tomasz.sowa/winix
1
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

html code in editors (emacs, ckeditor...) is filtered now for normal users

Browse Source 
(root is allowed to use any html code)


git-svn-id: svn://ttmath.org/publicrep/winix/trunk@641 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
Tomasz Sowa
2010-08-14 17:56:07 +00:00
parent d9f2e91806
commit ca4e53bb0f
11 changed files with 116 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
functions/Makefile.dep
View File

@@ -71,6 +71,7 @@ ckeditor.o: default.h download.h editticket.h emacs.h last.h login.h logout.h
ckeditor.o: ls.h mkdir.h mv.h node.h priv.h reload.h rm.h run.h subject.h
ckeditor.o: funthread.h ../core/thread.h funticket.h ../core/ticket.h
ckeditor.o: template.h tinymce.h uname.h upload.h uptime.h who.h
ckeditor.o: ../core/htmlfilter.h
cp.o: cp.h functionbase.h ../core/item.h ../core/db.h ../core/item.h
cp.o: ../core/user.h ../core/group.h ../core/thread.h ../core/error.h
cp.o: ../core/log.h ../core/dircontainer.h ../core/ugcontainer.h
@@ -88,7 +89,7 @@ cp.o: cat.h chmod.h privchanger.h chown.h ckeditor.h createthread.h
cp.o: createticket.h default.h download.h editticket.h emacs.h last.h login.h
cp.o: logout.h ls.h mkdir.h mv.h node.h priv.h reload.h rm.h run.h subject.h
cp.o: funthread.h ../core/thread.h funticket.h ../core/ticket.h template.h
cp.o: tinymce.h uname.h upload.h uptime.h who.h
cp.o: tinymce.h uname.h upload.h uptime.h who.h ../core/htmlfilter.h
createthread.o: createthread.h functionbase.h ../core/item.h ../core/db.h
createthread.o: ../core/item.h ../core/user.h ../core/group.h
createthread.o: ../core/thread.h ../core/error.h ../core/log.h
@@ -109,7 +110,7 @@ createthread.o: default.h download.h editticket.h emacs.h last.h login.h
createthread.o: logout.h ls.h mkdir.h mv.h node.h priv.h reload.h rm.h run.h
createthread.o: subject.h funthread.h ../core/thread.h funticket.h
createthread.o: ../core/ticket.h template.h tinymce.h uname.h upload.h
createthread.o: uptime.h who.h
createthread.o: uptime.h who.h ../core/htmlfilter.h
createticket.o: createticket.h functionbase.h ../core/item.h ../core/db.h
createticket.o: ../core/item.h ../core/user.h ../core/group.h
createticket.o: ../core/thread.h ../core/error.h ../core/log.h
@@ -130,7 +131,7 @@ createticket.o: createthread.h default.h download.h editticket.h emacs.h
createticket.o: last.h login.h logout.h ls.h mkdir.h mv.h node.h priv.h
createticket.o: reload.h rm.h run.h subject.h funthread.h ../core/thread.h
createticket.o: funticket.h template.h tinymce.h uname.h upload.h uptime.h
createticket.o: who.h
createticket.o: who.h ../core/htmlfilter.h
default.o: default.h functionbase.h ../core/item.h ../core/db.h
default.o: ../core/item.h ../core/user.h ../core/group.h ../core/thread.h
default.o: ../core/error.h ../core/log.h ../core/dircontainer.h
@@ -176,7 +177,7 @@ editticket.o: createticket.h default.h download.h emacs.h last.h login.h
editticket.o: logout.h ls.h mkdir.h mv.h node.h priv.h reload.h rm.h run.h
editticket.o: subject.h funthread.h ../core/thread.h funticket.h
editticket.o: ../core/ticket.h template.h tinymce.h uname.h upload.h uptime.h
editticket.o: who.h readticket.h
editticket.o: who.h ../core/htmlfilter.h readticket.h
emacs.o: emacs.h functionbase.h ../core/item.h ../core/db.h ../core/item.h
emacs.o: ../core/user.h ../core/group.h ../core/thread.h ../core/error.h
emacs.o: ../core/log.h ../core/dircontainer.h ../core/ugcontainer.h
@@ -199,6 +200,7 @@ emacs.o: createticket.h default.h download.h editticket.h last.h login.h
emacs.o: logout.h ls.h mkdir.h mv.h node.h priv.h reload.h rm.h run.h
emacs.o: subject.h funthread.h ../core/thread.h funticket.h ../core/ticket.h
emacs.o: template.h tinymce.h uname.h upload.h uptime.h who.h
emacs.o: ../core/htmlfilter.h
functionbase.o: functionbase.h ../core/item.h ../core/db.h ../core/item.h
functionbase.o: ../core/user.h ../core/group.h ../core/thread.h
functionbase.o: ../core/error.h ../core/log.h ../core/dircontainer.h
@@ -219,7 +221,7 @@ functionbase.o: default.h download.h editticket.h emacs.h last.h login.h
functionbase.o: logout.h ls.h mkdir.h mv.h node.h priv.h reload.h rm.h run.h
functionbase.o: subject.h funthread.h ../core/thread.h funticket.h
functionbase.o: ../core/ticket.h template.h tinymce.h uname.h upload.h
functionbase.o: uptime.h who.h
functionbase.o: uptime.h who.h ../core/htmlfilter.h
functionparser.o: functionparser.h ../core/request.h ../core/requesttypes.h
functionparser.o: ../core/session.h ../core/item.h ../core/error.h
functionparser.o: ../core/log.h ../core/user.h ../core/plugindata.h
@@ -241,7 +243,7 @@ functionparser.o: default.h download.h editticket.h emacs.h last.h login.h
functionparser.o: logout.h ls.h mkdir.h mv.h node.h priv.h reload.h rm.h
