventid:' . $id, 'requiresPublished' => false, 'checkbox' => true, 'checkbox_text' => 'Include non-IDS marked attributes', - 'checkbox_set' => '/attributes/restSearch/returnFormat:text/published:1||0/to_ids:1||0/eventid:' . $id + 'checkbox_set' => $baseurl . '/attributes/restSearch/returnFormat:text/published:1||0/to_ids:1||0/eventid:' . $id ), ); if ($event['Event']['published'] == 0) { @@ -4050,7 +4050,7 @@ class EventsController extends AppController } } $exports['csv'] = array( - 'url' => '/events/restSearch/returnFormat:csv/includeContext:0/eventid:' . $id, + 'url' => $baseurl . '/events/restSearch/returnFormat:csv/includeContext:0/eventid:' . $id, 'text' => 'CSV (event not published, IDS flag ignored)', 'requiresPublished' => false, 'checkbox' => false @@ -4061,7 +4061,7 @@ class EventsController extends AppController if (is_array($modules) && !empty($modules)) { foreach ($modules['modules'] as $module) { $exports[$module['name']] = array( - 'url' => '/events/exportModule/' . $module['name'] . '/' . $id, + 'url' => $baseurl . '/events/exportModule/' . $module['name'] . '/' . $id, 'text' => Inflector::humanize($module['name']), 'requiresPublished' => true, 'checkbox' => false, @@ -4085,29 +4085,31 @@ class EventsController extends AppController } $imports = array( 'freetext' => array( - 'url' => '/events/freeTextImport/' . $id, + 'url' => $baseurl . '/events/freeTextImport/' . $id, 'text' => __('Freetext Import'), 'ajax' => true, 'target' => 'popover_form' ), 'template' => array( - 'url' => '/templates/templateChoices/' . $id, + 'url' => $baseurl . '/templates/templateChoices/' . $id, 'text' => __('Populate using a Template'), 'ajax' => true, 'target' => 'popover_form' ), 'OpenIOC' => array( - 'url' => '/events/addIOC/' . $id, + 'url' => $baseurl . '/events/addIOC/' . $id, 'text' => __('OpenIOC Import'), + 'url' => $baseurl . '/events/addIOC/' . $id, + 'text' => 'OpenIOC Import', 'ajax' => false, ), 'ThreatConnect' => array( - 'url' => '/attributes/add_threatconnect/' . $id, + 'url' => $baseurl . '/attributes/add_threatconnect/' . $id, 'text' => __('ThreatConnect Import'), 'ajax' => false ), 'Forensic analysis' => array( - 'url' => '/events/upload_analysis_file/'.$id, + 'url' => $baseurl . '/events/upload_analysis_file/'.$id, 'text' => __('(Experimental) Forensic analysis - Mactime'), 'ajax' => false, ) @@ -4117,7 +4119,7 @@ class EventsController extends AppController if (is_array($modules) && !empty($modules)) { foreach ($modules['modules'] as $k => $module) { $imports[$module['name']] = array( - 'url' => '/events/importModule/' . $module['name'] . '/' . $id, + 'url' => $baseurl . '/events/importModule/' . $module['name'] . '/' . $id, 'text' => Inflector::humanize($module['name']), 'ajax' => false ); @@ -4126,18 +4128,18 @@ class EventsController extends AppController } else { $imports = array( 'MISP' => array( - 'url' => '/events/add_misp_export', + 'url' => $baseurl . '/events/add_misp_export', 'text' => __('MISP standard (recommended exchange format - lossless)'), 'ajax' => false, 'bold' => true ), 'STIX' => array( - 'url' => '/events/upload_stix', + 'url' => $baseurl . '/events/upload_stix', 'text' => __('STIX 1.1.1 format (lossy)'), 'ajax' => false, ), 'STIX2' => array( - 'url' => '/events/upload_stix/2', + 'url' => $baseurl . '/events/upload_stix/2', 'text' => __('STIX 2.0 format (lossy)'), 'ajax' => false, ) @@ -4358,7 +4360,7 @@ class EventsController extends AppController if ($successCount > 0) { $this->set('name', 'Partial success'); $this->set('message', 'Successfuly saved ' . $successCount . ' sample(s), but some samples could not be saved.'); - $this->set('url', '/events/view/' . $data['settings']['event_id']); + $this->set('url', $baseurl . '/events/view/' . $data['settings']['event_id']); $this->set('id', $data['settings']['event_id']); $this->set('_serialize', array('name', 'message', 'url', 'id', 'errors')); } else { @@ -4369,7 +4371,7 @@ class EventsController extends AppController } else { $this->set('name', 'Success'); $this->set('message', 'Success, saved all attributes.'); - $this->set('url', '/events/view/' . $data['settings']['event_id']); + $this->set('url', $baseurl . '/events/view/' . $data['settings']['event_id']); $this->set('id', $data['settings']['event_id']); $this->set('_serialize', array('name', 'message', 'url', 'id')); } diff --git a/app/Controller/GalaxiesController.php b/app/Controller/GalaxiesController.php index 6db67b8ab..c22808062 100644 --- a/app/Controller/GalaxiesController.php +++ b/app/Controller/GalaxiesController.php @@ -155,14 +155,14 @@ class GalaxiesController extends AppController $items = array( array( 'name' => __('All clusters'), - 'value' => "/galaxies/selectCluster/" . h($target_id) . '/' . h($target_type) . '/0'. '/local:' . $local + 'value' => $baseurl . "/galaxies/selectCluster/" . h($target_id) . '/' . h($target_type) . '/0'. '/local:' . $local ) ); foreach ($galaxies as $galaxy) { if (!isset($galaxy['Galaxy']['kill_chain_order'])) { $items[] = array( 'name' => h($galaxy['Galaxy']['name']), - 'value' => "/galaxies/selectCluster/" . $target_id . '/' . $target_type . '/' . $galaxy['Galaxy']['id'] . '/local:' . $local, + 'value' => $baseurl . "/galaxies/selectCluster/" . $target_id . '/' . $target_type . '/' . $galaxy['Galaxy']['id'] . '/local:' . $local, 'template' => array( 'preIcon' => 'fa-' . $galaxy['Galaxy']['icon'], 'name' => $galaxy['Galaxy']['name'], @@ -183,7 +183,7 @@ class GalaxiesController extends AppController 'isMatrix' => true ); if ($galaxy['Galaxy']['id'] == $mitreAttackGalaxyId) { - $param['img'] = "/img/mitre-attack-icon.ico"; + $param['img'] = $baseurl . "/img/mitre-attack-icon.ico"; } $items[] = $param; } @@ -205,12 +205,12 @@ class GalaxiesController extends AppController $items = array(); $items[] = array( 'name' => __('All namespaces'), - 'value' => "/galaxies/selectGalaxy/" . $target_id . '/' . $target_type . '/0' . '/local:' . $local + 'value' => $baseurl . "/galaxies/selectGalaxy/" . $target_id . '/' . $target_type . '/0' . '/local:' . $local ); foreach ($namespaces as $namespace) { $items[] = array( 'name' => $namespace, - 'value' => "/galaxies/selectGalaxy/" . $target_id . '/' . $target_type . '/' . $namespace . '/local:' . $local + 'value' => $baseurl . "/galaxies/selectGalaxy/" . $target_id . '/' . $target_type . '/' . $namespace . '/local:' . $local ); } diff --git a/app/Controller/ObjectTemplatesController.php b/app/Controller/ObjectTemplatesController.php index b4f6c8031..39e378855 100644 --- a/app/Controller/ObjectTemplatesController.php +++ b/app/Controller/ObjectTemplatesController.php @@ -29,12 +29,12 @@ class ObjectTemplatesController extends AppController $items = array(); $items[] = array( 'name' => __('All Objects'), - 'value' => "/ObjectTemplates/objectChoice/" . h($event_id) . "/" . "0" + 'value' => $baseurl . "/ObjectTemplates/objectChoice/" . h($event_id) . "/" . "0" ); foreach($metas as $meta) { $items[] = array( 'name' => $meta, - 'value' => "/ObjectTemplates/objectChoice/" . h($event_id) . "/" . h($meta) + 'value' => $baseurl . "/ObjectTemplates/objectChoice/" . h($event_id) . "/" . h($meta) ); } diff --git a/app/Controller/ServersController.php b/app/Controller/ServersController.php index 5444dc0a7..10981017e 100644 --- a/app/Controller/ServersController.php +++ b/app/Controller/ServersController.php @@ -1745,7 +1745,7 @@ class ServersController extends AppController 'recommendBackup' => false, 'exitOnError' => false, 'requirements' => '', - 'url' => '/' + 'url' => $baseurl . '/' ); foreach($actions as $id => $action) { foreach($default_fields as $field => $value) { diff --git a/app/Controller/ShadowAttributesController.php b/app/Controller/ShadowAttributesController.php index c3c634dc2..ce2bfcfcf 100644 --- a/app/Controller/ShadowAttributesController.php +++ b/app/Controller/ShadowAttributesController.php @@ -171,7 +171,7 @@ class ShadowAttributesController extends AppController $response['check_publish'] = true; $this->set('name', $response['success']); $this->set('message', $response['success']); - $this->set('url', '/shadow_attributes/accept/' . $id); + $this->set('url', $baseurl . '/shadow_attributes/accept/' . $id); $this->set('_serialize', array('name', 'message', 'url')); } else { throw new MethodNotAllowedException($response['errors']); @@ -223,7 +223,7 @@ class ShadowAttributesController extends AppController if ($this->_isRest()) { $this->set('name', 'Proposal discarded.'); $this->set('message', 'Proposal discarded.'); - $this->set('url', '/shadow_attributes/discard/' . $id); + $this->set('url', $baseurl . '/shadow_attributes/discard/' . $id); $this->set('_serialize', array('name', 'message', 'url')); } else { $this->autoRender = false; @@ -865,7 +865,7 @@ class ShadowAttributesController extends AppController $conditions['AND'][] = array( 'ShadowAttribute.deleted' => $this->request['named']['deleted'] ); - } + } if (!empty($this->request['named']['timestamp'])) { $conditions['AND'][] = array( 'ShadowAttribute.timestamp >=' => $this->request['named']['timestamp'] diff --git a/app/Controller/TagsController.php b/app/Controller/TagsController.php index 5a9475a0d..5acb9b6dc 100644 --- a/app/Controller/TagsController.php +++ b/app/Controller/TagsController.php @@ -364,7 +364,7 @@ class TagsController extends AppController if ($this->_isRest()) { $this->set('name', 'Tag deleted.'); $this->set('message', 'Tag deleted.'); - $this->set('url', '/tags/delete/' . $id); + $this->set('url', $baseurl . '/tags/delete/' . $id); $this->set('_serialize', array('name', 'message', 'url')); } $this->Flash->success(__('Tag deleted')); @@ -574,22 +574,22 @@ class TagsController extends AppController if ($favourites) { $items[] = array( 'name' => __('Favourite Tags'), - 'value' => "/tags/selectTag/" . h($id) . "/favourites/" . h($scope) . $localFlag + 'value' => $baseurl . "/tags/selectTag/" . h($id) . "/favourites/" . h($scope) . $localFlag ); } if ($scope !== 'tag_collection') { $items[] = array( 'name' => __('Tag Collections'), - 'value' => "/tags/selectTag/" . h($id) . "/collections/" . h($scope) . $localFlag + 'value' => $baseurl . "/tags/selectTag/" . h($id) . "/collections/" . h($scope) . $localFlag ); } $items[] = array( 'name' => __('Custom Tags'), - 'value' => "/tags/selectTag/" . h($id) . "/0/" . h($scope) . $localFlag + 'value' => $baseurl . "/tags/selectTag/" . h($id) . "/0/" . h($scope) . $localFlag ); $items[] = array( 'name' => __('All Tags'), - 'value' => "/tags/selectTag/" . h($id) . "/all/" . h($scope) . $localFlag + 'value' => $baseurl . "/tags/selectTag/" . h($id) . "/all/" . h($scope) . $localFlag ); $this->loadModel('Taxonomy'); @@ -597,7 +597,7 @@ class TagsController extends AppController foreach ($options as $k => $option) { $items[] = array( 'name' => __('Taxonomy Library') . ":" . h($option), - 'value' => "/tags/selectTag/" . h($id) . "/" . h($k) . "/" . h($scope . $localFlag) + 'value' => $baseurl . "/tags/selectTag/" . h($id) . "/" . h($k) . "/" . h($scope . $localFlag) ); } $this->set('items', $items); diff --git