functionparser.o: run.h subject.h funthread.h ../core/thread.h funticket.h
functionparser.o: ../core/ticket.h template.h tinymce.h uname.h upload.h
functionparser.o: uptime.h who.h
functionparser.o: uptime.h who.h ../core/htmlfilter.h
functions.o: functions.h functionbase.h ../core/item.h ../core/db.h
functions.o: ../core/item.h ../core/user.h ../core/group.h ../core/thread.h
functions.o: ../core/error.h ../core/log.h ../core/dircontainer.h
@@ -261,8 +263,9 @@ functions.o: download.h editticket.h emacs.h last.h login.h logout.h ls.h
functions.o: mkdir.h mv.h node.h priv.h reload.h rm.h run.h subject.h
functions.o: funthread.h ../core/thread.h funticket.h ../core/ticket.h
functions.o: template.h tinymce.h uname.h upload.h uptime.h who.h
functions.o: ../core/log.h ../core/misc.h ../templates/templates.h
functions.o: ../templates/patterncacher.h ../core/item.h ../templates/misc.h
functions.o: ../core/htmlfilter.h ../core/log.h ../core/misc.h
functions.o: ../templates/templates.h ../templates/patterncacher.h
functions.o: ../core/item.h ../templates/misc.h
functions.o: ../templates/ckeditorgetparser.h ../core/httpsimpleparser.h
functions.o: ../core/log.h ../templates/indexpatterns.h
functions.o: ../core/sessionmanager.h ../core/sessioncontainer.h
@@ -364,6 +367,7 @@ mkdir.o: createticket.h default.h download.h editticket.h emacs.h last.h
mkdir.o: login.h logout.h ls.h mv.h node.h priv.h reload.h rm.h run.h
mkdir.o: subject.h funthread.h ../core/thread.h funticket.h ../core/ticket.h
mkdir.o: template.h tinymce.h uname.h upload.h uptime.h who.h
mkdir.o: ../core/htmlfilter.h
mv.o: mv.h functionbase.h ../core/item.h ../core/db.h ../core/item.h
mv.o: ../core/user.h ../core/group.h ../core/thread.h ../core/error.h
mv.o: ../core/log.h ../core/dircontainer.h ../core/ugcontainer.h
@@ -381,7 +385,7 @@ mv.o: privchanger.h chown.h ckeditor.h cp.h createthread.h createticket.h
mv.o: default.h download.h editticket.h emacs.h last.h login.h logout.h ls.h
mv.o: mkdir.h node.h priv.h reload.h rm.h run.h subject.h funthread.h
mv.o: ../core/thread.h funticket.h ../core/ticket.h template.h tinymce.h
mv.o: uname.h upload.h uptime.h who.h
mv.o: uname.h upload.h uptime.h who.h ../core/htmlfilter.h
node.o: node.h functionbase.h ../core/item.h ../core/db.h ../core/item.h
node.o: ../core/user.h ../core/group.h ../core/thread.h ../core/error.h
node.o: ../core/log.h ../core/dircontainer.h ../core/ugcontainer.h
@@ -463,10 +467,11 @@ rm.o: privchanger.h chown.h ckeditor.h cp.h createthread.h createticket.h
rm.o: default.h download.h editticket.h emacs.h last.h login.h logout.h ls.h
rm.o: mkdir.h mv.h node.h priv.h reload.h run.h subject.h funthread.h
rm.o: ../core/thread.h funticket.h ../core/ticket.h template.h tinymce.h
rm.o: uname.h upload.h uptime.h who.h ../templates/templates.h
rm.o: ../templates/patterncacher.h ../core/item.h ../templates/misc.h
rm.o: ../templates/ckeditorgetparser.h ../core/httpsimpleparser.h
rm.o: ../core/log.h ../templates/indexpatterns.h ../core/sessionmanager.h
rm.o: uname.h upload.h uptime.h who.h ../core/htmlfilter.h
rm.o: ../templates/templates.h ../templates/patterncacher.h ../core/item.h
rm.o: ../templates/misc.h ../templates/ckeditorgetparser.h
rm.o: ../core/httpsimpleparser.h ../core/log.h ../templates/indexpatterns.h
rm.o: ../core/sessionmanager.h
run.o: run.h functionbase.h ../core/item.h ../core/db.h ../core/item.h
run.o: ../core/user.h ../core/group.h ../core/thread.h ../core/error.h
run.o: ../core/log.h ../core/dircontainer.h ../core/ugcontainer.h
@@ -525,7 +530,7 @@ tinymce.o: chown.h ckeditor.h cp.h createthread.h createticket.h default.h
tinymce.o: download.h editticket.h emacs.h last.h login.h logout.h ls.h
tinymce.o: mkdir.h mv.h node.h priv.h reload.h rm.h run.h subject.h
tinymce.o: funthread.h ../core/thread.h funticket.h ../core/ticket.h
tinymce.o: template.h uname.h upload.h uptime.h who.h
tinymce.o: template.h uname.h upload.h uptime.h who.h ../core/htmlfilter.h
uname.o: uname.h functionbase.h ../core/item.h ../core/db.h ../core/item.h
uname.o: ../core/user.h ../core/group.h ../core/thread.h ../core/error.h
uname.o: ../core/log.h ../core/dircontainer.h ../core/ugcontainer.h
@@ -557,7 +562,7 @@ upload.o: ckeditor.h cp.h createthread.h createticket.h default.h download.h
upload.o: editticket.h emacs.h last.h login.h logout.h ls.h mkdir.h mv.h
upload.o: node.h priv.h reload.h rm.h run.h subject.h funthread.h
upload.o: ../core/thread.h funticket.h ../core/ticket.h template.h tinymce.h
upload.o: uname.h uptime.h who.h
upload.o: uname.h uptime.h who.h ../core/htmlfilter.h
uptime.o: uptime.h functionbase.h ../core/item.h ../core/db.h ../core/item.h
uptime.o: ../core/user.h ../core/group.h ../core/thread.h ../core/error.h
uptime.o: ../core/log.h ../core/dircontainer.h ../core/ugcontainer.h