a/app/Model/Server.php b/app/Model/Server.php index 8a7de5913..8dbac7b80 100644 --- a/app/Model/Server.php +++ b/app/Model/Server.php @@ -181,7 +181,7 @@ class Server extends AppModel 'branch' => 1, 'baseurl' => array( 'level' => 0, - 'description' => __('The base url of the application (in the format https://www.mymispinstance.com). Several features depend on this setting being correctly set to function.'), + 'description' => __('The base url of the application (in the format https://www.mymispinstance.com or https://myserver.com/misp). Several features depend on this setting being correctly set to function.'), 'value' => '', 'errorMessage' => __('The currenty set baseurl does not match the URL through which you have accessed the page. Disregard this if you are accessing the page via an alternate URL (for example via IP address).'), 'test' => 'testBaseURL', @@ -3568,7 +3568,10 @@ class Server extends AppModel if ($this->testForEmpty($value) !== true) { return $this->testForEmpty($value); } - if ($value != strtolower($this->getProto()) . '://' . $this->getHost()) { + $regex = "%^(?https?)://(?(?:(?:\w|-)+\.)+[a-z]{2,5})(?::(?[0-9]+))?(?/[a-z0-9_\-\.]+)?$%i"; + if ( !preg_match($regex, $value, $matches) + || strtolower($matches['proto']) != strtolower($this->getProto()) + || strtolower($matches['host']) != strtolower($this->getHost()) ) { return 'Invalid baseurl, it has to be in the "https://FQDN" format.'; } return true; diff --git a/app/View/Attributes/ajax/attributeEditCategoryForm.ctp b/app/View/Attributes/ajax/attributeEditCategoryForm.ctp index 0ff354bb3..6636ffe82 100644 --- a/app/View/Attributes/ajax/attributeEditCategoryForm.ctp +++ b/app/View/Attributes/ajax/attributeEditCategoryForm.ctp @@ -1,5 +1,5 @@ Form->create('Attribute', array('class' => 'inline-form inline-field-form', 'id' => 'Attribute_' . $object['id'] . '_category_form', 'url' => '/attributes/editField/' . $object['id'])); + echo $this->Form->create('Attribute', array('class' => 'inline-form inline-field-form', 'id' => 'Attribute_' . $object['id'] . '_category_form', 'url' => $baseurl . '/attributes/editField/' . $object['id'])); ?>
diff --git a/app/View/Attributes/ajax/attributeEditCommentForm.ctp b/app/View/Attributes/ajax/attributeEditCommentForm.ctp index 4e5695de1..cdbd266cc 100644 --- a/app/View/Attributes/ajax/attributeEditCommentForm.ctp +++ b/app/View/Attributes/ajax/attributeEditCommentForm.ctp @@ -1,5 +1,5 @@ Form->create('Attribute', array('class' => 'inline-form inline-field-form', 'id' => 'Attribute_' . $object['id'] . '_comment_form', 'url' => '/attributes/editField/' . $object['id'])); + echo $this->Form->create('Attribute', array('class' => 'inline-form inline-field-form', 'id' => 'Attribute_' . $object['id'] . '_comment_form', 'url' => $baseurl . '/attributes/editField/' . $object['id'])); ?>
diff --git a/app/View/Attributes/ajax/attributeEditDistributionForm.ctp b/app/View/Attributes/ajax/attributeEditDistributionForm.ctp index 79cecbb0c..7537b0811 100644 --- a/app/View/Attributes/ajax/attributeEditDistributionForm.ctp +++ b/app/View/Attributes/ajax/attributeEditDistributionForm.ctp @@ -1,5 +1,5 @@ Form->create('Attribute', array('class' => 'inline-form inline-field-form', 'id' => 'Attribute_' . $object['id'] . '_distribution_form', 'url' => '/attributes/editField/' . $object['id'])); + echo $this->Form->create('Attribute', array('class' => 'inline-form inline-field-form', 'id' => 'Attribute_' . $object['id'] . '_distribution_form', 'url' => $baseurl . '/attributes/editField/' . $object['id'])); ?>
diff --git a/app/View/Attributes/ajax/attributeEditMassForm.ctp b/app/View/Attributes/ajax/attributeEditMassForm.ctp index 56a792d00..48fa49ad2 100644 --- a/app/View/Attributes/ajax/attributeEditMassForm.ctp +++ b/app/View/Attributes/ajax/attributeEditMassForm.ctp @@ -1,6 +1,6 @@
Form->create('Attribute', array('url' => '/attributes/editSelected/' . $id)); + echo $this->Form->create('Attribute', array('url' => $baseurl . '/attributes/editSelected/' . $id)); ?>
diff --git a/app/View/Attributes/ajax/attributeEditTo_idsForm.ctp b/app/View/Attributes/ajax/attributeEditTo_idsForm.ctp index 583cd23eb..f05db3476 100644 --- a/app/View/Attributes/ajax/attributeEditTo_idsForm.ctp +++ b/app/View/Attributes/ajax/attributeEditTo_idsForm.ctp @@ -1,6 +1,6 @@
Form->create('Attribute', array('style' => 'margin:0px;', 'id' => 'PromptForm', 'url' => '/attributes/editField/' . $object['id'])); + echo $this->Form->create('Attribute', array('style' => 'margin:0px;', 'id' => 'PromptForm', 'url' => $baseurl . '/attributes/editField/' . $object['id'])); echo $this->Form->input('to_ids', array( 'options' => array(0 => 'No', 1 => 'Yes'), 'label' => false, diff --git a/app/View/Attributes/ajax/attributeEditTypeForm.ctp b/app/View/Attributes/ajax/attributeEditTypeForm.ctp index b48004456..98bac6f3b 100644 --- a/app/View/Attributes/ajax/attributeEditTypeForm.ctp +++ b/app/View/Attributes/ajax/attributeEditTypeForm.ctp @@ -1,5 +1,5 @@ Form->create('Attribute', array('class' => 'inline-form inline-field-form', 'id' => 'Attribute_' . $object['id'] . '_type_form', 'url' => '/attributes/editField/' . $object['id'])); + echo $this->Form->create('Attribute', array('class' => 'inline-form inline-field-form', 'id' => 'Attribute_' . $object['id'] . '_type_form', 'url' => $baseurl . '/attributes/editField/' . $object['id'])); ?>
diff --git a/app/View/Attributes/ajax/attributeEditValueForm.ctp b/app/View/Attributes/ajax/attributeEditValueForm.ctp index bc988e71c..9524a6427 100644 --- a/app/View/Attributes/ajax/attributeEditValueForm.ctp +++ b/app/View/Attributes/ajax/attributeEditValueForm.ctp @@ -1,6 +1,6 @@ Form->create('Attribute', array('class' => 'inline-form inline-field-form', 'url' => '/attributes/editField/' . $object['id'], 'id' => 'Attribute_' . $object['id'] . '_value_form', 'default' => false)); + echo $this->Form->create('Attribute', array('class' => 'inline-form inline-field-form', 'url' => $baseurl . '/attributes/editField/' . $object['id'], 'id' => 'Attribute_' . $object['id'] . '_value_form', 'default' => false)); ?>
diff --git a/app/View/Attributes/ajax/tagRemoveConfirmation.ctp b/app/View/Attributes/ajax/tagRemoveConfirmation.ctp index 531945584..21faced18 100644 --- a/app/View/Attributes/ajax/tagRemoveConfirmation.ctp +++ b/app/View/Attributes/ajax/tagRemoveConfirmation.ctp @@ -1,6 +1,6 @@
Form->create($model, array('style' => 'margin:0px;', 'id' => 'PromptForm', 'url' => '/' . strtolower($model) . 's/removeTag/' . $id . '/' . $tag_id)); + echo $this->Form->create($model, array('style' => 'margin:0px;', 'id' => 'PromptForm', 'url' => $baseurl . '/' . strtolower($model) . 's/removeTag/' . $id . '/' . $tag_id)); $action = "removeObjectTag('" . $model . "', '" . h($id) . "', '" . h($tag_id) . "');"; ?> diff --git a/app/View/Attributes/ajax/toggle_correlation.ctp b/app/View/Attributes/ajax/toggle_correlation.ctp index 41042e9b9..709b8aed9 100644 --- a/app/View/Attributes/ajax/toggle_correlation.ctp +++ b/app/View/Attributes/ajax/toggle_correlation.ctp @@ -1,6 +1,6 @@
Form->create('Attribute', array('style' => 'margin:0px;', 'id' => 'PromptForm', 'url' => '/attributes/toggleCorrelation/' . $attribute['Attribute']['id'])); + echo $this->Form->create('Attribute', array('style' => 'margin:0px;', 'id' => 'PromptForm', 'url' => $baseurl . '/attributes/toggleCorrelation/' . $attribute['Attribute']['id'])); $extraTitle = ""; ?> diff --git a/app/View/Attributes/attribute_replace.ctp b/app/View/Attributes/attribute_replace.ctp index 6ee87cd62..5e3c5ce47 100644 --- a/app/View/Attributes/attribute_replace.ctp +++ b/app/View/Attributes/attribute_replace.ctp @@ -1,6 +1,6 @@