1
functions/functionbase.h
View File

@@ -63,7 +63,6 @@ protected:
Templates * templates;
Notify * notify;
// std::vector<Ezc::Pattern> pattern_tab;
};

33
functions/functions.cpp
View File

@@ -409,12 +409,41 @@ return with_url;
}
void Functions::ReadItemFilterHtml(Item & item)
{
html_filter.BreakLines(0);
html_filter.TrimWhite(false);
html_filter.InsertTabs(0);
html_filter.CheckOrphans(HTMLFilter::lang_none);
html_filter.SafeMode(true);
html_filter.Filter(request->PostVar("itemcontent"), item.content);
}
void Functions::ReadItemContent(Item & item, const std::string & content_type)
{
bool is_root = request->session->puser && request->session->puser->super_user;
bool filter_html = (content_type == "2") && config->editors_html_safe_mode;
if( filter_html && is_root && config->editors_html_safe_mode_skip_root )
filter_html = false;
if( filter_html )
ReadItemFilterHtml(item);
else
request->PostVar("itemcontent", item.content);
}
void Functions::ReadItemContentWithType(Item & item)
{
item.content_type = Item::ct_formatted_text; // default is formatted text
request->PostVar("itemcontent", request->item.content);
request->PostVar("contenttype", temp);
ReadItemContent(item, temp);
// ct_text and ct_formatted_text can use everyone
if( temp == "0" )

4
functions/functions.h
View File

@@ -45,6 +45,7 @@
#include "upload.h"
#include "uptime.h"
#include "who.h"
#include "core/htmlfilter.h"
class Templates;
@@ -116,6 +117,8 @@ public:
void CheckGetPostTimes(time_t difference = 10);
// !! dac lepsze nazwy
void ReadItemFilterHtml(Item & item);
void ReadItemContent(Item & item, const std::string & content_type);
void ReadItemContentWithType(Item & item);
bool ReadItem(Item & item, Item::Type item_type);
@@ -131,6 +134,7 @@ private:
Notify * notify;
std::string temp;
HTMLFilter html_filter;
void Add(FunctionBase * fun);
void Add(FunctionBase & fun);