Form->create('Attribute', array('id', 'url' => '/attributes/attributeReplace/' . $event_id)); +echo $this->Form->create('Attribute', array('id', 'url' => $baseurl . '/attributes/attributeReplace/' . $event_id)); ?>
diff --git a/app/View/Elements/Events/View/eventFilteringQueryBuilder.ctp b/app/View/Elements/Events/View/eventFilteringQueryBuilder.ctp index ecf07c81d..72e21bd33 100644 --- a/app/View/Elements/Events/View/eventFilteringQueryBuilder.ctp +++ b/app/View/Elements/Events/View/eventFilteringQueryBuilder.ctp @@ -503,7 +503,7 @@ function cleanRules(rules) { function performQuery(rules) { var res = cleanRules(rules); - var url = "/events/viewEventAttributes/"; + var url = "/events/viewEventAttributes/"; $.ajax({ type:"post", url: url, diff --git a/app/View/Elements/Events/View/row_attribute.ctp b/app/View/Elements/Events/View/row_attribute.ctp index 46f1064c4..6d9b6cb15 100644 --- a/app/View/Elements/Events/View/row_attribute.ctp +++ b/app/View/Elements/Events/View/row_attribute.ctp @@ -338,7 +338,7 @@ - + - + - + diff --git a/app/View/Elements/Events/View/row_proposal.ctp b/app/View/Elements/Events/View/row_proposal.ctp index 50f9d3f58..d0f90b8b8 100644 --- a/app/View/Elements/Events/View/row_proposal.ctp +++ b/app/View/Elements/Events/View/row_proposal.ctp @@ -188,7 +188,7 @@ Form->create('Shadow_Attribute', array('id' => 'ShadowAttribute_' . $object['id'] . '_accept', 'url' => '/shadow_attributes/accept/' . $object['id'], 'style' => 'display:none;')); + echo $this->Form->create('Shadow_Attribute', array('id' => 'ShadowAttribute_' . $object['id'] . '_accept', 'url' => $baseurl . '/shadow_attributes/accept/' . $object['id'], 'style' => 'display:none;')); echo $this->Form->end(); ?> diff --git a/app/View/Elements/Events/View/row_proposal_delete.ctp b/app/View/Elements/Events/View/row_proposal_delete.ctp index 3359dd828..c89d0de46 100644 --- a/app/View/Elements/Events/View/row_proposal_delete.ctp +++ b/app/View/Elements/Events/View/row_proposal_delete.ctp @@ -74,7 +74,7 @@ Form->create('Shadow_Attribute', array('id' => 'ShadowAttribute_' . $object['id'] . '_accept', 'url' => '/shadow_attributes/accept/' . $object['id'], 'style' => 'display:none;')); + echo $this->Form->create('Shadow_Attribute', array('id' => 'ShadowAttribute_' . $object['id'] . '_accept', 'url' => $baseurl . '/shadow_attributes/accept/' . $object['id'], 'style' => 'display:none;')); echo $this->Form->end(); ?> diff --git a/app/View/Elements/Events/View/sighting_field.ctp b/app/View/Elements/Events/View/sighting_field.ctp index 139159314..4832df401 100644 --- a/app/View/Elements/Events/View/sighting_field.ctp +++ b/app/View/Elements/Events/View/sighting_field.ctp @@ -1,7 +1,7 @@ Form->create('Sighting', array('id' => 'Sighting_' . $object['id'], 'url' => '/sightings/add/' . $object['id'], 'style' => 'display:none;')); + echo $this->Form->create('Sighting', array('id' => 'Sighting_' . $object['id'], 'url' => $baseurl . '/sightings/add/' . $object['id'], 'style' => 'display:none;')); echo $this->Form->input('type', array('label' => false, 'id' => 'Sighting_' . $object['id'] . '_type')); echo $this->Form->end(); ?> diff --git a/app/View/Elements/Feeds/eventattribute.ctp b/app/View/Elements/Feeds/eventattribute.ctp index 97b654325..770eb8fcf 100644 --- a/app/View/Elements/Feeds/eventattribute.ctp +++ b/app/View/Elements/Feeds/eventattribute.ctp @@ -102,7 +102,7 @@